Introduction to HTTP

Allagappan M Emerging Markets

What were they thinking when they designed Internet?

Distribute (content) & Link were the keywords

What is it today? Ajaxy Web

It is a application development framework now.

Get basics right: What is the difference between Internet and WWW?

Internet ≅ TCP/IP Layer (Transport + Network Layer ) WWW ≅ HTTP + HTML (Application Layer) Web = Linked document

How internet works.

How HTTP Works.

Properties of HTTP Persistent Connections Session state Methods Status codes

Persistent connections

Non persistent connections (HTTP/1.0) Lookup what CSS/JS/IMG should be fetched Open TCP GET /style.css Close TCP Open TCP GET /logo.jpg Close TCP Open TCP GET /script.js Close TCP

Persistent Connections (HTTP/1.1)

Session state

Stateless-ness

Every subsequent visit via HTTP is same as the first visit.

Unlike SSH & FTP, HTTP works with a single TCP Connection which is used *only* for content transfer, and no additional connection is used to maintain sessions.

Cookies, Session IDs are alternative ways of maintaining sessions.

Statelessness = simplicity.

HTTP Methods

Understand HTTP request/response content before getting into methods.

GET /index.html HTTP/1.1 Host: example.com Referer: search.yahoo.com HTTP/1.1 200 OK Date: Wed, 28 Jan 2009 19:32:18 GMT Server: Apache/2.2.3 (CentOS) Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8 <HTML> <HEAD> <TITLE>Example Web Page</TITLE> </HEAD> <BODY> …… … .. Request Line Method + Resource Request Headers Response Line Statuscode Response Headers Response Body Request Response

HTTP Methods are verbs/actions acting on nouns/resources

GET nice_image

DELETE the_internet

POST my_new_email

GET /index.html (the actual stuff)

HTTP Methods

GET

POST

PUT

DELETE

TRACE

OPTIONS

CONNECT

HEAD

GET

Get any resource. Do not change the state of the server.

GET method is used:

when you click a link on any site.

when you bookmark any link and click it

when crawlers/robots crawl your site

Most of the cases when you want to fetch a document

GET requests are the ones which are cached (more on this later)

GET Methods can pass variables.

in the url itself.

/index.php?page=about&name=vikas

GET is Idempotent

Which means, how many ever times you hit the same resource, it should produce the same effect.

Getting /index.html any number of times should (ideally) give the same effect.

POST

Modify (Append) information in the server.

POST Changes the state of the server

POST is used

when you login into a site

when you comment, add blog entry

when you change twiki contents

(essentially) when you post/submit a form

When you post a comment to a site, you are changing the state of the server. That is what POST method is supposed to do.

POST can has pass variables

in the request body

where is the request body now?

POST /index.html HTTP/1.1 Host: example.com first_name=sheldon&last_name=cooper HTTP/1.1 200 OK Date: Wed, 28 Jan 2009 19:32:18 GMT Server: Apache/2.2.3 (CentOS) Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8 <HTML> <HEAD> <TITLE>Example Web Page</TITLE> </HEAD> <BODY> …… … .. POST Variables in request body

Browsers (HTML) support only GET and POST In the php land, you can use $_GET and $_POST to access those variables.

The least used methods

HEAD – Just get me the response headers

PUT – Create a new resource

DELETE – Delete the resource

TRACE – Get me back my request headers, after modifications done by intermediate servers.

OPTIONS – Gives back what all HTTP methods the server supports.

Statuscodes

1XX Informational

100 – Continue (Special Case)

2XX Success

200 – Success

3XX Redirection

301 – Moved Permanently (never hit me again)

302 – Found (temporary redirect)

304 – Not Modified – go ahead and use cached data

5XX Server Error

500 – Internal Server Error

4XX – Client Errors 400 Bad Request http://www.flickr.com/photos/apelad/sets/72157594388426362/

4XX – Client Errors 401 Not Authorized http://www.flickr.com/photos/apelad/sets/72157594388426362/

4XX – Client Errors 402 Payment required http://www.flickr.com/photos/apelad/sets/72157594388426362/

4XX – Client Errors 404 Not Found http://www.flickr.com/photos/apelad/sets/72157594388426362/

4XX – Client Errors 405 Method not allowed http://www.flickr.com/photos/apelad/sets/72157594388426362/

4XX – Client Errors 408 Request timed out http://www.flickr.com/photos/apelad/sets/72157594388426362/

4XX – Client Errors 411 Length Required http://www.flickr.com/photos/apelad/sets/72157594388426362/detail/

Important Request Headers

Accept : text/html (Acceptable mime formats)

Referer : example.com (Which page lead to this page)

User-Agent : Firefox/Safari (Type of browser)

Host : yahoo.com (Domain name, reqd for 1.1)

Connection : close/keep-alive

Date : 12 th Sep 1996 (When the req was sent)

Important Response Headers

Content-type : text/html

Content-Encoding : utf8 (Encoding type)

Content-Length : Length in bytes

Server : Apache/IIS (Name of the server, like user-agent)

Location : new-site.com (For redirection)

Most of other important headers are part of Cookie and Cache modifiers

Cookies and HTTP Caching is a very big topic. I’m going to cover from 40,000 ft above.

Cookies help servers to store and retrieve state of the client. If I log into a site, the server issues me cookie, which is stored in the browser.

The next time I request the page, I send the cookie which the server gave me. This time, the server will understand who I am. (You are the guy, whom I gave ‘@#’ cookie – here is your email)

Cookies Yes No Next request Server does a Set-Cookie

HTTP Caching