Reference: https://www.jianshu.com/p/8fe93a14754c
A, URI structure
HTTPUsing a uniform resource identifier ( URI) to transmit data and establish a connection. URL(Uniform Resource Locator) is a special kind URI, contains enough information to find the resources, we is commonly used URL, and a complete URLcontains the following sections:
http://www.fishbay.cn:80/mix/76.html?name=kelvin&password=123456#first
1. Protocol section
The URLprotocol part http:, indicating that the page using a HTTPprotocol, behind //a delimiter
2. The domain part
A domain name is www.fishbay.cn, when you send a request, it is necessary to DNSresolve the server IP. If the request for optimization, can be directly used IPas a part of the domain name used
3. Port section
The latter domain 80by between the port, and domain :partition, a port is not URLa necessary part. If the ports are 80, or can be omitted
4. Virtual directory section
A domain name from /the beginning to the last /date, is part of the virtual directory. Wherein, the virtual directory is not URLessential part of this embodiment is in the virtual directory/mix/
5. part of the file name
A domain name from the last /start to ?date, is part of the file name; if not ?, it is the domain name from the last /start to #date, is part of the file name; if not ?and #, then from the last domain /from start to finish, all files name part. In this example the file name 76.html, the file name is not a URLrequired part of, if not the file name, the default file name
6. anchor part
From #beginning to end, it is part of the anchor. Is the anchor of this section first, the anchor is not a URLnecessary part
7. parameter part
From ?the beginning to the #part between the part so far is the parameter, also known as part of the search query part. In this embodiment the parameter is name=kelvin&password=123456, if there are a plurality of parameters, among the various parameters &as a separator.
Two, Request
HTTP request comprising: a request line (request line), the request header (header), a blank line portion and four request data.
request
structure is as follows:
GET /mix/76.html?name=kelvin&password=123456 HTTP/1.1 Host: www.fishbay.cn Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
1. Request line
GETRequest type, /mix/76.html?name=kelvin&password=123456a resource to be accessed, HTTP/1.1is the protocol version
2. Request header
The second row from the request header, Hostthe destination of the request (host domain name); User-Agentis information of a client, it is important to detect the type of browser information, defined by the browser, and automatically sending each request.
3. blank line
Request following the header must have a blank line
4. The request data
Also called data request request body, can add other data. This example of the request body is empty.
Response
After Typically, the server receives the client's request, there will be a HTTPresponse message, HTTP responses are also made 4parts, namely: the status line, in response to the first, blank lines, and in response thereof.
Capture the data as follows:
HTTP/1.1 200 OK Server: nginx Date: Mon, 20 Feb 2017 09:13:59 GMT Content-Type: text/plain;charset=UTF-8 Vary: Accept-Encoding Cache-Control: no-store Pragrma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Encoding: gzip Transfer-Encoding: chunked Proxy-Connection: Keep-alive {"code":200,"notice":0,"follow":0,"forward":0,"msg":0,"comment":0,"pushMsg":null,"friend":{"snsCount":0,"count":0,"celebrityCount":0},"lastPrivateMsg":null,"event":0,"newProgramCount":0,"createDJRadioCount":0,"newTheme":true}
1. Status Line
Status line by the protocol version, status code, status message composition
2. Response Header
Some header information in response to the client can be used, such as: Date(a response generation date), Content-Type(the MIME type and encoding format), Connection(default long link), etc.
3. blank line
There must be a blank line between the response header and the response thereof
4. Response Body
Response body, in this case the key information
Third, the status code
HTTPBy protocol status code 3digits, the first digit defines categories of response, a total of 5the category:
1 1xx: indication information - indicates a request has been received, processing continues
2 2xx: Success - indicates that the request has been successfully received, understood, accepted
3 3xx: Redirection - to fulfill the request must be carried out further operations
4 4xx: Client Error - The request has a syntax error or a request can not be achieved
5 5xx: Server Error - The server failed to achieve a legitimate request
Wherein the common status codes as follows:
The OK 200 // client request was successful 400 Bad Request // client requests a syntax error, can not be understood by the server 401 Unauthorized // request is not authorized, the status code must be used with the WWW-Authenticate header field 403 Forbidden // server receives the request, but refused to provide service 404 not Found // requested resource does not exist, eg: enter the wrong the URL of 500 Internal server error // server unexpected errors occur 503 server unavailable Papers with // request that the server can not handle the current client after a period of time may return to normal
Fourth, the request method
HTTPIt defines a plurality of request methods, to meet various needs. HTTP/1.0Defines three request GETmethods: , POST and HEAD, to HTTP/1.1, request additional five OPTIONSmethods: PUT, DELETE, , TRACEand CONNECT. Each specific function request method is as follows:
GET request to the specified page information, and return the entity body. HEAD similar get request, but the response is not returned in the specific content, for obtaining the header POST submit data processing request to the specified resource (e.g., file submission form or upload). Data contained in the request body. POST requests may lead to the creation of new resources and / modified or existing resources. PUT replace specific content of the document data transmitted to the client from the server. DELETE requests the server to delete the specified page. The HTTP the CONNECT /. 1. . 1 protocol can be reserved for connection to the proxy server pipeline mode. OPTIONS allows the client to view server performance. TRACE echo server receives the request, mainly for testing or diagnosis.
The actual application process, GETand POSTthe use of more, the following describes the difference between the two:
1. Request parameter difference
GETThe request is the request parameters in the splicing URLback to ?the partition, with a plurality of parameters between a &connection; if it is alphanumeric, as it is transmitted, if it is a space or Chinese, with the Base64 encoding
POSTData will request submitted in the request body, it does not URLshow up in
2. The size of the transmission data
GET: Browser and the server will limit URLthe length, the data transmission is limited, usually2K
POST: Since the data by not URLtransmitting, it is generally relatively large amount of data can be transmitted
3. data analysis
GET: The Request.QueryStringvalue of the acquired variables
POST: The Request.formvalue of the acquired variables
4. Security
GET: Request parameters in URLthe back, you can directly see, especially when you log on, if the login interface is browser cache, others can view the history, and get the account password
POST: Request parameters in the request body inside the transmission, can not directly get relatively GEThigh safety; However, by capture tool, can still see the request parameters
Five works
HTTPProtocol using a request / response mode, the client sends a request message to the server, then the server response to the request. Here's what a HTTPprocess request:
- In the browser input
URL, and press Enter - The browser
DNSrequests the server to resolve theURLdomain name in the correspondingIPaddress (if it isIPrequested, this step is not required) - Parse out
IPlater, according toIPthe establishment and port number, and server TCP connection - The browser sends a request to the server, the request message as a
TCPserver handshake packet to the third three times - Server responds, sending data to the browser
- Communication is completed, disconnect the
TCPconnection - Browser parses the data received and displayed
Six, HTTPS Introduction
HTTPSA safe HTTPchannel, i.e. added in the HTTP communication SSLlayer (the current version TLS1.2), the data communication is encrypted, to prevent theft, the specific communication process is as follows:
HTTPS encryption using a combination of symmetric encryption and asymmetric encryption features, in ensuring the safety, and improving the transmission efficiency. The difference between HTTP and HTTPS are as follows: