Reading "http authoritative guide"

Reading "http authoritative guide"

Chapter 1th HTTP Overview

1.1 http--Multimedia Messenger of the Internet

1.2 Web client and server

1.3 Resources

1.3.1 Media Type

A MIME type is a text tag that represents a primary object type and a specific subtype, with intermediate

Separated by a slash.

? HTML-Formatted text documents are marked by the text/html type.

? Ordinary ASCII text documents are marked by the Text/plain type.

? The JPEG version of the picture is of type image/jpeg.

? The picture in GIF format is the image/gif type.

? Apple's QuickTime movie is the Video/quicktime type.

? Microsoft's PowerPoint presentation file is of type Application/vnd.ms-powerpoint.

1.3.2 URI

The server resource name is called the Uniform Resource Identifier (Uniform Resource Identifier,uri).

URIs, like postal addresses on the Internet, uniquely identify and locate information resources around the world.

1.3.3 URL

The Uniform Resource Locator (URL) is the most common form of resource identifiers. The URL describes a specific server

To a specific location on a resource.

Most URLs follow a standard format, which consists of three parts.

? The first part of the URL is called Scheme, which describes the type of protocol used to access the resource. This

This is usually the HTTP protocol.

? The second part gives the server's Internet address (for example, www.joes-hardware.com).

? The remainder specifies a resource (for example,/specials/saw-blade.gif) on the Web server.

Now, almost all URIs are URLs.

1.3.4 URN

The second form of a URI is a Uniform Resource name (URN)

The URN is still in the experimental phase and is not yet in wide use. In order to work more effectively, the URN needs a support

structure to parse the location of the resource. The lack of such architectures has also slowed the pace of adoption.

1.4 Business

1.4.1 Method

GET send a named resource from the server to the client

Put stores data from the client to a named server resource

Delete the named resource from the server

Post sends client data to a server gateway application

HEAD only sends the HTTP header in the named resource response

1.4.2 Status Code

OK. Document returned correctly

302 Redirect (redirected). Go to other places to get resources

404 Not Found (found). Unable to find this resource

1.4.3 can contain multiple objects in a Web page

1.5 Messages

An HTTP message is made up of a simple string of rows. HTTP messages are plain text, not binary

System code

The HTTP message consists of the following three parts.

? Start line

The first line of the message is the starting line, which is used in the request message to indicate what to do and in the response message.

What happened to the state.

? Header field

The starting line is followed by 0 or more header fields. Each header field contains a first name and a value for

For easy parsing, separated by a colon (:). The header ends with a blank line. Add a first

The Department field is as simple as adding a new line.

? Subject

The empty line is followed by an optional message body, which contains all types of data. The request body includes

The data to be sent to the Web server, and the data to be returned to the client is loaded in the response body. From

The beginning and the header are both textual and structured, and the body is different, and the body can contain any

Binary data (slices, video, audio tracks, software programs). Of course, the body can also contain

Text.

1.6 Connections

1.6.1 TCP/IP

1.6.2 connection, IP address and port number

1.6.3 using a Telnet instance

1.7 Protocol version

1.8 Structure components of the Web

1.8.1 Agent

1.8.2 Cache

1.8.3 Gateway

1.8.4 Tunnel

1.8.5 Agent

1.9 Concluding remarks of the starting part

1.10 More information

1.10.1 HTTP Protocol Information

1.10.2 Historical Perspective

1.10.3 Other World Wide Web information

2nd Chapter URL and Resources

2.1 Browse Internet Resources

Syntax for 2.2 URLs

2.2.1 Scenario-what protocol to use

2.2.2 Host and Port

2.2.3 User name and password

Http://user:pwd@host:/path

2.2.4 Path

2.2.5 parameters

2.2.6 query string

2.2.7 Fragment

2.3 URL Shortcuts

2.3.1 Relative URL

2.3.2 Automatic extension URL

2.4 Kinds of Headache characters

2.4.1 URL Character Set

2.4.2 Encoding mechanism

%20%25%7e%~

2.4.3 character limit

2.4.4 another point of clarification

2.5 Programme of the World

Http,https,mailto,ftp,rtsp,rtspu,file,news,telnet

2.6 Future Prospects

2.7 More information

Urn

3rd Chapter HTTP Message

3.1 Message Stream

3.1.1 Packets to the source-side server

3.1.2 Message flows downstream

3.2 Components of the message

Syntax for 3.2.1 messages

Get,head,post,put,trace,options,delete

100-101

200-206

300-305

400-415

500-515

3.2.2 Start line

3.2.3 first section

The body part of the 3.2.4 entity

3.2.5 version 0.9 of the message

3.3 Methods

3.3.1 Security methods

3.3.2 GET Head+body

3.3.3 Head Head

3.3.4 PUT

3.3.5 POST

3.3.6 TRACE

3.3.7 OPTIONS

3.3.8 DELETE

3.3.9 extension methods

3.4 Status Code

3.4.1 100 ~ 199--Informational Status Code

3.4.2 200 ~ 299--Success Status Code

3.4.3 300 ~ 399--REDIRECT Status code

3.4.4 400 ~ 499--Client Error Status code

3.4.5 500 ~ 599--Server Error Status code

3.5 first Section

3.5.1 General Header

3.5.2 Request Header

3.5.3 Response Header

3.5.4 Entity Header

3.6 More information

4th Chapter Connection Management

4.1 TCP Connections

4.1.1 Reliable data Pipelines for TCP

4.1.2 TCP streams are fragmented and routed by IP packets

4.1.3 Keep the TCP connection running correctly

4.1.4 Programming with TCP sockets

4.2 Considerations for TCP Performance

4.2.1 Latency for HTTP transactions

4.2.2 Performance Focus Area

4.2.3 Handshake time delay for TCP connections

4.2.4 Delay Confirmation

4.2.5 TCP Slow start

4.2.6 Nagle Algorithm and Tcp_nodelay

4.2.7 time_wait accumulation and port exhaustion

4.3 Handling of HTTP connections

4.3.1 often misunderstood connection header

4.3.2 Serial transaction processing time delay

Parallel connections

Persistent connections

pipelined connections

Multiplexing connections

4.4 Parallel connections

4.4.1 Parallel connections may increase page loading speed

4.4.2 parallel connections are not necessarily faster

4.4.3 Parallel connections may make people "feel" faster

4.5 Persistent connections

4.5.1 Persistent and parallel connections

4.5.2 http/1.0+ keep-alive Connection

4.5.3 keep-alive operation

4.5.4 keep-alive Options

4.5.5 restrictions and rules for keep-alive connections

4.5.6 keep-alive and dummy agent

4.5.7 inserting proxy-connection

4.5.8 http/1.1 Persistent Connection

4.5.9 restrictions and rules for persistent connections

4.6 Piping Connection

4.7 The mystery of closing the connection

4.7.1 "Any" to remove the connection

4.7.2 content-length and intercept operation

4.7.3 connection Close tolerance, retry, and idempotent

4.7.4 Normal shutdown connection

4.8 More information

4.8.1 HTTP Connection

4.8.2 HTTP Performance Issues

4.8.3 TCP/IP

Part Two HTTP structure

5th Chapter WEB Server

5.1 Web servers in various shapes and sizes

Implementation of 5.1.1 Web server

5.1.2 Universal Software Web server

5.1.3 Web Server Devices

5.1.4 Embedded Web server

5.2 The smallest Perl Web server

5.3 What the actual Web server will do

5.4 First Step-Accept client Connection

5.4.1 Processing New connections

5.4.2 Client Host name recognition

5.4.3 determining client users by ident

5.5 Second Step-Receive request message

Internal representation of 5.5.1 messages

Input/output processing structure for 5.5.2 connections

5.6 Step three-processing requests

5.7 Fourth Step-mapping and access to resources

5.7.1 Docroot

5.7.2 Directory List

5.7.3 mapping of dynamic content resources

5.7.4 server-side include items

5.7.5 access Control

5.8 Fifth Step-build response

5.8.1 Response Entity

5.8.2 MIME Type

5.8.3 redirection

5.9 Sixth Step-send response

5.10 Seventh Step--record log

5.11 More information

6th Chapter Agent

6.1 Intermediate entities of the WEB

6.1.1 Private and shared proxies

6.1.2 Proxy vs. gateway

6.2 Why use a proxy

6.3 Where will the agent go

6.3.1 Deployment of proxy servers

6.3.2 Hierarchy of agents

How the 6.3.3 agent gets the traffic

6.4 Proxy settings for clients

Agent configuration for 6.4.1 clients: manual configuration

6.4.2 Client Agent configuration: PAC file

6.4.3 Client Agent configuration: WPAD

6.5 Some tricky issues related to proxy requests

6.5.1 proxy URI differs from server Uri

6.5.2 the same problem as a virtual host

6.5.3 Intercept Agent will receive a partial URI

The 6.5.4 agent can handle either proxy requests or server requests

6.5.5 modification of URIs during forwarding

Client Auto-scaling and hostname resolution for 6.5.6 URIs

6.5.7 parsing of URIs when there is no proxy

Parsing of URIs when 6.5.8 has explicit proxy

Parsing of URIs when 6.5.9 has interception agent

6.6 Tracking messages

6.6.1 Via Header

6.6.2 TRACE method

6.7 Agent Certification

6.8 Interoperability of agents

Headers and methods not supported by the 6.8.1 processing agent

6.8.2 Options: Discover support for optional features

6.8.3 Allow header

6.9 More information

7th Chapter Cache

7.1 Redundant data transfer

7.2 Bandwidth Bottlenecks

7.3 Instantaneous congestion

7.4 Distance delay

7.5 Hits and misses

7.5.1 Re-verification

7.5.2 hit rate

7.5.3-byte hit ratio

7.5.4 to differentiate between hit and miss scenarios

7.6 Topology of the cache

7.6.1 Private Cache

7.6.2 Public Proxy Cache

7.6.3 Hierarchy of proxy caches

7.6.4 mesh cache, content routing, and peer caching

7.7 Process steps for caching

7.7.1 first Step-Receive

7.7.2 Second Step--analysis

7.7.3 Step three--find

7.7.4 Fourth Step-freshness detection

7.7.5 Fifth Step-Create response

7.7.6 The sixth step--Send

7.7.7 Seventh Step--Log

7.7.8 Cache processing Flowchart

7.8 Keep the Copy fresh

7.8.1 Document Expiration

7.8.2 expiration date and usage period

7.8.3 Server re-authentication

7.8.4 using conditional method for re-verification

7.8.5 If-modified-since:date re-verification

7.8.6 If-none-match: Entity label re-authentication

7.8.7 Strength Authenticator

7.8.8 when should I use the entity label and the last modified date?

7.9 Ability to control caching

7.9.1 No-store and No-cache response header

7.9.2 Max-age Response Header

7.9.3 Expires Response Header

7.9.4 Must-revalidate Response Header

7.9.5 Tentative Expiration

7.9.6 Freshness limits for clients

7.9.7 Precautions

7.10 Setting Cache control

7.10.1 Control Apache HTTP Header

7.10.2 controlling HTML caching via HTTP-EQUIV

7.11 Detailed algorithm

7.11.1 Lifetime and freshness

Calculation of 7.11.2 usage period

7.11.3 full use-time calculation algorithm

7.11.4 Freshness Lifetime calculation

7.11.5 Full server-freshness algorithm

7.12 Caching and advertising

7.12.1 the dilemma of advertising publishers

7.12.2 the publisher's response

7.12.3 Log Migration

7.12.4 hit count and usage limits

7.13 More information

8th Integration Point: gateways, tunnels, and relays

8.1 Gateways

8.2 Protocol Gateway

8.2.1 http/*: Server-side web Gateway

8.2.2 Http/https: Server-side Security gateway

8.2.3 Https/http Client Security Accelerator Gateway

8.3 Resource Gateway

8.3.1 CGI

8.3.2 Server Extensions API

8.4 Application interfaces and Web services

8.5 Tunnels

8.5.1 using connect to create an HTTP tunnel

8.5.2 data tunneling, timing and connection management

8.5.3 SSL Tunnel

8.5.4 SSL Tunnels vs. Http/https Gateways

8.5.5 Tunnel Certification

Safety Considerations for 8.5.6 Tunnels

8.6 Trunks

8.7 More information

9th Chapter WEB Robot

9.1 Reptiles and Crawling methods

Where to start 9.1.1: the root set

Extraction of 9.1.2 links and standardization of relative links

9.1.3 avoid the appearance of loops

9.1.4 Cycle and Replication

9.1.5 Traces of bread crumbs

9.1.6 Aliases and Robot loops

9.1.7 Normalize URLs

9.1.8 File System Connection loops

9.1.9 Dynamic Virtual Web space

9.1.10 Avoid loops and repetitions

9.2 The HTTP of the robot

9.2.1 Recognition Request Header

9.2.2 Virtual Host

9.2.3 Conditional Request

9.2.4 Handling of responses

9.2.5 user-agent Guide

9.3 Robot with improper behavior

9.4 Deny bot access

9.4.1 deny bot access standard

9.4.2 Web sites and robots.txt files

9.4.3 Format of robots.txt file

9.4.4 other knowledge about robots.txt

Expiration of 9.4.5 cache and robots.txt

9.4.6 perl code that denies bot access

Robot-control meta tags for 9.4.7 HTML

9.5 Specifications of the robot

9.6 Search Engines

9.6.1 Large pattern

9.6.2 Modern search engine structure

9.6.3 Full-Text index

9.6.4 Publishing a query request

9.6.5 to sort results and provide query results

9.6.6 fraud

9.7 More information

10th Chapter Http-ng

10.1 Problems in the development of HTTP

Activities of the 10.2 http-ng

10.3 Modular and functional enhancements

10.4 Distributed Objects

10.5 First Layer--message transmission

10.6 Second Layer--Remote call

10.7 Third Layer--web application

10.8 Webmux

10.9 Binary Connection Protocol

10.10 Current status

10.11 More information

Part III identification, authentication and security

11th. Client identification and cookie mechanism

11.1 Sexual contacts

11.2 HTTP Header

11.3 Client IP Address

11.4 User Login

11.5 Fat URL

11.6 Cookies

11.6.1 Types of cookies

How the 11.6.2 cookie works

11.6.3 cookie jar: status of the client

11.6.4 use different cookies for different sites

11.6.5 Cookie Ingredient

11.6.6 Cookies version 0 (Netscape)

11.6.7 Cookies version 1 (RFC 2965)

11.6.8 Cookie Session Tracking

11.6.9 Cookies and caches

11.6.10 cookies, security, and privacy

11.7 More information

The 12th Chapter Basic authentication mechanism

12.1 Certifications

12.1.1 HTTP Challenge/Response authentication Framework

12.1.2 authentication protocol and header

12.1.3 Security Domain

12.2 Basic Certifications

12.2.1 Basic Authentication Example

12.2.2 Base-64 user name/password code

12.2.3 Agent Certification

12.3 Basic certifications for security flaws

12.4 More information

13th Chapter Summary Certification

13.1 Summary Certification Improvements

13.1.1 Password protection with digest

13.1.2 One-way summary

13.1.3 to prevent replay attacks with random numbers

The handshake mechanism of 13.1.4 Digest authentication

13.2 Calculation of Abstracts

Input data of 13.2.1 Digest algorithm

13.2.2 algorithm H (d) and KD (s,d)

13.2.3 Security-related data (A1)

13.2.4 data related to the message (A2)

13.2.5 Summary Algorithm Overview

13.2.6 Digest Authentication session

13.2.7 Pre-authorization

Selection of 13.2.8 random numbers

13.2.9 Symmetric certification

13.3 Enhanced protection quality

13.3.1 Message Integrity Protection

13.3.2 Summary Certification Header

13.4 practical issues to be considered

13.4.1 Multiple Questions

13.4.2 Error Handling

13.4.3 Protective Space

13.4.4 overriding URIs

13.4.5 Cache

13.5 Security Considerations

13.5.1 First Tamper

13.5.2 Replay attack

13.5.3 Multi-authentication mechanism

13.5.4 Dictionary Attack

13.5.5 malicious agent attacks and intermediate attacks.

13.5.6 Select plaintext attack

13.5.7 Storing passwords

13.6 More information

14th. Secure HTTP

14.1 Security for HTTP protection

14.2 Digital Encryption

The mechanism and skill of 14.2.1 cipher establishment

14.2.2 Password

14.2.3 Password Machine

14.2.4 password used for the key

14.2.5 Digital Password

14.3 Symmetric key Encryption technology

14.3.1 key length and enumeration attacks

14.3.2 establishing a shared key

14.4 Public Key Encryption technology

14.4.1 RSA

14.4.2 Hybrid encryption system and session key

14.5 Digital Signatures

14.6 Digital certificates

Main contents of 14.6.1 certificate

14.6.2 v3 Certificate

14.6.3 authenticating the server with a certificate

14.7 https--Detail Introduction

14.7.1 HTTPS Overview

14.7.2 HTTPS Scenario

14.7.3 Establishing Secure transport

14.7.4 SSL Handshake

14.7.5 Server Certificate

14.7.6 the validity of a site certificate

14.7.7 Virtual Host and certificate

14.8 HTTPS Client Instance

14.8.1 OpenSSL

14.8.2 Simple HTTPS Client

14.8.3 Executing the OpenSSL client

14.9 transport of secure traffic through a proxy in tunnel form

14.10 More information

14.10.1 HTTP Security

14.10.2 SSL and TLS

14.10.3 Public Key Infrastructure

14.10.4 Digital Password

Part IV entity, coding and internationalization

Chapter 15th Entities and codes

15.1 messages are boxes, entities are goods

15.2 content-length: Size of the entity

15.2.1 detection Intercept

15.2.2 the wrong content-length

15.2.3 Content-length with persistent connections

15.2.4 content Encoding

15.2.5 rules for determining the length of an entity body

15.3 Entity Summary

15.4 Media type and character set

15.4.1 character encoding for text

15.4.2 + Media types

15.4. More than 3 sub-forms submitted

15.4.4 + Range Response

15.5 content Encoding

15.5.1 content Encoding Process

15.5.2 content Encoding Type

15.5.3 accept-encoding Header

15.6 transfer encoding and chunked encoding

15.6.1 Reliable Transmission

15.6.2 transfer-encoding Header

15.6.3 chunked Coding

The combination of 15.6.4 content encoding and transmission coding

Rules for 15.6.5 transmission encoding

15.7 Examples of changes over time

15.8 Verification Code and freshness

Freshness of 15.8.1

15.8.2 conditional request and Verification code

15.9 Range Request

15.10 Differential encoding

15.11 More information

16th Chapter Internationalization

16.1 HTTP support for international content

16.2 Character Set and HTTP

The 16.2.1 character set is the encoding that converts a character to a binary code

How 16.2.2 character set and encoding works

16.2.3 character set is wrong, character is wrong

16.2.4 normalized MIME CharSet value

16.2.5 Content-type First and CharSet header and meta logo

16.2.6 Accept-charset Header

16.3 Getting started with multi-language character encodings

16.3.1 Character Set terminology

The name of the 16.3.2 character set is bad

16.3.3 characters

16.3.4, pens, and representations

16.3.5 encoded Character Set

16.3.6 character encoding scheme

16.4 Language Tags with http

16.4.1 Content-language Header

16.4.2 Accept-language Header

16.4.3 Types of Language tags

16.4.4 Child Tags

16.4.5 Uppercase and lowercase

16.4.6 IANA Language Tag Registration

16.4.7 first child tag--namespaces

16.4.8 second child tag--namespaces

16.4.9 remaining child tags--namespaces

16.4.10 Configuration and language-related preferences

16.4.11 Language Tag Reference table

16.5 internationalization of the URI

16.5.1 global ability to compete with meaningful characters in copied

16.5.2 URI Character Set collection

16.5.3 Escape and reversal semantics

16.5.4 escaping internationalized characters

Modal switching in the 16.5.5 URI

16.6 Other places to consider

16.6.1 First and non-canonical data

16.6.2 Date

16.6.3 Domain Name

16.7 More information

16.7.1 Appendix

16.7.2 the internationalization of the Internet

16.7.3 International Standard

17th Chapter Content Negotiation and transcoding

17.1 Content Negotiation Technology

17.2 Client-driven negotiation

17.3 Server-Driven negotiation

17.3.1 Content Negotiation Header Set

17.3.2 quality values in the content negotiation header

17.3.3 changes with other header sets

17.3.4 content Negotiation in Apache

17.3.5 Server-side extensions

17.4 Transparent Negotiation

17.4.1 Cache and Standby candidates

17.4.2 Vary Header

17.5 transcoding

17.5.1 format Conversion

17.5.2 Information synthesis

17.5.3 Content Injection

Comparison between 17.5.4 transcoding and static pre-generation

17.6 Next Plan

17.7 More information

Part V Content Publishing and distribution

18th Chapter Web Hosting

18.1 Hosting Services

18.2 Virtual Hosting

18.2.1 Virtual Server request lacks host information

18.2.2 trying to get virtual hosting to work properly

18.2.3 http/1.1 's host header

18.3 making your website more reliable

18.3.1 a mirrored server cluster

18.3.2 Content Distribution Network

Reverse proxy cache in 18.3.3 CDN

Proxy caching in 18.3.4 CDN

18.4 Make your website faster

18.5 More information

19th Chapter Release System

19.1 FrontPage Server Extensions for publishing support

19.1.1 FrontPage Server Extensions

19.1.2 FrontPage Glossary

19.1.3 the RPC protocol for FrontPage

19.1.4 FrontPage's security model

19.2 WebDAV and collaborative writing

19.2.1 Methods for WebDAV

19.2.2 WebDAV and XML

19.2.3 WebDAV Header Set

19.2.4 WebDAV Lock and prevent overwrite

19.2.5 LOCK method

19.2.6 UNLOCK method

19.2.7 Properties and Meta data

19.2.8 PROPFIND method

19.2.9 PROPPATCH method

19.2.10 Collection and Namespace management

19.2.11 Mkcol Method

19.2.12 DELETE method

19.2.13 COPY and Move methods

19.2.14 Enhanced http/1.1 method

Version Management in 19.2.15 WebDAV

The future development of 19.2.16 WebDAV

19.3 More information

20th Redirect and load Balancing

20.1 Why to redirect

20.2 Redirect to Where

20.3 Redirection Protocol Overview

20.4 Common redirection methods

20.4.1 HTTP Redirection

20.4.2 DNS Redirection

20.4.3 anycast Addressing

20.4.4 IP MAC Forwarding

20.4.5 IP Address forwarding

20.4.6 Network Element Control protocol

20.5 redirection methods for proxies

20.5.1 Explicit Browser configuration

20.5.2 Proxy Auto-configuration

20.5.3 Web Proxy Autodiscover protocol

20.6 Caching redirection methods

20.7 Internet Cache Protocol

20.8 Cache Array Routing protocol

20.9 Hypertext Caching Protocol

20.9.1 HTCP Certification

20.9.2 Setting the cache policy

20.10 More information

21st. Log records and usage tracking

21.1 Recording Content

21.2 Log Format

21.2.1 Common Log formats

21.2.2 Combined log Format

21.2.3 Netscape Extended Log format

21.2.4 Netscape Extended 2nd log format

21.2.5 SQUID Agent Log format

21.3 Hit Rate measurement

21.3.1 Overview

21.3.2 Meter Header

21.4 Consideration of privacy

21.5 More information

Part VI Appendix

Appendix A URI scheme

Appendix B HTTP Status Codes

Appendix C HTTP Header Reference

Appendix D MIME Types

Appendix E Base-64 Encoding

Appendix F Summary Certification

Appendix G Language Tags

Appendix H MIME Character Set registry

Index

Reading "http authoritative guide"