1. Introduction to HTTP
1. http protocol introduction
- The HTTP protocol (HyperText Transfer Protocol, Hypertext Transfer Protocol) is the most widely used network transmission protocol on the Internet, and all WWW files must comply with this standard.
- HTTP is based on the TCP/IP communication protocol to transfer data (HTML files, image files, query results, etc.)
- The HTTP protocol is usually carried on top of the TCP protocol, and sometimes on the TLS or SSL protocol layer. At this time, it becomes what we often call HTTPS. As shown below
- HTTP is an application layer protocol consisting of requests and responses, and is a standard client-server model. HTTP is a stateless protocol.
- The default port number for HTTP is 80, and the port number for HTTPS is 443.
2. http protocol workflow
An HTTP operation is called a transaction, and its working process is roughly as follows:
- The user types in the URL of the webpage to be accessed in the browser or clicks a link in a webpage;
- The browser resolves the IP address of the target web page through DNS according to the domain name in the URL;
浏览器请求这个页面:http://hackr.ip/index.html
在这一步,需要域名系统DNS解析域名hackr.ip,得主机的IP地址 20X.189.105.112。
然后将上面结合本机自己的信息,封装成一个http请求数据包
- Before HTTP starts to work, the client first establishes a connection with the server through the TCP/IP protocol (TCP three-way handshake)
- After the connection is established, the client sends a request to the server. The format of the request is: Uniform Resource Identifier (URL), protocol version number, followed by MIME information including request modifiers, client information and content.
- After the server receives the request, it gives the corresponding response information in the form of a status line, including the protocol version number of the information, a success or error code, followed by MIME information including server information, entity information and possible content.
- In general, once the web server sends the request data to the browser, it closes the TCP connection, and then if the browser or server adds this line of code to its header:
Connection:keep-alive, the TCP connection will remain open after sending, The browser can then continue to send requests over the same connection. Keeping connected saves the time required to establish a new connection for each request and also saves network bandwidth.
2.1 Short connection
The operation steps of a short connection are: Establish a connection - data transmission - close the connection... Establish a connection - data transmission - close the connection
If client requests are frequent, more time and bandwidth will be wasted on TCP setup and shutdown operations.
2.2 Long Links
A long link means that multiple data packets can be sent continuously on a connection. During the connection maintenance period, if no data packets are sent, both parties need to send link detection packets.
Long link operation steps: Establish a connection - data transfer... (keep the connection)... data transfer - close the connection
Long connections can save more TCP establishment and closing operations, reduce waste and save time
Long links are divided into without pipelining and with pipelining. The figure below is without pipelining. The client only sends a new request after receiving the response of the previous request.
2.3 Pipeline
The following figure is with pipelining. After each link is established, the next request can be sent without waiting for the request to come back.
3. Http request message
The request message that the client sends an HTTP request to the server includes the following format:
The request line (request line), the request header (header), and the request body are composed. The following figure shows the general format of the request message.
请求行:
方法:
GET 获取资源
POST 向服务器端发送数据,传输实体主体
PUT 传输文件
HEAD 获取报文首部
DELETE 删除文件
OPTIONS 询问支持的方法
TRACE 追踪路径
协议/版本号
URL
请求头:
通用首部(General Header)
请求首部(Request Header)
响应首部(Response Header)
实体首部(Entity Header Fields)
请求体
Request message disassembly:
3.1 get request
3.2 post request
4. Http response message
HTTP response consists of: response line, response header, and response body.
响应行
(HTTP/1.1)表明HTTP版本为1.1版本,状态码为200,状态消息为(ok)
响应头
Date:生成响应的日期和时间;
Content-Type:指定了MIME类型的HTML(text/html),编码类型是ISO-8859-1
响应体
Response message disassembly:
5. Http status code
| category | reason |
|---|---|
| 1XX | Informational (informational status code) |
| 2XX | Success (success status code) |
| 3XX | Redirection |
| 4XX | Client Error (client error status code) |
| 5XX | Server Error (is the server error status) |
5.1 2XX success
200(OK 客户端发过来的数据被正常处理
204(Not Content 正常响应,没有实体
206(Partial Content 范围请求,返回部分数据,响应报文中由Content-Range指定实体内容
5.2 3XX redirects
301(Moved Permanently) 永久重定向
302(Found) 临时重定向,规范要求,方法名不变,但是都会改变
303(See Other) 和302类似,但必须用GET方法
304(Not Modified) 状态未改变, 配合(If-Match、If-Modified-Since、If-None_Match、If-Range、If-Unmodified-Since)
307(Temporary Redirect) 临时重定向,不该改变请求方法
5.3 4XX Client Errors
400(Bad Request) 请求报文语法错误
401 (unauthorized) 需要认证
403(Forbidden) 服务器拒绝访问对应的资源
404(Not Found) 服务器上无法找到资源
5.4 5XX server-side errors
500(Internal Server Error)服务器故障
503(Service Unavailable) 服务器处于超负载或正在停机维护
6. Neck
6.1 Generic header fields
| header field name | illustrate |
|---|---|
| Cache-Control | Control cache behavior |
| Connection | management of links |
| Date | message date |
| Pragma | message command |
| Trailer | header at the end of the message |
| Trasfer-Encoding | Specifies the transfer encoding method of the message body |
| Upgrade | Upgrade to other protocols |
| Via | proxy server information |
| Warning | error notification |
6.2 Request header fields
| header field name | illustrate |
|---|---|
| Accept | media types that the user agent can handle |
| Accept-Charset | Preferred character set |
| Accept-Encoding | priority encoding |
| Accept-Langulage | preferred language |
| Authorization | Web authentication information |
| Expect | Expect specific behavior from the server |
| From | User's email address |
| Host | The server where the requested resource resides |
| If-Match | Compare entity tags |
| If-Modified-Since | Compare resource update times |
| If-None-Match | Compare entity tags |
| If-Range | Send a range request for entity Byte when the resource is not updated |
| If-Unmodified-Since | Compare resource update times (as opposed to If-Modified-Since) |
| Max-Forwards | Maximum number of transmission hops |
| Proxy-Authorization | Proxy server requires client authentication |
| Range | Entity byte range request |
| Referer | The original getter of the URI in the request |
| AT | Transfer encoding priority |
| User-Agent | Information about the HTTP client program |
6.3 Response header fields
| header field name | illustrate |
|---|---|
| Accept-Ranges | whether to accept byte ranges |
| Age | when the resource was created |
| ETag | resource matching information |
| Location | The client redirects to the specified URI |
| Proxy-Authenticate | Authentication information of the proxy server to the client |
| Retry-After | When to send the request again |
| Server | server information |
| Vary | Management information cached by the proxy server |
| www-Authenticate | Server-to-client authentication |
6.4 Entity header fields
| header field name | illustrate |
|---|---|
| Allow | HTTP methods supported by the resource |
| Content-Encoding | how the entity is encoded |
| Content-Language | Entity's natural language |
| Content-Length | The content size of the entity (in bytes) |
| Content-Location | Substitute the URI of the corresponding resource |
| Content-MD5 | Entity's message digest |
| Content-Range | the location range of the entity |
| Content-Type | The media type of the entity body |
| Expires | Entity expiration time |
| Last-Modified | The last modified time of the resource |
refer to: