One: What is the protocol?
It is a network protocol to achieve network communication between computers and reached "agreement" or "rules" With this agreement, between different vendors' equipment as well as computers with different operating system components, you can communicate.
Two: What protocol is HTTP?
HTTP protocol is an acronym for Hypertext Transfer Protocol, and English is the Hyper Text Transfer Protocol. It is transmitted from HTML WEB server (HTML) protocol to transfer the local browser.
HTTP was originally designed purpose is to provide a method to publish and receive HTML pages.
There are multiple versions of HTTP, is currently widely used HTTP / 1.1 version.
Three: the understanding of HTTP status codes
• 1XX information
1. 100 Continue: show so far are normal, the client can continue to send the request or ignore this response.
• 2XX success
1. 200 OK
2. 204 No Content: The request has been processed successfully, but returns a response message does not contain the main part of the entity. It is generally used when transmitting only the information from the client to the server, but does not need to return data.
3. 206 Partial Content: represents the range of the client request, a response packet containing the contents of the Content-Range entity specified range.
• 3XX Redirection
1. 301 Moved Permanently: permanent redirect;
2. 302 Found: temporary redirection;
3. 303 See Other: 302 and has the same functionality, but 303 clearly requires the client should use the GET method to obtain resources.
4. 304 Not Modified: If the request packet header comprising a number of conditions, for example: if-Match, if-Modified-Since, if-None-Match, if-Range, if-Unmodified-Since, if the condition is not satisfied, the server 304 returns a status code.
5. 307 Temporary Redirect: temporary redirection, and the meaning of 302, but with a POST method of claim 307 redirect the browser does not request it to GET method.
• 4XX client error
1. 400 Bad Request: Request message for syntax errors.
2. 401 Inauthorized: This status code indicates a transmission request requires authentication information (the BASIC authentication, DIGEST authentication). If you have previously been a request, it means that the user authentication fails.
3. 403 Forbidden: the request is rejected.
4. 404 Not Found
• 5XX Server Error
1. 500 Internal Server Error: An error occurred while the server is executing the request;
2. 503 Service Unavailable: the server is temporarily down for maintenance in the overload or under way, we are unable to process the request.
Four: the difference between forward and redirect?
Forward and Redirect forwards the request on behalf of two ways: direct and indirect forwarding to forward.
Direct forwarding mode (Forward): The client browser and only make a single request, Servlet, HTML, JSP, or other sources of information, by the second resource information in response to the request, the request in the request object, for each information object stored resources are shared.
Indirect forwarding mode (Redirect): actually twice HTTP request, the server then respond to the first request, let the browser again another URL request, so as to achieve the purpose of forwarding.
• For popular example:
Forwarded directly equivalent: "A B looking to borrow money, say no B, C B go borrow, borrow to borrow will pass the message to A";
Indirect forwarding is equivalent to: "A B looking to borrow money, B said no, let go A C borrow."
Five: HTTP methods are there?
Conduct a first request message sent by the client request line, it contains a method field.
1. GET: access to resources, most of all GET current network use;
2. HEAD: Gets the message header, and the GET method is similar, but does not return a message entity body part;
3. POST: transport entity body;
4. PUT: upload files, due to their own with no authentication mechanism, anyone can upload files, so there are security issues, generally do not use this method.
Six: the difference between GET and POST?
GET and POST are essentially HTTP request, but their role in defining and adapting to do, and let them adapt their scenes.
The essential difference: GET HTTP request just once, POST request header and then starting the requesting body, actually two requests.
1. From a functional perspective, GET is generally used to obtain resources from the server, POST generally used to update the resource on the server;
2. From the REST service point of view, GET is idempotent, that is read from the same resource, always get the same data, rather than POST idempotent, because each change to the resource request is not the same; further ground, GET will not change the resources on the server, and the server resources POST will change;
3. After the request parameters from the formal point of view, GET requested data will be attached to the URL, request data is about to be placed in the HTTP request header packet in order? URL partition and transfer of data between the parameters & linked. In particular, if the data is in English letters / numbers, as it is transmitted; the data submitted by the POST request will be placed in the request body of HTTP request packet;
4. In terms of security, safety POST than GET is safe, because the data GET requests submitted in plain text will appear in the URL, while the POST request parameters were packed into the request body, relatively more secure;
The size of the request from the look, the GET request is restricted to limit the length of the browser or server URL length, the smaller amount of data allowed to be sent, and the size of the POST request is not limited.
Seven: enter the URL address in the browser process to display the home page?
1. DNS Resolution: browser queries DNS, obtain the corresponding IP address: The specific process includes browser search their own DNS cache, DNS cache search operation system, read the local Host files and queries to the local DNS servers. For queries like a local DNS server, if the domain name you want to query contained in a locally configured zone resources, the analytical results back to the client to complete the DNS (resolve this authoritative); if the domain name you want to query the local DNS server could not help area resolution, but the server has cached the URL mapping relationship, this is called Ip address mapping, complete domain name resolution (this does not have the authority to resolve). If the local domain name server does not cache the URL mapping relationship, it will initiate a recursive query or iterative queries according to their settings;
2. TCP connection: Browser obtain the domain name corresponding to the IP address after the browser request to the server to establish a link to initiate three-way handshake;
3. HTTP request: TCP connection is established after the browser sends an HTTP request to the server;
4. The server processes the request and returns an HTTP message: The server receives the request, and the parameter is mapped to a specific request processor processing the path, and the results returned to the appropriate view and browser;
The browser parses render the page:
6. Connect the end.
Eight: the DNS resolution process?
1. Host usually recursive query to query the local DNS server. The so-called recursive query is this: If the host inquired about the local domain name server does not know the IP address of the domain name is queried, the local domain name server to DNS client, to continue to send a query message to a root name server (ie research for hosts ), rather than let yourself be the next host query. Therefore, the recursive query results returned by a query or an IP address to be queried, or error, it said it could not query to the desired IP address.
Nine: Talk about your understanding of the domain name cache?
In order to improve DNS query performance and reduce the load on the server and reduce DNS query packet number of Internet domain name server it is widely used in the cache used to store recently queried domain name mapping information and access to records from whence .
As the name to address bindings do not change often, in order to maintain the contents of the cache correctly, domain name server should set the timer for each item and processed item exceeds a reasonable time (for example: Each item two days). When the domain name server information from the cache to delete an item and then query the information requested, it must be re-authorized to manage the domain name server binding information. When the answer to a query request rights server, in response to the specified time value are present in effective binding. This increases the value of class time to reduce network overhead, while reducing the value of this time to improve the accuracy of domain name resolution.
Not only need to cache the local domain name server, but also need the host. Many hosts in Qidong download from a local server database of all the names and addresses, domain name maintenance own store recently used cache, and only when using a domain name server can not find the name from the cache. Maintains a local domain name server database should be checked regularly host domain name server to obtain a new mapping information, and the host must remove invalid entries from the cache. Since the domain name does not change frequently, most of the network without having to spend energy to be able to maintain the consistency of the database.
Ten: You talk at length on the HTTP connection and understanding of the short connection? What scene were applied?
In HTTP, the default use of short connection 1.0. In other words, the client and the server once for each HTTP operation, once the connection is established, the task will end disconnected. When an HTML Web page or other type of client browser visits a Web and other resources (such as: JavaScript files, image files, CSS files, etc.), when confronted with such a Web resource, the browser will re establish an HTTP session.
From HTTP, 1.1 played, long connection is used by default, for holding connection characteristics. A long connection using the HTTP protocol, which will be added to the first line of code in response to
Connection:keep-alive
In the case when TCP long connection, when a page is opened is completed, for the transmission of HTTP data between the client and the server connection is not closed, clients access the server again, we will continue to use a connection has been established .
Keep-Alive not permanently remain connected, it has a hold time, may be (eg: APache) in different server software set this time. Achieve a long connection requires a client and server support long connection.
XI: On the main changes HTTP 1.0 and 1.1, 1.2 at?
• HTTP1.1 of major changes:
After years of development 1. HTTP 1.0, 1.1 proposed improvements. The first is the proposed long connection, HTTP can continue to send a request in a TCP connection.
2. Then send HTTP 1.1 support without sending only header body. The reason is to use header to determine success, and then send the data, save bandwidth, in fact, post request the default is to do so.
3. HTTP 1.1 the host field. As the virtual host can support multiple domain names, so in general will get the DNS host.
• The main changes HTTP2.0 of:
1. HTTP 2.0 support multiplexing, the same connection can handle multiple requests concurrently, it is split into a plurality of HTTP data packet frames, the transmission order concurrent reassembled on the other side according to the serial number, without the need a HTTP requests in order of arrival;
2. HTTP 2.0 support server push, then the server is an HTTP request arrives, in addition to return data, but also additional content to the push client;
3. HTTP 2.0 request header compression, the basic unit is a binary colleagues frame stream, such data is less space;
4. HTTP 2.0 HTTPS scenario applies, because it added a layer of SSL HTTP and TCP layer in the middle.
Twelve: HTTPS working process?
1. The client sends an encrypted rules to support your own server, tells the server to connect on behalf of the;
2. Server to choose the set of encryption algorithms and hash algorithms as well as their identity information (address, etc.) is sent in the form of a certificate to the browser, the certificate contains server information, public key encryption, Agency certificate;
3. After the client receives the certificate of the site to do the following things:
• 3.1 verify the legitimacy of the certificate;
• 3.2 If verification certificate, the browser will generate a string of random numbers and encrypted with the public key in the certificate;
• 3.3 good agreement with the calculated hash algorithm handshake message, and then encrypted with the secret key generated, and then sent to the server together.
4. The server receives information of the client pass over, do the following things:
• 4.1 with keys parse out the password, password handshake message parsing, validation and consistent hash value is sent to the browser;
• 4.2 using a secret key to encrypt the message;
5. If the calculated hash value is consistent method, handshake succeeds.
Thirteen: HTTP and HTTPS difference?
1. overhead: HTTPS protocol requires the CA to request a certificate, usually very little free certificate, payment of fees;
2. Resource consumption: HTTP is the Hypertext Transfer Protocol, information is transmitted in the clear, HTTPS it is a security ssl encrypted transmission protocol, need to consume more CPU and memory resources;
3. Different ports: HTTP and HTTPS connection using a completely different, with the ports are not the same, the former is 80, which is 443;
4. Security: HTTP connection is very simple, stateless; the HTTPS protocol is constructed from TSL + HTTP encrypted transmission protocol, authentication of network protocols, security protocols than HTTP.
14: What is a digital signature?
To avoid data being replaced during transmission, such as hackers modify the content of your message, but you do not know, so we let the sender to make a digital signature, to be a summary of the message data encryption, such as MD5, get a sent with the signature, and data. Then the receiving end data encryption MD5 digest, and if the same signature, then the data is indeed true.
Five: What is a digital certificate?
Symmetric encryption, both parties use the public key to decrypt it. Although the digital signature can ensure data is not being replaced, but the data is encrypted by the public, if the public key is also to be replaced, you can still fake data, because users do not know each other to provide the public key is in fact false. Therefore, in order to ensure the sender's public key is really, CA will be responsible for issuing a certificate authority certificate, which the public is guaranteed to be true. When a user requests the server, the server certificate issued to the user, this certificate is built through a system of registration certificate.
Six: What is symmetric encryption and asymmetric encryption?
Symmetric key encryption means that encryption and decryption use the same key, the biggest problem with this approach is the key to send the question of how securely the key to your partner.
Refers to the use of asymmetric encryption asymmetric key pair that is: a public key and a private key, a public key can be freely published, but the private key known only to themselves. One ciphertext transmitted using the other's public key encryption, the other receives the encrypted information, using its own private key to decrypt.
Since the asymmetric encryption method does not require the private key to decrypt the transmission, it is possible to ensure security. However, symmetric encryption and compared. It is very slow, so we still have to use symmetric encryption to transmit information, but symmetric key used to encrypt we can send out through asymmetric encryption.