Reference: https://www.jianshu.com/p/8fe93a14754c
A, URI structure
HTTP
Using a uniform resource identifier ( URI
) to transmit data and establish a connection. URL
(Uniform Resource Locator) is a special kind URI
, contains enough information to find the resources, we is commonly used URL
, and a complete URL
contains the following sections:
http://www.fishbay.cn:80/mix/76.html?name=kelvin&password=123456#first
1. Protocol section
The URL
protocol part http:
, indicating that the page using a HTTP
protocol, behind //
a delimiter
2. The domain part
A domain name is www.fishbay.cn
, when you send a request, it is necessary to DNS
resolve the server IP
. If the request for optimization, can be directly used IP
as a part of the domain name used
3. Port section
The latter domain 80
by between the port, and domain :
partition, a port is not URL
a necessary part. If the ports are 80
, or can be omitted
4. Virtual directory section
A domain name from /
the beginning to the last /
date, is part of the virtual directory. Wherein, the virtual directory is not URL
essential part of this embodiment is in the virtual directory/mix/
5. part of the file name
A domain name from the last /
start to ?
date, is part of the file name; if not ?
, it is the domain name from the last /
start to #
date, is part of the file name; if not ?
and #
, then from the last domain /
from start to finish, all files name part. In this example the file name 76.html
, the file name is not a URL
required part of, if not the file name, the default file name
6. anchor part
From #
beginning to end, it is part of the anchor. Is the anchor of this section first
, the anchor is not a URL
necessary part
7. parameter part
From ?
the beginning to the #
part between the part so far is the parameter, also known as part of the search query part. In this embodiment the parameter is name=kelvin&password=123456
, if there are a plurality of parameters, among the various parameters &
as a separator.
Two, Request
HTTP request comprising: a request line (request line), the request header (header), a blank line portion and four request data.
request
structure is as follows:
GET /mix/76.html?name=kelvin&password=123456 HTTP/1.1 Host: www.fishbay.cn Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
1. Request line
GET
Request type, /mix/76.html?name=kelvin&password=123456
a resource to be accessed, HTTP/1.1
is the protocol version
2. Request header
The second row from the request header, Host
the destination of the request (host domain name); User-Agent
is information of a client, it is important to detect the type of browser information, defined by the browser, and automatically sending each request.
3. blank line
Request following the header must have a blank line
4. The request data
Also called data request request body, can add other data. This example of the request body is empty.
Response
After Typically, the server receives the client's request, there will be a HTTP
response message, HTTP responses are also made 4
parts, namely: the status line, in response to the first, blank lines, and in response thereof.
Capture the data as follows:
HTTP/1.1 200 OK Server: nginx Date: Mon, 20 Feb 2017 09:13:59 GMT Content-Type: text/plain;charset=UTF-8 Vary: Accept-Encoding Cache-Control: no-store Pragrma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Encoding: gzip Transfer-Encoding: chunked Proxy-Connection: Keep-alive {"code":200,"notice":0,"follow":0,"forward":0,"msg":0,"comment":0,"pushMsg":null,"friend":{"snsCount":0,"count":0,"celebrityCount":0},"lastPrivateMsg":null,"event":0,"newProgramCount":0,"createDJRadioCount":0,"newTheme":true}
1. Status Line
Status line by the protocol version, status code, status message composition
2. Response Header
Some header information in response to the client can be used, such as: Date
(a response generation date), Content-Type
(the MIME type and encoding format), Connection
(default long link), etc.
3. blank line
There must be a blank line between the response header and the response thereof
4. Response Body
Response body, in this case the key information
Third, the status code
HTTP
By protocol status code 3
digits, the first digit defines categories of response, a total of 5
the category:
1 1xx
: indication information - indicates a request has been received, processing continues
2 2xx
: Success - indicates that the request has been successfully received, understood, accepted
3 3xx
: Redirection - to fulfill the request must be carried out further operations
4 4xx
: Client Error - The request has a syntax error or a request can not be achieved
5 5xx
: Server Error - The server failed to achieve a legitimate request
Wherein the common status codes as follows:
The OK 200 // client request was successful 400 Bad Request // client requests a syntax error, can not be understood by the server 401 Unauthorized // request is not authorized, the status code must be used with the WWW-Authenticate header field 403 Forbidden // server receives the request, but refused to provide service 404 not Found // requested resource does not exist, eg: enter the wrong the URL of 500 Internal server error // server unexpected errors occur 503 server unavailable Papers with // request that the server can not handle the current client after a period of time may return to normal
Fourth, the request method
HTTP
It defines a plurality of request methods, to meet various needs. HTTP/1.0
Defines three request GET
methods: , POST
and HEAD
, to HTTP/1.1
, request additional five OPTIONS
methods: PUT
, DELETE
, , TRACE
and CONNECT
. Each specific function request method is as follows:
GET request to the specified page information, and return the entity body. HEAD similar get request, but the response is not returned in the specific content, for obtaining the header POST submit data processing request to the specified resource (e.g., file submission form or upload). Data contained in the request body. POST requests may lead to the creation of new resources and / modified or existing resources. PUT replace specific content of the document data transmitted to the client from the server. DELETE requests the server to delete the specified page. The HTTP the CONNECT /. 1. . 1 protocol can be reserved for connection to the proxy server pipeline mode. OPTIONS allows the client to view server performance. TRACE echo server receives the request, mainly for testing or diagnosis.
The actual application process, GET
and POST
the use of more, the following describes the difference between the two:
1. Request parameter difference
GET
The request is the request parameters in the splicing URL
back to ?
the partition, with a plurality of parameters between a &
connection; if it is alphanumeric, as it is transmitted, if it is a space or Chinese, with the Base64 encoding
POST
Data will request submitted in the request body, it does not URL
show up in
2. The size of the transmission data
GET
: Browser and the server will limit URL
the length, the data transmission is limited, usually2K
POST
: Since the data by not URL
transmitting, it is generally relatively large amount of data can be transmitted
3. data analysis
GET
: The Request.QueryString
value of the acquired variables
POST
: The Request.form
value of the acquired variables
4. Security
GET
: Request parameters in URL
the back, you can directly see, especially when you log on, if the login interface is browser cache, others can view the history, and get the account password
POST
: Request parameters in the request body inside the transmission, can not directly get relatively GET
high safety; However, by capture tool, can still see the request parameters
Five works
HTTP
Protocol using a request / response mode, the client sends a request message to the server, then the server response to the request. Here's what a HTTP
process request:
- In the browser input
URL
, and press Enter - The browser
DNS
requests the server to resolve theURL
domain name in the correspondingIP
address (if it isIP
requested, this step is not required) - Parse out
IP
later, according toIP
the establishment and port number, and server TCP connection - The browser sends a request to the server, the request message as a
TCP
server handshake packet to the third three times - Server responds, sending data to the browser
- Communication is completed, disconnect the
TCP
connection - Browser parses the data received and displayed
Six, HTTPS Introduction
HTTPS
A safe HTTP
channel, i.e. added in the HTTP communication SSL
layer (the current version TLS1.2
), the data communication is encrypted, to prevent theft, the specific communication process is as follows:
HTTPS encryption using a combination of symmetric encryption and asymmetric encryption features, in ensuring the safety, and improving the transmission efficiency. The difference between HTTP and HTTPS are as follows: