Detailed introduction http
HTTP protocol is the abbreviation of Hyper Text Transfer Protocol (Hyper Text Transfer Protocol), which is a transfer protocol used to transfer hypertext from a World Wide Web (WWW: World Wide Web)
server to a local browser. Click here to understand the difference between http 1.0 vs 2.0. In the OSI seven-layer model, the HTTP protocol is located in the top application layer. The HTTP protocol is used directly when accessing web pages through a browser. When using the HTTP protocol, the client first establishes a TCP connection with port 80 on the server, and then requests and answers, and exchanges data based on this connection.
There are two commonly used versions of HTTP, HTTP1.0 and HTTP1.1. The main difference is that each request and response in HTTP1.0 will use a new TCP connection, and starting from HTTP1.1, it runs on a TCP connection to send multiple commands and responses. Therefore, the establishment and disconnection of TCP connections are greatly reduced, and efficiency is improved.
Features
Simple and fast: When a client requests a service from the
server, it only needs to transmit the request method and path. Commonly used request methods are GET, HEAD, and POST. Each method provides a different type of contact between the client and the
server. Because the HTTP protocol is simple, the program size of the HTTP
server is small, and the communication speed is very fast.
Flexible: HTTP allows the transmission of any type of data object. The type being transmitted is marked by Content-Type.
No connection: The meaning of no connection is to limit each connection to only process one request. After the server has processed the client's request and received the client's response, it will disconnect. This way can save transmission time.
Stateless: The HTTP protocol is a stateless protocol. Statelessness means that the protocol has no memory capacity for transaction processing. The lack of status means that if the previous information is needed for subsequent processing, it must be retransmitted, which may result in an increase in the amount of data transmitted per connection. On the other hand, the server responds faster when it does not need previous information.
Support B/S and C/S mode.
Request message Request
The request line is used to indicate the type of request, the resource to be accessed, and the HTTP version used.
The request header, the part immediately after the request line (that is, the first line), is used to describe the additional information to be used by the
server from the second line as the request header, and HOST will indicate the destination of the request. User-Agent, server Both client and client scripts can access it. It is an important basis for browser type detection logic. This information is defined by your browser and is automatically sent in each request, etc.
Blank line, the blank line after the request header is required
The request data is also called the subject, and any other data can be added.
Response message
The status line is composed of three parts: HTTP protocol version number, status code, and status message.
Message header, used to describe some additional information to be used by the client
Blank line, the blank line after the message header is required
The response body is the text message that the
server returns to the client.
status code
200 OK //The client request is successful
301 Moved Permanently //Permanent redirect, use domain name to redirect
302 Found // Temporary redirect, users who have not logged in visit the user center and redirect to the login page
400 Bad Request //The client request has a syntax error and cannot be understood by the
server
401 Unauthorized //The request is unauthorized. This status code must be used with the WWW-Authenticate header field
403 Forbidden //The server received the request, but refused to provide service
404 Not Found //The requested resource does not exist, eg: the wrong URL is entered
500 Internal Server Error //An unexpected error occurred on the
server
503 Server Unavailable //The server is currently unable to process the client's request and may return to normal after a period of time
http method
get: The client initiates a request to the server to obtain resources. Request the resource at the URL.
post: Submit a new request field to the server. Add new data after requesting the resource of the URL.
head: request to get the response report of the URL resource, that is, get the head of the URL resource
patch: request to partially modify the data item of the resource where the URL is located
put: Request to modify the data element of the resource where the URL is located.
delete: request to delete the data of the url resource
How does https ensure the security of data transmission
https actually adds SSL/TLS between the TCP layer and the http layer to protect the security of the upper layer. It mainly uses symmetric encryption, asymmetric encryption, certificates, and other technologies to encrypt data between the client and the server, and finally achieve Ensure the security of the entire communication. Click here to understand the 9 questions of https.
SSL/TLS protocol function:
Authenticate users and servers to ensure that data is sent to the correct client and server;
Encrypt data to prevent data from being stolen in the middle;
Maintain the integrity of the data and ensure that the data is not changed during transmission.
What is the Http protocol?
The request message includes three parts:
(1). Request line: contains request method, URI, HTTP version protocol
(2). Request header field
(3). Request content entity
The response message contains three parts:
(1). Status line: contains HTTP version, status code, status code reason phrase
(2). Response header field
(3). Response content entity
Idempotent
The characteristic of an idempotent operation is that the impact of any number of executions is the same as that of one execution. Idempotent functions, or idempotent methods, are functions that can be executed repeatedly with the same parameters and obtain the same results. These functions will not affect the state of the system, and there is no need to worry that repeated execution will cause changes to the system. For example, the "getUsername() and setTrue()" functions are an idempotent function.
Long connection
1. Long connection based on http protocol
Both the HTTP1.0 and HTTP1.1 protocols have support for long connections. Among them, HTTP1.0 needs to add "Connection: keep-alive" header to the request to be able to support it, while HTTP1.1 supports it by default.
The interaction process between http1.0 request and server:
The client sends a request with a header: "Connection: keep-alive"
After the server receives this request, it judges that this is a long connection based on http1.0 and "Connection: keep-alive", it will also add "Connection: keep-alive" in the header of the response, and it will not be closed at the same time Established tcp connection.
After the client receives the response from the server and finds that it contains "Connection: keep-alive", it is considered a long connection and the connection is not closed. And use the connection to send the request. Go to a), click here to understand the difference between http 1.0 vs 2.0.
2. Send a heartbeat packet. Send a data packet every few seconds
What is the difference between Http1.0 and 1.1 in the Http protocol?
In http1.0, when the connection is established, the client sends a request, and the server returns a message and then closes the connection. When the browser requests the next time, the connection will be established again. Obviously, this continuous connection establishment method will Cause many problems.
Principle mechanism of Http protocol implementation
(2) Domain name resolution process:
(3). Three-way handshake process
(4). Initiate Http request
(5). Respond to Http request and get HTML code
(6). The browser parses the HTML code
(7). The browser renders the page to the user
Whether the cookie will be overwritten and whether the localStorage will be overwritten
Cookies can be overwritten. If you write a cookie with the same name repeatedly, the previous cookie will be overwritten
If you want to delete a cookie, you only need to create a new cookie with the same name, set maxAge to 0, and add it to the response to overwrite the original cookie. Note that it is 0 and not a negative number. Negative numbers represent other meanings.
localStorage is stored in an object. There are key-value pairs
What is localStorage? In HTML5, a new localStorage feature is added. This feature is mainly used as a local storage to solve the problem of insufficient cookie storage space (the storage space of each cookie in the cookie is 4k), localStorage The general browser in China supports 5M size, this localStorage will be different in different browsers.
Advantages of localStorage
1. LocalStorage expands the 4K limit of cookies
2. LocalStorage can directly store the data requested for the first time locally. This is equivalent to a 5M database for front-end pages. Compared with cookies, it can save bandwidth, but this is only available in higher version browsers. Supported by Zhongcai
Limitations of localStorage
1. The size of the browser is not uniform, and only IE versions above IE8 support the attribute localStorage
2. All current browsers limit the value type of localStorage to string type. This requires some conversion for our daily common JSON object type
3. localStorage is not readable in the privacy mode of the browser
4. LocalStorage is essentially a reading of strings. If there is a lot of storage content, it will consume memory space and cause the page to become stuck.
5. localStorage cannot be crawled by crawlers
The only difference between localStorage and sessionStorage is that localStorage belongs to permanent storage, while sessionStorage belongs to when the session ends, the key-value pairs in sessionStorage will be emptied
