Talk about HTTP Request and HTTP Response

Talk about HTTP Request and HTTP Response

Write in front of the Words: recently help friends to get the mall, for the basic development, basically is a variety of post, get, sometimes the server to our server post, get data, Sometimes we need our own server to the server various post, get, between the data through JSON or XML transfer. To summarize the HTTP related request and Response today, start with the following questions.

====== Body begins ========

1. What is HTTP Request with HTTP Response?

We usually open the browser, enter the url, click the Enter button, and then we want the page will be present in front of us, but how this process is achieved?

In simple terms, this is:

(1) when we press the Enter button, the browser will send a message to the server where the URL is located , this process is called HTTP request,request name incredibles, is the browser to make a request to the server .

(2) when the server receives the message sent by the browser, it can handle the content of the message according to the browser, and then send the message back to the Browser. This process is called the HTTP response,response name incredibles, is the server request for browser requests, the corresponding Response.

(3) when the browser receives the response information from the server, it will process the information accordingly and show it to Us.

The above three processes, in fact, is a dialogue between two programs , or a conversation between two processes, one of which is the browser, called the client or the customer, to send the request Another program is a Web server, which can be Apache and so on, to make the appropriate response for the User's request, called the server side or Servers.

　　In addition to being a browser, the client can also be our own program, so we need to write the code in the program to do the Above: send request--> receive response information--analysis response information, Processing.

Note Here: for example, we have built a website, we need to interact with Third-party Web servers such as servers, if it is our own website to send request to the server, the server returns response information, then our site is the client, and the server is the service side , if the server sends resquest to our website and our server responds to the response server, then our website is the server side, and the server is the Client. in short, It is the communication between the two processes .

Understanding the above process, then another problem arises, the client and the server to transfer data, how the other party can identify the information transmitted between each other? Then you need to transfer information between each other to follow certain specifications, This is the http protocol, so called http request and http Response.

The HTTP protocol is all called Hyper Text Transfer Protocol, So far there are three versions: http/0.9,http/1.0,http/1.1, the details are not said, interested can look at the history of the HTTP Protocol. What we need to focus on here is that both the client and server side follow the HTTP protocol for request and response, and if we want to analyze the data, it is necessary to know what the data format of communication between each other, and see the following Question.

2. HTTP Request and HTTP response data format?

(1) HTTP Request Data format

Mainly consists of three parts:

1) HTTP Request Method,uri,protocol Version

This section is located on the first line of the HTTP request and contains the HTTP request Method,uri,protocol version three parts, such as "get/test.html http/1.1", which represents the HTTP Request method is a Get method with the Uri/test.htlm,http protocol version number 1.1.

2) HTTP Request Headers:

This section is the header information for request, which contains information such as encoded information, requesting client type, and so On.

3) HTTP Request Body:

This section contains the principal information for the request, separated by a line from the HTTP request header.

(2) HTTP Response Data format

Similar to the HTTP request data format, It also contains three pieces of Information.

1) Protocol/version,status code,description

2) HTTP Response Headers

3) HTTP Response Body

You can use Chrome browser to view by F12, or you can use curl or Wireshak to view, you can write your own program to get the information to see, and then the HTTP request and HTTP response data format to understand, the impression will be deeper.

3. Why do we need a session?

The client communicates with the server via HTTP request and HTTP response, and data is parsed according to the HTTP request and HTTP response data formats, But there is also the problem that HTTP is a stateless protocol (stateless protocol), that is, each time the client to the server request, the server side will be considered a new request, unable to record the Client's information, this situation will cause a lot of problems, such as we landed in a website, if we need to access other pages, we click the link after , the server will be considered a new user, if the page needs to verify the user information, then the client needs to re-enter the login information, causing a lot of problems.

How to solve this problem? is through the Session.

Server-side for access to the client, will generate the Client's unique information, stored in the session, the session is located in the server, can be saved in the Server's memory, can also be saved in the file system, can also be saved in the server database, for session management, is also worth pondering one thing.

Having a session is not enough, because each client accessed is a new request, so it is necessary to include the Client's information in the request information before it can be compared with the server-side session to determine if it is the same client. So we need session Tracking to correctly identify the Client.

4, how to carry out session Tracking?

The information in the request contains information about the client, and there are three main ways:

1) Cookies
Stored on the client side, each cookie is associated with a unique sessionid, and when the client sends the request, the message is sent over, and the server is able to match the information in the session with the Cookie. To determine whether the Client's request was first requested;

The cookie contains the expiration time information, if the cookie expires, then the server will be considered the first request, which requires the user login;

Cookies can also contain other sensitive information, and stored in the client, so it may be a risk, think about it, after all, tasted a small sweetness, nature to bear a certain risk;

In order to avoid the risk of cookies, many browsers can prohibit cookies;

When a cookie is banned, some websites will not be able to log in, such as a blog park, which cannot be logged in if a cookie is banned in the Browser.

2) URL Rewriting

For the client to disable cookies, if you want to be able to identify the request, then you can use the URL rewriting method, the URL will contain a piece of information, this information can be the corresponding session only corresponding to the This way, when the URL is uploaded to the server, a specific session can be Judged. With URL rewriting, There is no need to store cookies on the client, and the information associated with a particular session is transmitted directly to and from the Url.

For the use of URL rewriting method, if we save a URL as a label, then open the label later, will prompt the session expires, because the session has a certain time period, expires, the server side will delete the corresponding session information to save Resources.

3) use the form label of the hidden type

In addition to the above two methods, you can also pass the hidden type of form label, such as <input type= "hidden" .../> There are two drawbacks to this approach: one is that we can see some information through HTML source code, even some sensitive information second, in order to distinguish between different users, the method can only be used in Dynamic Web pages, for pure html, there is no way.

Talk about HTTP Request and HTTP Response