Table of contents
1. Request and response message model
2. How to unpack http? How to package?
3. How are http requests and responses read?
5. What is the difference between Get and Host?
1. Request and response message model
All requests and responses are divided into behavioral units (both requests and responses are divided into 3 or 4 parts by line)
2. How to unpack http? How to package?
There is a data Content_Length stored in the http request message, which is the data length of the text. Using this content_length and a special blank line can realize how much data can be extracted from the next part of the content after the blank line.
3. How are http requests and responses read?
To put it bluntly, http is a large string with a format convention. \n is used to continuously space the contents of each line, and the data in the text is finally read by analyzing the data in units of behavior.
4. How is http sent?
Sending is also to convert its own body part into a large character string through line-by-line information description in accordance with the protocol.
5. What is the difference between Get and Host?
Look at the pictures below. Figure 1 is the response method of Get used in TCP data transmission. Then, after sending the login request from the user, the user's account number and password are displayed in the url, and the path above the browser is also displayed. can see
However, the user and password submitted through Post cannot be seen above the browser. The user account and password are in the body part.
The following is the current browser data captured by fiddler's packet capture tool. Fiddler is a medium between the user and the server. Originally, the user's information is sent directly to the server. After opening fiddler, the user's data is first sent to fiddler, and then from Fiddler is transmitted to the server, sent from the server to fiddler, and then from fiddler to the client.
6. Difference summary
Conceptually: the parameter storage location is different
Get method Acquisition: It can not only obtain data information, but also send parameters, and the parameters will be stored in the url for splicing , and then submitted to the server
Post method push: push the data information, its data information is generally transmitted through the text , be careful not to forget the Content_Length in the request header: it represents the length of the text data information.
Second Batch of Conclusions: Security? !
None of them are safe, what is safety? It is only safe if it is encrypted.
Get: It is safe to put the account and password in the suffix of the URL?
Post: It can't be said to be safe, but it can be called private. Its parameter information can be saved in the text part that cannot be directly seen , and will not be echoed into the input field of the browser! But it's still not safe (I can use a fiddler to capture the package, which is called security???)
The third batch of conclusions: how to choose?
Since the data transmitted by Get has a length limit, when the transmitted data is not private and there are few parameters, use Get
Otherwise use Post.