The connection and difference between http1.0, http1.1, http2.0, http, https

Others 2021-03-07 02:59:33 views: null

Network protocol

Basic meaning

  • HTTP HyperText Transfer Protocol (HyperText Transfer Protocol), in order to provide a method of publishing and receiving HTML pages, the browser can be more efficient and send information in clear text.
  • HTTPS Hypertext Transfer Protocol over SecureSocket Layer (full name: HyperText Transfer Protocol over SecureSocket Layer) is an HTTP channel with security as the goal. On the basis of HTTP, the security of the transmission process is guaranteed through transmission encryption and identity authentication.

The difference between HTTP and HTTPS

  1. The Https protocol requires a CA to apply for a certificate. Generally, there are relatively few free certificates, so a certain fee is required.
  2. Http is a hypertext transmission protocol, and information is transmitted in plain text; Https is a secure SSL encrypted transmission protocol.
  3. The default port of Http is 80; the default port of Https is 443.
  4. The connection method of the two is also different. Http connection is stateless; Https protocol is a network protocol constructed by SSL+Http protocol for encrypted transmission and identity authentication, which is more secure than Http.

HTTP status code

  • 1XX——Information prompt, the server receives the request and needs the requester to continue the operation;
  • 2XX——Success, the operation was successfully received and processed;
  • 3XX-Relocation, further operations are required to complete the request;
  • 4XX-client error, the request contains syntax errors or the request cannot be completed;
  • 5XX-server error, the server encountered an error in the process of processing the request.

Common status codes:

100: Continue, the client should continue the request;
200: The request is successful;
301: The resource (webpage, etc.) is permanently transferred to another URL;
302: Found — Temporary redirection;
403: Access is forbidden;
404: The requested resource (webpage, etc.) ) Does not exist;
500: Internal server error.

The difference between HTTP 1.0, 1.1, 2.0

  • HTTP1.0: Connection: cloose is used by default. The browser needs to establish a TCP connection with the server for each request. The server will disconnect the TCP connection immediately after processing (no connection). The server does not track each client or record past requests (no status)
  • HTTP1.1: Connection: keep-alive (long connection) is used by default to avoid the overhead of connection establishment and release; the Content-Length field is used to determine whether the currently requested data has been fully accepted. Two parallel responses are not allowed at the same time.
  • HTTP2.0: Introduce the concept of binary data frame and stream, where the frame identifies the data in sequence; because of the sequence, the server can transmit data in parallel.

The main difference between HTTP1.0 and HTTP1.1

  1. Cache processing : Http1.1 adds more cache control strategies (such as: Entity tag, If-Match)
  2. Optimization of network connection : Http1.1 supports resumable transmission
  3. Increase in error status codes : Http1.1 adds 24 error status response codes, and a wealth of error codes makes each status more clear
  4. Host header processing : Http1.1 supports the Host header field, and no longer uses IP as the requester flag
  5. Long connection : Reduce the consumption and delay of establishing and closing the connection.

The main difference between HTTP1.1 and HTTP2.0

  1. Multiplexing : Multiple requests in the Http2.0 protocol are completed concurrently through a TCP connection.
  2. Server push : The Http2.0 server can actively push resources to the client.
  3. New binary format : Http2.0 uses binary format to transmit data. Compared with the text format of Http1.1, the binary format has better parsing and expansibility.
  4. Header compression : Http2.0 compresses the message header, reducing the size of the transmitted data.

How to ensure the security of the specific implementation of HTTPS?

The HTTPS protocol usesSymmetric encryptionwithAsymmetric encryptionThe steps are as follows:
(1) First is the SSL handshake phase, the client sends a data carrying the SSL version and other messages to the server
(2) The server receives the information, and sends asymmetric information according to the corresponding SSL version The encrypted public key is given to the client, and the
private key is kept by itself.
(3) After the client gets the public key, it first verifies the public key and passes the CA certificate.
(4) After the verification is passed, the client will use the public key to encrypt the symmetric encryption key and send the data.
(5) When the server receives the data, it first decrypts it with the private key to obtain the symmetric encryption key, and all subsequent data has the obtained symmetric key for encrypted transmission.

The communication between the HTTPS website server and the browser is encrypted with a symmetric encryption algorithm. In order to allow different browsers to use different symmetric encryption algorithms, the browser needs to negotiate with the server, and the negotiation process is carried out with an asymmetric encryption algorithm. encryption. The asymmetric private key exists in the website server, and the public key is sent to the browser. In order to prevent hackers from tampering with the public key information during the transmission process, the public key is transmitted using a digital certificate. The browser finally decrypts the public key and checks the certificate. Whether it has been modified to ensure its safety.

Why HTTP 1.1 can not achieve multiplexing

HTTP 1.1 is not binary transmission, but transmission through text. Since there is no concept of stream, when using parallel transmission (multiplexing) to transmit data, after receiving the response, the receiving end cannot distinguish multiple responses corresponding to each other. Request, so the results of multiple responses cannot be reassembled, and multiplexing cannot be achieved

Expand knowledge points

HTTPS handshake process

  • The client uses the https url to access the server and requires an SSL connection with the server
  • After the server receives the client's request, it will send a copy of the website's certificate (including the public key) to the client
  • After the client receives the website certificate, it will check the certificate's issuing authority and expiration time, and if there is no problem, it will randomly generate a key
  • The client uses the public key to encrypt the session key and transmits it to the server, and the server uses its private key to decrypt the session key
  • Then the server and the client use the key to encrypt the transmission

The process of a browser parsing a URL in HTTP, what does the browser do in this process

(1) The browser searches the DNS server for the IP address corresponding to the input URL.
(2) The DNS server returns the IP address of the website.
(3) The browser establishes a TCP connection on port 80 with the target web server based on the IP address.
(4) The browser obtains the html code of the requested page.
(5) The browser renders HTML in the display window.
(6) When the window is closed, the browser terminates the connection with the server.

Symmetric encryption and asymmetric encryption

  • Symmetric encryption refers to the way that the same key is used for encryption and decryption. The biggest problem with this method is the key transmission problem, that is, how to safely send the key to the other party;
  • Asymmetric encryption refers to the use of a pair of asymmetric keys, that is, a public key and a private key. The public key can be released at will, but the private key is only known to you. The party sending the ciphertext uses the other party's public key for encryption, and the other party receives the encrypted information and uses its own private key for decryption.

Stateless and connectionless HTTP protocol

no connection:
    The meaning of no connection is to limit each connection to only process one request. After the server has processed the client's request and received the client's response, it will disconnect.
    Each access is connectionless. The server processes the access in the access queue one by one, closes the connection after processing one, and then continues to process the next new task.
no status: The
    HTTP protocol has no memory capacity for transaction processing, and there is no context for requests to the same URL.
    Each request is independent, and its execution and results are not directly related to the previous request and subsequent requests. It will not be directly affected by the previous request response, nor will it directly affect the subsequent request response. .
    The state of the client is not saved in the server, and the client must bring its own state every time to request the server.

Guess you like

Origin blog.csdn.net/PILIpilipala/article/details/114291731
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com