https://www.cnblogs.com/TankXiao/archive/2012/02/13/2342672 .html HTTP Learn HTTPS: //www.cnblogs.com/TankXiao/archive/2012/02/06/2337728 .html Fiddler Learn ===================================================================================================== Hypertext Transfer Protocol (HTTP): it is a communication protocol that allows Hypertext Markup Language (HTML) documents transferred from the Web server to the client browser Currently we are using the HTTP /1.1 version We open a browser, enter the URL in the address bar, and then we saw the website. The principle is what is it: After entering the URL, our browser to the Web server sends an http request (http Request) ,
Web server for processing after receiving http requests (http Request),
Generate the corresponding http response (http Response) , and then sent to the browser,
the browser parses http response (http Response) in HTML, so that we see on the page.
-------------------------------------------------- ------------------------------------------
HTTP messages are classified into two: mainly http request packets and response packets http: http请求(http Request) ----> Browser server http响应(http Response) <---- ------------------------------------------------------------------------------------------ Our Request likely is the result of a proxy server, and finally reach the Web server. Process is as follows: request ----> request ----> Browser proxy server response <---- response <---- Proxy server is a transit point for network information, what function does: 1 . Improve access speed, most of the proxy server has a cache function. 2 . Break out, that is, over the wall 3 . Hide their identity. -----------------------------------------------------------------------------------------------------
URL (Uniform Resource Locator) address is used to describe a resource on the network, the basic format is as follows: schema://host[:port#]/path/.../[?query-string][#anchor] scheme-specific low-level protocol used (for example: http, https, ftp) IP address or domain name host HTTP server Port # default port for the HTTP server 80, this lower slogans may be omitted. If you use another port, you must specify, for example http://www.cnblogs.com:8080/ Path path to access a resource Query - String data transmitted to http server Anchor - anchor, which is a hyperlink, but hyperlinks inside pages, if the page is very long and the content inside is divided into N parts, so you can set an anchor at the top of the page To facilitate the viewer clicks the appropriate anchor, quick access to the appropriate location on this page. URL, the anchor at the far right, in front of a character " # ." For example: http://www.mywebsite.com/sj/test/test.aspx?name=sviergn&x=true#stuff Schema (agreement): http host (domain name): www.mywebsite.com path (resource Road King): / SJ / the Test / the Test.aspx Query String(参数): name=sviergn&x=true Anchor (Anchor): stuff ---------------------------------------------------------------------------------------------------------- HTTP protocol is stateless http protocol is stateless, this time with a client's request and the last request is no corresponding relations, http server, it does not know these two requests from the same client. To solve this problem, Web program introduced Cookie mechanism to maintain state.
--------------------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------------------
Open a web browser needs to send a lot of times Request
1. When you enter the URL http://www.cnblogs.com in the browser when the browser sends a Request to acquire the html http://www.cnblogs.com. Response sent back to the server to the browser.
2. Analysis of Response browser in HTML, and found a lot of references to other files, such as images, CSS files, JS file.
3. The browser will automatically send Request again to acquire images, CSS files, or JS files.
4. all other files are downloaded after the success. Web page was displayed.
Example: (fiddler there inspectors inside the RAW tab sub-tabs)
Detailed http protocol packet format
http request message:
POST https://anp.njpji.cn/un_manager/user/toLogin HTTP/1.1 Host: anp.njpji.cn Connection: keep-alive Content-Length: 85 Accept: */* Origin: https://anp.njpji.cn X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Content-Type: application/x-www-form-urlencoded;charset=UTF-8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Referer: https://anp.njpji.cn/un_manager/views/session/login.html Accept-Encoding: gzip, deflate, br Accept-Language: zh-CN,zh;q=0.9 Cookie: Hm_lvt_70a44149803685eae3a9163f23ea34b7=1566289322,1566346318; JSESSIONID=C8ACE0B8E7E4E05C0EDE0752C1B8A771 username=7droqslNzQg%3D&password=Jrrw3HiJ%2BArijSvr3jrq1Q%3D%3D&verificationCode=2395
http请求报文的结构: 浏览器发送给web服务器的http请求报文,如下所示:
先看Request 消息的结构, Request 消息分为3部分:
第一部分叫Request line, ------------>起始行
第二部分叫Request header, ------------>首部
第三部分是body, ------------>主体
注意:header和body之间有个空行,
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
第一行中的Method表示请求方法,比如"POST","GET", Path-to-resoure表示请求的资源, Http/version-number 表示HTTP协议的版本号。
当使用的是"GET" 方法的时候, body是为空的。
我们打开Fiddler 捕捉一个登录的Request 然后分析下它的结构, 在Inspectors tab下以Raw的方式可以看到完整的Request的消息。
请求方法 请求资源即URL http协议的版本号 POST https://anp.njpji.cn/un_manager/user/toLogin HTTP/1.1 ---------起始行 Host: anp.njpji.cn --------->下面是header首部 Connection: keep-alive Content-Length: 85 Accept: */* Origin: https://anp.njpji.cn X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Content-Type: application/x-www-form-urlencoded;charset=UTF-8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Referer: https://anp.njpji.cn/un_manager/views/session/login.html Accept-Encoding: gzip, deflate, br Accept-Language: zh-CN,zh;q=0.9 Cookie: Hm_lvt_70a44149803685eae3a9163f23ea34b7=1566289322,1566346318; JSESSIONID=5C305287359661147AD9C5570451A7E8 ------->空行 username=7droqslNzQg%3D&password=Jrrw3HiJ%2BArijSvr3jrq1Q%3D%3D&verificationCode=0237 ------> 此处为body主体
===========================================================================================================
http响应报文:
HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Sun, 29 Dec 2019 08:09:54 GMT Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN 49 {"respCode":"00","respDesc":"用户账户信息校验成功","data":null} 0
http响应报文结构: web服务器发送给浏览器的http响应报文内容:
Response消息的结构, 和Request消息的结构基本一样。 同样也分为三部分:
第一部分叫Response line, ------------>响应行
第二部分叫Response header, ------------>响应首部
第三部分是body, ------------>主体
header和body之间也有个空行,
第一行,起始行中有状态码,和状态码消息
HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Sat, 07 Dec 2019 09:05:17 GMT Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN 49 {"respCode":"00","respDesc":"用户账户信息校验成功","data":null} 0
=============================================================================================
解压http响应:
有的时候再fiddler抓包的过程中,经常看到http响应是乱码,单击:" Response body is encoded.Click to decode "按钮;
可以解压http响应。如下图:
