1. The https protocol needs to apply for a certificate from a CA (Certificate Authority). Generally, there are few free certificates, so a certain fee is required. (It turns out that Netease official website is http, and Netease mailbox is https.)
2. HTTP is a hypertext transfer protocol, information is transmitted in plain text, and https is a secure SSL encrypted transfer protocol.
3. http and https use completely different connection methods and different ports. The former is 80 and the latter is 443.
4. The http connection is very simple and stateless. The Https protocol is a network protocol constructed by the SSL+Http protocol that can perform encrypted transmission and identity authentication, and is safer than the http protocol. (Stateless means that the sending, transmission, and reception of its data packets are independent of each other. Connectionless means that both parties to the communication do not maintain any information about each other for a long time.)
Introduction to HTTPS
HTTPS is an application layer protocol, which is essentially a variant of the HTTP protocol. HTTPS is more secure than HTTP protocol, because HTTP is plaintext transmission, while HTTPS is encrypted transmission. Three encryption methods are used in the encryption process, namely certificate, symmetric encryption and asymmetric encryption. Compared with HTTP, HTTPS has an extra layer of SSL/TSL, and its structure is as follows:
What is the difference between http and https protocols
The difference between HTTPS and HTTP
Through the detailed analysis of HTTPS on the line, we can get:
(1) HTTPS is ciphertext transmission, HTTP is plaintext transmission;
(2) The port number of the default connection is different, HTTPS is port 443, and HTTP is port 80;
(3) The HTTPS request process requires a CA certificate to verify the identity to ensure that after the client requests to the server, the returned response comes from the server, while HTTP does not require a CA certificate;
(4) HTTPS=HTTP+encryption+authentication+integrity protection.
Same point
Both use the same basic protocol as the HTTP or HTTPS client—the browser
sets up a connection to the port specified by the Web server. When
the server receives the request, it will return a status code and the message
system uses the Uniform Resource Locator URI mode, so resources can be accessed. unique designation
difference
HTTP URLs start with http://. The URL of HTTPS starts with https://
HTTP is insecure, HTTPS is safe
HTTP is port 80, HTTPS is port 443
In the OSI network model, HTTP is at the application layer, HTTPS works at the transport layer
HTTP does not need encryption, HTTPS Need to encrypt
HTTP without a certificate, HTTPS needs to install a certificate
Overall, the key difference is that the https protocol has an extra layer of secure sockets
How to opt-
in For security and confidentiality, if all web applications of a website are encrypted with SSL technology and transmitted using HTTPS protocol, then the performance and efficiency of the website will be greatly reduced, and this is not necessary, because generally speaking, it is not necessary Not all data requires such a level of security and confidentiality, so we only need to use the HTTPS protocol for the interactive processing of which design confidential data
HTTP common status codes and their meanings
Common http status codes
to those protocols defined in the Upgrade message header. Similar measures should only be taken when switching to a new protocol would be beneficial.
102: Continue processing is a status code extended by WebDAV (RFC 2518), which means that processing will continue.
200: The request is successfully processed: get the content of the response and process it
201: The request was completed, resulting in the creation of a new resource. The URI of the newly created resource can be processed in the entity of the response: it will not be encountered in the crawler
202: The request is accepted, but the processing has not been completed Processing method: blocking wait
204: The server has implemented the request, but no new information is returned. If the client is a user agent, it does not need to update its own document view for this. Disposal method: discard
300: This status code is not directly used by HTTP/1.0 applications, but only as the default interpretation of 3XX type responses. There are multiple requested resources available. Processing method: If it can be processed in the program, it will be further processed, if it cannot be processed in the program, it will be discarded
301: The requested resource will be assigned a permanent URL, so that the resource can be accessed through this URL in the future Processing method: Redirect to the assigned URL
302: The requested resource is temporarily saved at a different URL Processing method: redirect to the temporary URL
304: The requested resource is not updated Processing method: discard, use local cache file
400: Illegal request processing method: discard
401: Unauthorized processing method: discard
403: Forbidden processing method: discard
404: No processing method found: discard
500: Server Internal Error The server encountered an unexpected condition that prevented it from completing the processing of the request. Generally speaking, this problem will appear when there is an error in the source code on the server side.
501: The server does not recognize that the server does not support a feature required by the current request. When the server does not recognize the requested method and cannot support its request for any resource.
502: Bad Gateway An invalid response was received from an upstream server when a server working as a gateway or proxy attempted to fulfill the request.
503: Service Error The server is currently unable to process the request due to temporary server maintenance or overload. This condition is temporary and will recover over time.