The difference between HTTP and HTTPS

HTTP (hypettext Transfer Protocol) Hypertext Transfer Protocol is based on the TCP/IP communication protocol to transfer data, HTTP uses a Uniform Resource Identifier (URI) to transfer data and establish a connection. HTTP has three things to note

1.HTTP is no connection: the meaning of no connection is to limit the processing of only one request per connection. When the server finishes processing the available requests and is answered by the customer, the connection is disconnected. This method can save time.

2.HTTP is media Independent: This means that any type of data can be sent over HTTP as long as the client and server know how to handle the data content. The client and server specify that the appropriate Mime-type content type be used.

3.HTTP is stateless: stateless means that the protocol has no memory function for dealing with things. A lack of state means that if the previous information is required for subsequent processing, he must retransmit it, which may result in an increase in the amount of data sent per connection. On the other hand, when the server does not need the previous information, he responds more quickly.

The client sends the request:

1. Request line (Request method, URL, protocol version,)

2. Request header (header field Name: Value, header field Name: Value)

3. Blank Line

4. Request data

Server Response Message

1. Status line (http/1.1 OK)

2. Message header (date:sat,31 DEC 2005 23:59:59 GMT

content-type:text/html; Charset=iso-8859-1

content-length:122)

3. Blank line ()

4. Response Body (

There are eight methods of HTTP

1.GET: Requests the specified page information and returns the entity body.

2.HEAD: Similar to a GET request, except that there is no specific content in the returned response to get the header

3.POST: Submits data to the specified resource for processing requests (such as submitting a form or uploading a file). The data is included in the request body. A POST request may result in the creation of new resources and/or modification of existing resources.

4.PUT: Supersedes the contents of the specified document from the data that the client transmits to the server.

5.DELETE: The requested server deletes the specified page.

The 6.connect:http/1.1 protocol is reserved for proxy servers that can change connections to pipelines.

7.OPTIONS: Allows clients to view server performance.

8.TRACE: Echo the request received by the server, primarily for testing or diagnostics.

HTTP status Code

The HTTP status code consists of three decimal digits, the first decimal number defines the type of the status code, and the latter two numbers do not have a function of classification. There are 5 types of HTTP status codes:

1**: Information, the server receives the request, requires the requestor to continue to perform the operation

2**: Successful, operation is successfully received and processed

3**: Redirect, requires further action to complete the request

4**: Client error, request contains syntax error or cannot complete request

5**: Server error, the server has an error while processing the request

HTTPS (hypertext Transfer Protocol Secure) Hypertext Transfer Security protocol is a network secure transport protocol. The HTTP protocol transmits data unencrypted, which is plaintext, so it is very insecure to use the HTTP protocol to transmit private information. HTTP uses port 80 and HTTPS uses 443 ports. HTTPS communicates through the Hypertext Transfer Protocol (HTTP), but encrypts the packets using SSL/TLS.

The main purpose of HTTPS development is to provide authentication to the network server to ensure the privacy and integrity of the exchanged data. The agreement was proposed by Netscape.

The difference between HTTPS and the HTTP protocol:

1.HTTPS requires a CA to apply for a certificate, a general free certificate is very small and needs to be delivered.

2.HTTP is a Hypertext Transfer Protocol, the information is plaintext transmission, HTTPS is a secure SSL encryption Transfer protocol.

3.http and HTTPS use a completely different way of connecting the port is not the same, the former is 80, the latter is 443.

The 4.http connection is simple and stateless.

The 5.HTTPS protocol is a network protocol built by the SSL+HTTP protocol for encrypted transmission and authentication, which is more secure than the HTTP protocol.

Asymmetric encryption, symmetric encryption, and hash algorithms are used in TLS/SSL. A specific description of the handshake process is as follows:

1. The browser sends a set of encryption rules that it supports to the Web site.

2. The website selects a set of encryption algorithm and hash algorithm, and sends its own identity information to the server in the form of certificate, which contains the website address, the encryption public key, and the certificate authority and so on information.

3. After the browser obtains the website certificate, the browser will do the following work

A: Verifying the legality of a certificate

B: If the certificate is trusted, or if the user accepts an untrusted certificate, the browser generates a random number of passwords and encrypts them with the public key provided in the certificate.

C: Use the agreed hash algorithm to calculate the handshake message, and use the generated random number to encrypt the message, and finally send all the previously generated information to the Web site.

4. After the website receives the data from the browser to do the following actions

A: Use your private key to decrypt the information, remove the password, use the password to decrypt the browser's handshake message, and verify that the hash is consistent with the browser

B: Encrypt a handshake message with a password and send it to the server

5. The browser decrypts and calculates the hash of the handshake message, if it is consistent with the hash of the server, at which point the handshake process ends, and all the communication data will be encrypted by the random password generated by the previous browser and using the symmetric encryption algorithm

Symmetric encryption algorithm: AES,RC4,3DE8

Asymmetric Encryption algorithm: RSA,DSA/DSS

Hash algorithm: md5,sha1,sha256

The difference between HTTP and HTTPS