PS : Before reading this article, the article should read oh, so a better understanding ~~
an article link: a comparison of the whole HTTP protocol Comments (1)
Article Directory
It is a stateless protocol 1.HTTP
1.1 concept
No state is no protocol for transaction processing and memory, the server does not know what the client state. After that we are sending an HTTP request to the server, upon request, we will send the data over, however, send, has not recorded any message. The server can not know whether the two requests from the same browser, that server does not know what to do once on the user, each request is completely independent of each other.
1.2 stateless advantages and disadvantages
If the lack of state means that the subsequent processing required in front of the information, it must be retransmitted, which may result in the amount of data transmitted for each connection is increased. For example: when we log on a web site, we have set up their own preferences, when we close this page, you log in again, and again have to re-set. This is not seem too much trouble?
After the Web application client and server interact dynamically appear, HTTP stateless characteristics of a serious impediment to the realization of these applications, after all, is the need to interact with the past and a simple shopping cart program also need to know what in the end user before selecting the commodity. Thus, two kinds of techniques for maintaining HTTP state came into being, it is a cookies , while the other is the Session .
2. HTTP stateless problem solving
2.1 cookies
Cookie is issued to the client specific information from the server, and this information is stored in a text file on the client, then each time the client sends a request to the server will bring these special information, the server status record for the client .
Cookie can keep the conversation next time the user login information to the server, in other words, the next time you visit the same Web site, users will find not need to enter a user name and password are already logged in (of course, does not rule out manually delete Cookie). And there are some Cookie when the user exits the session is deleted, so you can effectively protect personal privacy.
Cookie mainly for the following three aspects:
- Session state management (such as user login status, cart, game scores or other information to be recorded)
- Personalized settings (such as user-defined settings, themes, etc.)
- Browser behavior tracking (such as tracking user behavior analysis, etc.)
Here another example user login, to facilitate understanding: after the user inputs a user name and password, the browser user name and password are sent to the server, for authentication, validation after passing user information to encrypt the encapsulated Cookie in response header returned to the browser.
HTTP/1.1 200 OK
Content-type: text/html
Set-Cookie: user_cookie=Rg3vHJZnehYLjVg7qi3bZjzg; Expires=Tue, 8 Feb 2020 21:47:38 GMT; Path=/; Domain=.169it.com; HttpOnly
[响应体]
The browser receives the server returns data, found that there is a response header: Set-Cookie, then it put the Cookie saved, then the next time the browser requests to the server, it will also be placed Cookie request header to the server :
GET /sample_page.html HTTP/1.1
Host: www.example.org
Cookie: user_cookie=Rg3vHJZnehYLjVg7qi3bZjzg
[请求体]
After the server receives a request from the request header to get the cookie, and then parse the information to the user, indicating that the user is signed, Cookie data is stored in the client.
Here we can see that the user information is stored in the Cookie, it is equivalent is saved in the browser, it says users can modify user information, this is an unsafe strategy!
Cookie is a limited duration, after the deadline passed, Cookie will fail. Or human may be deleted.
PS : The above is just a brief segment of (Cookies facilitate the understanding of the work), you can try your own login details, then divide Chorm developer tools - right, checking, network, Headers, go look at the specific process.
2.2 session
Session translated into the session, the server is a session object is created for each browser, the browser first request to the server, the server will generate a Session object for the browser, stored in the server and sends to the Session ID The client browser, the user session timeout or an explicit end to end.
- When a user first sends a request to the server, the server for the establishment of a session, and create a session identification number (sessionID) for this purpose.
- The user then all requests should include the identification number (sessionID). The server proofreading this identification number to determine which session the request belongs.
For session identification number (sessionID), there are two ways: Cookie and URL rewriting .
The cookie : Readers should thought, right, as long as the server settings Set-cookie header to transmit session identifier to the client, and the client thereafter every request will bring this identifier, because the cookie expiration time can be set , the cookie will be set that contains general information session expiration time is zero, ie the effective time of the browser process. As for how to deal with this browser 0, each browser has its own program, but the differences are not too large (generally reflected in a new browser window when);
URL rewriting : the so-called URL rewriting, as the name suggests is to rewrite the URL. Just think, before returning to the page requested by the user, all within the page URL back all the way to get parameters plus the session identifier (or add the path info part, etc.), so the user after receiving the response, no matter what clicks link or submit a form, will then bring in the session identifier, thus fulfilling to keep the session. Readers may think this is too much trouble, it is indeed the case, but if the client to disable the cookie, then, URL rewriting would be the first choice.
Detailed 3.URL
- Scheme: protocol name, is used to specify the transport protocol used, the most common is the HTTP protocol. Other commonly used protocols are:
| file: | For access to resources located in files on the local computer |
|---|---|
| ftp: | For access to resources on the FTP server |
| https: | HTTP over SSL protocol to access the Web server resources |
| mailto: | Access resources that belong email address, accessed via the SMTP protocol |
- // : URL tag symbol level, according to the syntax specified in RFC 1738, prior authorization information, the URL will each include a fixed hierarchy of "//" symbol.
Non-hierarchical structure URL: mailto: - login: password: identity authentication to access resources. In the URL, authentication belong option , at the time of application server resources, in some cases , the people and the need to specify a user password. If there is no authentication field, the default browser to anonymously access resources. ( This basic will not be used )
PS : Some need to log in page, enter your user name and password to log in. You can also choose the user name and password in the URL passed in the past - address: domain name portion (or IP address). It is the address of the server you want to access, in general, we use the domain name.
port: the server port is optional, and in the absence of designated ports, will default standard port to access protocol. Example: HTTP port is 80, HTTPs is the standard port 443, FTP standard port 21 - / path / resource: hierarchical file path that you want to access what resources the server above. When similar to our own computer to access the files inside, there will be a path, for example: D: \ qycache \ download. The path from here is the definition of UNIX , it is retained on the " / support".
- ? query_string: query string, non-essential fields , mainly responsible for passing any parameters of a series of non-hierarchical format to the specified server. The format is:
? Parameter name = value
when more than one parameter passed when desired, with the "&" connection.
For example :? Search q = & oq = Taobao Taobao & sourceid = chrome & ie = UTF -8
- #fragment: non-essential field , he applied to the client , the value of fragment ID is not transmitted to the server 's. In the actual scene, typically a segment ID anchor points to a page, the segment ID is set in advance with the anchor name matches, and scroll to the appropriate location. That is, # fragment will actually pointing at a page, but only displayed in the client.
PS : We actually used for filling in the browser, most of which are directly fill in the domain name or want to search to other parts of the browser will automatically clever for us to add.
4.HTTP is connectionless
Connectionless: client server processes the request, and after receiving the response the client, i.e., disconnected.
Remember we mentioned before we had a three-way handshake to establish a TCP connection Why? When the TCP connection is established, the server to the client finished passing messages, the server receives the client response (also possible for some reason the server interrupts the connection), the server will close the connection. The next time you think of communication, you have to re-establish a TCP connection.
Now, html page becomes very complicated, which may be embedded in a lot of pictures, text, video and the like, which each time to access these resources need to establish a TCP connection becomes inefficient, and it will be poor results.
4.1 to solve the problem without connections
To solve this problem without connections, HTTP request in the request packet header , set up a field: Connection: .
Connection: the Keep-Alive , after the completion of a web page open, between the client and the server for HTTP data transfer TCP connection is not closed , if the client access pages on the server again, will continue to use this one has been established connection. The default HTTP 1.1 persistent connection. Take advantage of persistent connections, when the page containing a plurality of elements (e.g. Applet, images), significantly reduce the time required to download. Of course , this connection is not always existed, in the case of time, unexpected power failure exceeds the limits Keep-Alive, the connection is dropped.
Connection: Close TCP represents a Request after completion, for transmitting data between the HTTP server and the client connection will be closed, when the client sends a Request again, re-establishment of the TCP connection.
5.HTTP Cache
When a request for static files (images, css, js), etc., the characteristics of these files are files do not change very often, these will be stored in the file does not change frequently, the client is a method of optimizing the user browsing experience. So this is the meaning of the client's cache.
PS : About HTTP caching mechanism, a lot of content, there is not much talk about it. Do front-end development of students may require deep knowledge of HTTP caching.
5.1 Why use HTTP caching
- Reduce redundant data transmission, saves network costs.
- Easing the pressure on the server, greatly improving the performance of the site
- Accelerate the speed of page loads client
5.2 browser some common HTTP Caching field (all the contents of HTTP message header)
5.2.1 Cache-Control attribute
- public: In the process of the return of an HTTP request, return any path passes, including some HTTP proxy server and the client browsers can cache the returned content.
- private: only initiated the request of the client can cache content.
- no-cache: a local client can be cached, but every time the server is authenticated before they can use the cache
- no-store: what can not be cached, only every resource request to the server.
- max-age = <seconds>: cache duration, the maximum time can be cached, cache after this time expires.
- s-max-age = <seconds>: specifically used in the proxy server, instead of max-age.
- must-revalidate: When the cache expires, the client must send a request to the source server, retrieve data, verify that the cache is already changed.
5.2.2 Pragma property
- no-cache: a local client can be cached, but every time after the server side validation before they can use the cache. (Commonly used in the HTTP / 1.0)
5.2.3 Expires property
- GMT Time: Indicates the time, allowing the server to send the client does not check the whereabouts before this time, while the direct use of cache. Cache-Control equivalent to the max-age. If the "max-age" or "s-max-age" directive in response header Cache-Control, then the Expires header is ignored.
Redirect is the meaning of the jump, URL you may have entered the domain name has permanently changed the address. Go to another address.
6. Summary
This paper summarizes some important features of the HTTP protocol and URL, as the second chapter explains the HTTP protocol, relative to the first chapter, it has been further deepened.
Because the HTTP protocol in any part of out terms, can speak for a long time, so the article just for HTTP protocol entry, to facilitate easier to understand. If you want to learn more, then, after reading the article with the frame, go little by little filled.
Article if inappropriate, please exhibitions ~ If you have questions, you can shout zone discuss Duck!
