The most comprehensive TCP, UDP, Socket, HTTP network programming interview questions

Let’s look at the experience of one day’s interview:

First round:

• Interviewer: Can you tell me about TCP’s three-way handshake?

• Me: The first time the Client sets SYN to 1..., the second time the Server receives..., the third time...

• Interviewer: Is it difficult to memorize it?

• Me: ...Yeah, it’s difficult. How about I tell you about waving four times?

• Interviewer: Bye bye, go back and wait for notification...

• I:"......"

The second scene: The second house where ten thousand grass mud horses came to after holding back ten thousand thoughts in my heart.

• ....

• Interviewer: Can you tell me about TCP’s three-way handshake?

• Me (thinking, are you still here?): Nothing to say, just to keep the network communication interaction normal.

• Interviewer: Can you make it clearer?

• Me: It’s like you called me and asked me to come for an interview without knowing me.

• Interviewer: "Confused", that's what happened

• Interviewer: Can you tell me about TCP’s four waves?

• Me: It’s like I resigned from my last company

• Interviewer: "I thought about it for a while." Can you make it clearer?

• Me: I went to my boss to apply for my resignation, and my boss said yes. Then my boss went on to apply for my resignation, and then I could leave.

• Interviewer: Makes sense!

• Interviewer: Could you please tell me the difference between TCP and UDP?

• Me: TCP is equal to calling strangers to handle things, UDP is equal to broadcasting

• Interviewer: "..." That makes sense.

• Interviewer: What is your expected salary?

• Me: 15K

• Interviewer: Do you have time to join the company next Monday?

• I:....

Then get to the point

What is network programming

• The essence of network programming is the exchange of data between multiple computers. Data transfer itself is not very difficult. It is just sending data from one device to other devices and then receiving feedback data from another device. Today's network programming is basically based on the request/response method, that is, one device sends request data to another, and then receives feedback from the other device. In network programming, the program that initiates the connection, that is, the program that sends the first request, is called the client, and the program that waits for other programs to connect is called the server. The client program can be started when needed, but the server needs to be started all the time in order to be able to connect accordingly at all times.

• For example, taking a phone call as an example, the person who dials the number first is similar to the client, and the person who answers the call must keep the phone open, similar to the server. Once the connection is established, data can be transferred between the client and the server, and the identities of the two are equivalent. In some programs, the program has both client-side and server-side functions. The most common software is software such as QQ and WeChat.

Two main problems in network programming

1. One is how to accurately locate one or more hosts on the network,

2. The other is how to reliably and efficiently transmit data after finding the host.

• In the TCP/IP protocol, the IP layer is mainly responsible for the positioning of network hosts and routing of data transmission. The IP address can uniquely identify a host on the Internet.

• The TCP layer provides application-oriented reliable (TCP) or unreliable (UDP) data transmission mechanisms. This is the main object of network programming. Generally, you do not need to care about how the IP layer processes data.

• Currently, the more popular network programming model is the client/server (C/S) structure. That is, one of the communication parties acts as a server and waits for the client to make a request and respond. Customers apply to the server when they need services. The server generally always runs as a daemon process, listening to the network port. Once there is a customer request, it will start a service process to respond to the customer, and at the same time continue to monitor the service port, so that subsequent customers can also receive services in a timely manner.

What is network protocol

• In order to exchange data in an orderly manner in a computer network, you must abide by some pre-agreed rules, such as the format of the exchanged data and whether a response message needs to be sent. These rules are called network protocols.

Why Layer Network Protocols

• Simplify problem difficulty and complexity. Since each layer is independent, we can split large problems into smaller ones.

• Good flexibility. When the technology of one layer changes, other layers will not be affected as long as the interface relationship between layers remains unchanged.

• Easy to implement and maintain.

• Promote standardization work. After separation, the functions of each layer can be described relatively simply

computer network architecture

OSI reference model

• OSI (Open System Interconnect), that is, open system interconnection. Generally called the OSI reference model, it is a network interconnection model studied by the ISO (International Organization for Standardization) in 1985. In order to make network applications more popular, ISO launched the OSI reference model so that all companies can specify their own networks according to unified standards and can interconnect.

• OSI defines a seven-layer framework for network interconnection (physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and application layer).

TCP/IP reference model TCP/IP four-layer protocol (data link layer, network layer, transport layer, application layer)

1. Application layer The application layer is the layer closest to the user. It provides application interfaces for computer users and also directly provides users with various network services. Our common application layer network service protocols include: HTTP, HTTPS, FTP, TELNET, etc.

2. The transport layer establishes an end-to-end link between hosts. The role of the transport layer is to provide end-to-end reliable and transparent data transmission services for upper-layer protocols, including handling issues such as error control and flow control. This layer shields the details of lower-layer data communication from the upper layer, so that upper-layer users see only a host-to-host reliable data path between two transmission entities that can be controlled and set by the user. What we usually say, TCP UDP is at this layer. The port number is the "end" here.

3. This layer of the network layer establishes a connection between two nodes through IP addressing, selects appropriate routing and switching nodes for packets sent by the transport layer at the source, and accurately transmits them to the transport layer at the destination according to the address. It is commonly referred to as the IP layer. This layer is what we often call the IP protocol layer. The IP protocol is the foundation of the Internet.

4. The data link layer controls the transmission of these data through some procedures or protocols to ensure the correctness of the transmitted data. The hardware and software that implement these procedures or protocols are added to the physical lines to form a data link.

1 TCP / UDP

1.1 What is TCP/IP and UDP

• TCP/IP, Transmission Control/Network Protocol, is a connection-oriented protocol. A connection must be established before sending data (a connection must be established between the sender and the receiver in pairs). TCP provides reliable services, that is, Say, data transferred over a TCP connection is not lost, has no duplication, and arrives in order

• UDP is a member of the TCP/IP protocol suite. It is a connectionless protocol. There is no need to establish a connection before sending data, and it is an unreliable protocol. Because there is no need to establish a connection, it can be transmitted through any possible path on the network. Therefore, whether it can reach the destination, the time of arrival at the destination, and the correctness of the content cannot be guaranteed.

1.2 The difference between TCP and UDP:

• TCP is a connection-oriented protocol. A connection must be established before sending data. TCP provides reliable services, that is, the data transmitted through the TCP connection will not be lost, not repeated, and will arrive in order;

• UDP is a connectionless protocol. There is no need to establish a connection before sending data, so it has no reliability;

• TCP communication is similar to making a phone call. Once the call is connected, the traffic begins only after the identity is confirmed;

• UDP communication is similar to school broadcasting, relying on broadcast broadcasts for direct communication.

• TCP only supports point-to-point communication, and UDP supports one-to-one, one-to-many, many-to-one, and many-to-many;

• TCP is byte stream oriented, UDP is message oriented; byte stream oriented means sending data in bytes, and a data packet can be split into several groups for sending, while UDP can only send a message once. Finished.

• TCP header overhead (20 bytes) is larger than UDP header overhead (8 bytes)

• UDP hosts do not need to maintain complex connection state tables

1.3 Application scenarios of TCP and UDP:

• UDP is used in some situations with high real-time requirements, such as games, media communications, and real-time live broadcasts. Even if transmission errors occur, it can be tolerated. In most other cases, HTTP uses TCP because the transmitted content is required to be reliable and unreliable. Loss occurs

1.4 Describe TCP and UDP

• TCP communication can be regarded as making a phone call: Li San (dial a number): Hello, is this Wang Wu? Wang Wu: Hey, who are you? Li San: I’m Li San. I want to tell you something. Is it convenient for you now? Wang Wu: Oh, it’s convenient for me now, just tell me. A: Then I said it? B: Tell me. (The connection is established, let’s get down to business...)

• UDP communication can be seen as a broadcast in the school: Studio: Hey, hey, hey! Assemble in the playground

1.5 Application layer protocol analysis running on TCP or UDP.

• Protocols running on the TCP protocol:

• HTTP (Hypertext Transfer Protocol, Hypertext Transfer Protocol) is mainly used for general browsing.

• HTTPS (HTTP over SSL, Hypertext Transfer Protocol Secure), a secure version of the HTTP protocol.

• FTP (File Transfer Protocol), used for file transfer.

• POP3 (Post Office Protocol, version 3, post office protocol), used for receiving emails.

• SMTP (Simple Mail Transfer Protocol), used to send emails.

• TELNET (Teletype over the Network), logs in to the network through a terminal.

• SSH (Secure Shell, used to replace TELNET with poor security), used for encrypted and secure login.

• Protocols running on the UDP protocol:

• BOOTP (Boot Protocol), applied to diskless devices.

• NTP (Network Time Protocol), used for network synchronization.

• DHCP (Dynamic Host Configuration Protocol), dynamically configures IP addresses.

• Runs on TCP and UDP protocols:

• DNS (Domain Name Service) is used to complete address lookup, mail forwarding and other tasks.

• ECHO (Echo Protocol, wraparound protocol), used for error checking and measuring response time (running on TCP and UDP protocols).

• SNMP (Simple Network Management Protocol, Simple Network Management Protocol) is used for network information collection and network management.

• DHCP (Dynamic Host Configuration Protocol), dynamically configures IP addresses.

• ARP (Address Resolution Protocol) is used to dynamically resolve the address of Ethernet hardware.

What is ARP protocol (Address Resolution Protocol)?

• The ARP protocol completes the mapping between IP addresses and physical addresses. Each host is equipped with an ARP cache, which contains a mapping table from the IP address of each host and router on the local area network to the hardware address. When the source host wants to send a data packet to the destination host, it will first check whether there is the MAC address of the destination host in its ARP cache. If there is, it will directly send the data packet to this MAC address. If not, it will send it to the MAC address where it is located. The LAN initiates a broadcast packet of an ARP request (when sending its own ARP request, it also brings the mapping of its own IP address to the hardware address). The host that receives the request checks whether its own IP address is consistent with the IP address of the destination host. , if consistent, first save the mapping of the source host to its own ARP cache, and then send an ARP response packet to the source host. After the source host receives the response packet, it first adds the mapping between the IP address and the MAC address of the destination host, and then transmits the data. If the source host never receives a response, it means that the ARP query failed.

• If the host you are looking for and the source host are not on the same LAN, then you need to use ARP to find the hardware address of a router on the local area network, and then send the packet to the router and let the router forward the packet to the next router. network. The next network does the rest.

What is NAT (Network Address Translation, Network Address Translation)?

• It is used to solve the problem that hosts in the intranet need to communicate with hosts on the Internet. The NAT router converts the local IP address of the host into a global IP address, which is divided into static conversion (the converted global IP address is fixed) and dynamic NAT conversion.

What is the process from entering the URL to getting the page?

1. The browser queries DNS and obtains the IP address corresponding to the domain name: the specific process includes the browser searching its own DNS cache, searching the operating system's DNS cache, reading the local Host file, and querying the local DNS server. For queries to the local DNS server, if the domain name to be queried is included in the local configuration zone resources, the parsing result will be returned to the client to complete the domain name resolution (this resolution is authoritative); if the domain name to be queried is not provided by the local DNS server zone analysis, but the server has cached this URL mapping relationship, then this IP address mapping is called to complete the domain name resolution (this resolution is not authoritative). If the local domain name server does not cache the URL mapping relationship, a recursive query or an iterative query will be initiated according to its settings;

2. After the browser obtains the IP address corresponding to the domain name, the browser requests the server to establish a link and initiates a three-way handshake;

3. After the TCP/IP link is established, the browser sends an HTTP request to the server;

4. The server receives this request, maps it to a specific request processor for processing according to the path parameters, and returns the processing result and corresponding view to the browser;

5. The browser parses and renders the view. If it encounters references to static resources such as js files, css files, and pictures, it repeats the above steps and requests these resources from the server;

6. The browser renders the page based on the resources and data it requests, and finally presents a complete page to the user.

1.6 TCP three-way handshake

1.6.1 What is TCP’s three-way handshake?

• In network data transmission, the transport layer protocol TCP is a reliable transmission to establish a connection. The process of TCP establishing a connection is called a three-way handshake.

1.6.2 Specific details of the three-way handshake

First handshake: Client sets SYN to 1, randomly generates an initial sequence number seq and sends it to the Server, entering the SYN_SENT state;

Second handshake: After the Server receives the Client's SYN=1, it knows that the client has requested to establish a connection, sets its own SYN to 1, sets its ACK to 1, generates an acknowledge number=sequence number+1, and randomly generates its own initial Serial number, sent to the client; enter SYN_RCVD state;

The third handshake: The client checks whether the acknowledge number is the sequence number + 1 and whether the ACK is 1. After the check is correct, it sets its own ACK to 1, generates an acknowledge number = the sequence number sent by the server + 1, and sends it to the server; Enter the ESTABLISHED state; after the server checks that the ACK is 1 and the acknowledgment number is the sequence number + 1, it also enters the ESTABLISHED state; the three-way handshake is completed and the connection is established.

Simply put it is:

1. Client sends SYN to server

2. The server returns SYN, ACK

3. Client sends ACK

1.6.3 Understand the specific details of the three-way handshake with reality

• The purpose of the three-way handshake is to establish a reliable communication channel. The main purpose is for both parties to confirm that their and each other's sending and receiving functions are normal.

1. The first handshake: the client cannot confirm anything; the server confirms that the other party sends normally

2. Second handshake: The client confirmed: its sending and receiving were normal, and the other party's sending and receiving was normal; the server confirmed: its receiving and receiving were normal, and the other party's sending and receiving was normal.

3. The third handshake: The client confirmed: its own sending and receiving is normal, and the other party's sending and receiving is normal; the server confirmed: its own sending and receiving is normal, and the other party's sending and receiving is normal. Therefore, the three-way handshake can confirm that the dual sending and receiving functions are normal, and one is missing. No.

1.6.4 Can two handshakes be used to establish a connection? Why?

• Can't.

• Because it may happen that the expired connection request segment is transmitted to the server again. > The first connection request message segment sent by the client was not lost, but stayed at a certain network node for a long time, so that it was delayed to reach the server some time after the connection was released. It turns out that this is a message segment that has long expired. However, after the server receives this invalid connection request segment, it mistakenly thinks that it is a new connection request sent by the client again. So a confirmation message segment is sent to the client, agreeing to establish the connection. Assuming that the "three-way handshake" is not used, a new connection is established as long as the server sends a confirmation. Since the client has not issued a request to establish a connection, it will not pay attention to the server's confirmation and will not send data to the server. But the server thinks that a new transport connection has been established, and has been waiting for the client to send data. In this way, many resources of the server are wasted. The "three-way handshake" method can prevent the above phenomenon from happening. For example, in the situation just now, the client will not send a confirmation to the server's confirmation. Since the server does not receive confirmation, it knows that the client did not ask to establish a connection.

• Moreover, the two handshakes cannot guarantee that the Client correctly receives the message of the second handshake (the Server cannot confirm whether the Client has received it), nor can it guarantee that the initial sequence number is successfully exchanged between the Client and the Server.

1.6.5 Can a four-way handshake be used? Why?

• This definitely works. Three handshakes can guarantee a successful connection, let alone four handshakes, but it will reduce the transmission efficiency.

1.6.6 In the third handshake, what will happen if the client's ACK is not delivered to the server?

• Server side: Since the Server does not receive the ACK confirmation, it will resend the previous SYN+ACK every 3 seconds (resend five times by default, and then automatically close the connection and enter the CLOSED state). After the Client receives it, it will resend the ACK to the Server. .

• On the client side, there are two situations:

1. During the server's timeout retransmission process, if the client sends data to the server, the ACK in the data header is 1, so the server will read the ACK number after receiving the data and enter the established state.

2. After the Server enters the CLOSED state, if the Client sends data to the server, the server will respond with an RST packet.

1.6.7 What if the connection has been established but the client fails?

• The server will reset a timer every time it receives a request from the client. The time is usually set to 2 hours. If it has not received any data from the client for two hours, the server will send a detection segment every 75 seconds. Sent every second. If there is still no response after sending 10 probe messages in a row, the server will think that the client is faulty, and then close the connection.

1.6.8 What is the initial serial number?

• Party A of the TCP connection randomly selects a 32-bit sequence number (Sequence Number) as the initial sequence number (ISN) for sending data, such as 1000. Using this sequence number as the origin, the data to be transmitted is processed. Number: 1001, 1002... During the three-way handshake, this initial sequence number is transmitted to the other party B, so that when transmitting data, B can confirm what data number is legal; at the same time, when transmitting data, A also It can confirm every byte received by B. If A receives B's confirmation number (acknowledge number) is 2001, it means that the data numbered 1001-2000 has been successfully accepted by B.

1.7 TCP’s Four Waves

1.7.1 What is TCP's four waves

• In network data transmission, the process of disconnection by the transport layer protocol is called four waves.

1.7.2 Specific details of the four hand waves

Wave for the first time: Client sets FIN to 1 and sends a sequence number seq to Server; enters FIN_WAIT_1 state;

Wave for the second time: After the Server receives the FIN, it sends an ACK=1, acknowledgment number=the received sequence number + 1; it enters the CLOSE_WAIT state. At this time, the client has no data to send, but it can still accept data from the server.

Wave for the third time: Server sets FIN to 1 and sends a sequence number to Client; enters LAST_ACK state;

The fourth wave: After receiving the FIN from the server, the Client enters the TIME_WAIT state; then sets ACK to 1 and sends an acknowledge number = sequence number + 1 to the server; after the server receives it, confirms the acknowledge number, and then changes to the CLOSED state. No more data is sent to the client. The client also enters the CLOSED state after waiting for 2*MSL (maximum life span of the message segment). Complete four waves.

1.7.3 Use reality to understand the specific details of the three-way handshake TCP’s four waves

• The reason for waving four times to disconnect is to make sure that all the data has been transferred.

1. After the conversation between the client and the server is over, if the client wants to end the session, he will say to the server: I want to close the connection (wave for the first time)

2. After receiving the client's message, the server says: OK, you have to close the connection. (waves a second time)

3. Then the server determines that it has nothing to say to the client, and the server will tell the client that I want to close the connection. (waving for the third time)

4. After receiving the message that the server wants to end the connection, the client says: The message that you want to close the connection has been received. (fourth wave) before closing

1.7.4 Why can’t the ACK and FIN sent by the server be combined into three waves (what is the meaning of the CLOSE_WAIT state)?

• Because when the server receives the client's request to disconnect, there may still be some data that has not been sent. At this time, it first responds with ACK, indicating that it has received the disconnect request. Wait until the data is sent before sending FIN to disconnect the data transmission from the server to the client.

1.7.5 What will happen if the server's ACK is not delivered to the client when waving for the second time?

• If the client does not receive the ACK confirmation, it will resend the FIN request.

1.7.6 What is the meaning of the client's TIME_WAIT state?

• When waving for the fourth time, the ACK sent by the client to the server may be lost. The TIME_WAIT state is used to resend the ACK message that may be lost. If the Server does not receive the ACK, it will resend the FIN. If the Client receives the FIN within 2*MSL, it will resend the ACK and wait for 2MSL again to prevent the Server from continuously resending the FIN without receiving the ACK. MSL (Maximum Segment Lifetime) refers to the maximum survival time of a segment in the network. 2MSL is the maximum time required for a send and a reply. If the Client does not receive FIN again until 2MSL, then the Client infers that the ACK has been successfully received and ends the TCP connection.

2 Socket

1 What is Socket

• Two programs on the network exchange data through a two-way communication connection. One end of this two-way link is called a Socket. Socket is usually used to realize the connection between the client and the server. Socket is a very popular programming interface for the TCP/IP protocol. A Socket is uniquely determined by an IP address and a port number.

• However, the types of protocols supported by Socket are not limited to TCP/IP and UDP, so there is no necessary connection between the two. In the Java environment, Socket programming mainly refers to network programming based on the TCP/IP protocol.

• A socket connection is a so-called long connection. The client and the server need to be connected to each other. In theory, once the connection between the client and the server is established, it will not be automatically disconnected, but sometimes network fluctuations are still possible.

• Socket prefers the bottom layer. Generally, Sockets are rarely used directly for programming. Sockets are mostly used at the bottom of the framework.

2 socket belongs to the level of the network

Socket is an intermediate software abstraction layer that communicates between the application layer and the TCP/IP protocol suite. It is a set of interfaces. In the design mode, Socket is actually a facade mode, which hides the complex TCP/IP protocol family behind the Socket interface. For users, a set of simple interfaces is all, allowing Socket to organize data to meet the specified requirements. protocol.

3 Socket communication process

• Based on TCP: The server first initializes the Socket, then binds to the port, listens to the port, calls accept to block, and waits for the client to connect. At this time, if a client initializes a Socket and then connects to the server (connect), if the connection is successful, the connection between the client and the server is established. The client sends a data request, the server receives the request and processes the request, then sends the response data to the client, the client reads the data, and finally closes the connection, and the interaction ends.

• Based on UDP: UDP protocol is the abbreviation of User Datagram Protocol and is also used for the transmission of network data. Although the UDP protocol is a less reliable protocol, there are times when UDP is more advantageous when data needs to be received faster and smaller errors can be tolerated. My client only needs to send, I don’t care whether the server can receive it or not.

4 Commonly used classes of Socket

Class name	used for	effect
Socket	TCP protocol	The Socket class works on both the client and the server. All methods are universal. This class has three main functions: verifying packet information, initiating connections (Client), and operating stream data (Client/Server).
ServerSocket	TCP protocol	ServerSocket is represented as the server. Its main function is to bind and monitor a server port, and "clone/map" a Socket object for each client that establishes a connection. Specific data operations are completed through this Socket object. ServerSocket only focuses on how to Establish a connection with the client
DatagramSocket	ODP protocol	The DatagramSocket class represents a socket for sending and receiving datagram packets.
DatagramPacket	ODP protocol	The DatagramPacket class is used to represent datagram packets, and datagram packets are used to implement connectionless packet delivery services.
InetAddress	IP + port number	Java provides the InetAddress class to represent Internet Protocol (IP) addresses. The InetAddress class does not provide a constructor, but provides the following two static methods to obtain InetAddress instances:
InetSocketAddress	IP + port number	The simplest way to use Socket to connect to the server is to directly use the IP and port. However, this method is not provided in the Socket class. Instead, the subclass InetSocketAddress of SocketAddress is used to create the IP address + port number without relying on any protocol.

3. HTTP

What is HTTP protocol?

• The HTTP protocol is a specification for the reliable transmission of hypertext data such as text, pictures, audio, and video between the client and the server. The format is referred to as "Hypertext Transfer Protocol"

• The HTTP protocol belongs to the application layer, and the first layer that users access is http.

The difference and application scenarios between Socket and http

• The Socket connection is a so-called long connection. In theory, once the connection between the client and the server is established, it will not be actively disconnected;

• Socket applicable scenarios: online games, continuous bank interaction, live broadcast, online video, etc.

• http connection is a so-called short connection, that is, the client sends a request to the server, and after the server responds, the connection will be disconnected and wait for the next connection.

• http applicable scenarios: company OA services, Internet services, e-commerce, offices, websites, etc.

What is the HTTP request body?

• The HTTP request body is the data that is sent to the server first when we request data. After all, when I send data to the server, I first need to indicate what I want.

• The HTTP request body consists of: request line, request header, and request data.

• Note: GIT requests have no request body

POST request

GIT requests have no request body

It was found that there were only request lines and request headers, but a request body was missing.

What are the response messages of http?

• The HTTP response message is the data returned to us by the server. There must be a request body and then a response message.

• The response message contains three parts: status line, response header field, and response content entity implementation.

What is the difference between http and https?

• In fact, HTTPS is HTTP plus encryption (usually SSL secure communication line) + authentication + integrity protection

• the difference:

1. http needs to get ca certificate, need money

2. The port is different, http is 80, https443

3. http is a hypertext transfer protocol, and information is transmitted in plain text, while https is a secure SSL encrypted transmission protocol.

4. http and https use completely different connection methods (the http connection is very simple and stateless; the HTTPS protocol is a network protocol built from the SSL+HTTP protocol that can perform encrypted transmission and identity authentication, and is more secure than the http protocol.)

How HTTPS works

• 1. First, HTTP requests the server to generate a certificate, and the client verifies the certificate's validity period, legality, whether the domain name is consistent with the requested domain name, the public key of the certificate (RSA encryption), etc.;

• 2. If the client passes the verification, it will generate a random number based on the validity of the public key of the certificate, and the random number will be encrypted using the public key (RSA encryption);

• 3. After the message body is generated, its digest is encrypted with the MD5 (or SHA1) algorithm, and an RSA signature is obtained;

• 4. Send it to the server. At this time, only the server (RSA private key) can decrypt it.

• 5. Decrypt the random number obtained, and then encrypt it with AES as the key (the key at this time is only known by the client and the server).

How many steps does a complete HTTP request go through?

The HTTP communication mechanism is that during a complete HTTP communication process, the following 7 steps will be completed between the web browser and the web server:

1. How to establish a TCP connection? See the three times of covering your hands above.

2. The web browser sends a request line to the web server. Once the TCP connection is established, the web browser sends a request command to the web server. For example: GET /sample/hello.jsp HTTP/1.1.

3. The web browser sends the request header. After the browser sends its request command, it also sends some other information to the web server in the form of header information. Then the browser sends a blank line to notify the server that it has ended the processing of the header information. send.

4. After the Web server responds to the client's request to the server, the server sends back a response to the client, HTTP/1.1 200 OK. The first part of the response is the protocol version number and the response status code.

5. Web servers send response headers Just as a client sends information about itself with a request, a server sends data about itself and the requested document to the user with a response.

6. The Web server sends data to the browser. After the Web server sends the header information to the browser, it will send a blank line to indicate that the sending of the header information has ended. Then, it will send it in the format described by the Content-Type response header information. The actual data requested by the user.

7. Web server closes TCP connection

How are commonly used HTTP status codes classified? What are the common status codes?

The HTTP status code indicates the return result of the client's HTTP request, identifies whether the server processing is normal, indicates an error in the request, etc.

Categories of status codes:

Common status codes:

What are the request methods in the HTTP protocol?

The difference between GET method and POST method

• Difference 1: get focuses on obtaining resources from the server, and post focuses on sending data to the server;

• Difference 2: The amount of data transmitted by Get is small because it is limited by the URL length, but it is more efficient; Post can transmit a large amount of data, so only the Post method can be used when uploading files;

• Difference three: get is unsafe because the data sent by the get request is visible on the URL and may leak private information, such as passwords; post is placed in the request header and is safe.

Comparison of http versions

Features of HTTP1.0 version:

• The earlier version of HTTP 1.0 was a stateless, connectionless application layer protocol.

• HTTP1.0 stipulates that the browser and the server maintain a short-term connection. Each request of the browser needs to establish a TCP connection with the server. The TCP connection is immediately disconnected (no connection) after the server completes processing. The server does not track each client. Do not log past requests (stateless).

New features in HTTP 1.1 version

• The default persistent connection saves communication volume. As long as either client or server does not explicitly propose to disconnect the TCP connection, the connection will always be maintained and multiple HTTP requests can be sent.

• Pipelined, the client can issue multiple HTTP requests at the same time without waiting for responses one by one.

• Principle of resume transfer from breakpoint

Features of HTTP 2.0 version

• Binary framing (encapsulate it using encoding in binary format)

• Header compression (HPACK algorithm specially designed for header compression is set.)

• Flow control (set how many bytes of a certain data stream are received and some flow control)

• Multiplexing (can send requests and responses simultaneously over a shared TCP link)

• Request priority (performance can be further optimized by optimizing the interleaving and transmission order of these frames)

• Server push (that is, the server can send multiple responses to a client request. The server pushes resources to the client without an explicit request from the client. (Major update))

What is symmetric encryption and asymmetric encryption

• Symmetric key encryption refers to a method that uses the same key for encryption and decryption. The biggest problem with this method is the key transmission problem, that is, how to safely send the key to the other party;

• Asymmetric encryption refers to the use of a pair of asymmetric keys, namely a public key and a private key. The public key can be released at will, but the private key is known only to you. The party sending the ciphertext uses the other party's public key for encryption. After the other party receives the encrypted information, it uses its own private key to decrypt it. Since asymmetric encryption does not require sending a private key for decryption, security can be guaranteed; however, it is very slow compared to symmetric encryption.

What are the uses of cookies and sessions for HTTP?

• The HTTP protocol itself cannot determine the user's identity. So cookie or session is required

What are cookies

• A cookie is a file (key-value format) saved on the user's browser by the web server and can contain user-related information. The client initiates a request to the server and extracts the user information from the browser and sends it to the server via http.

What is session

• Session is a piece of storage space allocated by the server to the session during the session between the browser and the server.

• The server defaults to setting the sessionid in the cookie of the client's browser. This sessionid corresponds to the cookie. The cookie transmitted by the browser during the request to the server contains the sessionid. The server obtains the information stored in the session based on the sessionid in the transmitted cookie, and then determines Session identity information.

The difference between cookies and sessions

1. Cookie data is stored on the client, which has poor security. Session data is stored on the server, which has relatively higher security.

2. The data stored in a single cookie cannot exceed 4K. If the session has no such restriction information, use your own private key to decrypt it. Since asymmetric encryption does not require sending a private key for decryption, security can be guaranteed; however, it is very slow compared to symmetric encryption.

What are the uses of cookies and sessions for HTTP?

• The HTTP protocol itself cannot determine the user's identity. So cookie or session is required

What are cookies

• A cookie is a file (key-value format) saved on the user's browser by the web server and can contain user-related information. The client initiates a request to the server and extracts the user information from the browser and sends it to the server via http.

What is session

• Session is a piece of storage space allocated by the server to the session during the session between the browser and the server.

• The server defaults to setting the sessionid in the cookie of the client's browser. This sessionid corresponds to the cookie. The cookie transmitted by the browser during the request to the server contains the sessionid. The server obtains the information stored in the session based on the sessionid in the transmitted cookie, and then determines Session identity information.

The difference between cookies and sessions

1. Cookie data is stored on the client, which has poor security. Session data is stored on the server, which has relatively higher security.

2. The data saved by a single cookie cannot exceed 4K, and there is no such limit for sessions.

3. The session is saved on the server for a certain period of time. When access increases, server performance will be occupied. Considering server performance, cookies should be used.