SlideShare a Scribd company logo
1 of 63
Making the Most of
HTTP In Your Apps
  Ben Ramsey • php|tek • 22 May 2009
Why HTTP?
Because you are a
Web developer.
HTTP is the Web.
That’s all I have to
say about that.
Some properties of
HTTP...
❖ A client-server architecture

❖ Atomic

❖ Cacheable

❖ A uniform interface

❖ Layered

❖ Code on demand
Now, what does
that sound like?
REST!
And, that’s all I have
to say about that,
too.
Our focus today...
❖ Methods

❖ Status Codes

❖ Playing with raw HTTP

❖ HTTP in PHP
Defining safe &
idempotent
methods
Safe methods

❖ GET & HEAD should not take action
  other than retrieval
❖ These are considered safe

❖ Allows agents to represent POST, PUT, &
  DELETE in a special way
Idempotence
❖ Side-effects of N > 0 identical requests is
  the same as for a single request
❖ GET, HEAD, PUT and DELETE share this
  property
❖ OPTIONS and TRACE are inherently
  idempotent
Methods
GET

❖ Retrieval of information

❖ Transfers a representation of a resource
  from the server to the client
❖ Safe

❖ Idempotent
HEAD
❖ Identical to GET, except...

❖ Returns only the headers, not the body

❖ Useful for getting details about a
  resource representation before retrieving
  the full representation
❖ Safe

❖ Idempotent
POST

❖ The body content should be accepted as
  a new subordinate of the resource
❖ Append, annotate, paste after

❖ Not safe

❖ Non-idempotent
PUT
❖ Opposite of GET

❖ Storage of information

❖ Transfers a representation of a resource
  from the client to the server
❖ Not safe

❖ Idempotent
DELETE

❖ Requests that the resource identified be
  removed from public access
❖ Not safe

❖ Idempotent
Other methods

❖ OPTIONS

❖ TRACE

❖ CONNECT
Status codes
❖ Informational (1xx)

❖ Successful (2xx)

❖ Redirection (3xx)

❖ Client error (4xx)

❖ Server error (5xx)
Informational (1xx)
100 Continue
1. Client sends a request without a body
   and includes the Expect: 100-continue
   header and all other headers

2. Server determines whether it will accept
   the request and responds with 100
   Continue (or a 4xx code on error)

3. Client sends the request again with the
   body and without the Expect header
1



POST /content/videos HTTP/1.1
Host: example.org
Content-Type: video/mp4
Content-Length: 115910000
Authorization: Basic bWFkZTp5b3VfbG9vaw==
Expect: 100-continue
Failure state
                       2



HTTP/1.1 413 Request Entity Too Large
Date: Thu, 21 May 2009 23:05:15 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
X-Powered-By: PHP/5.3.0RC2
Content-Length: 0
Connection: close
Content-Type: text/html
Success state
                       2



HTTP/1.1 100 Continue
Date: Thu, 21 May 2009 23:05:15 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
X-Powered-By: PHP/5.3.0RC2
Content-Length: 0
Content-Type: text/html
3



POST /content/videos HTTP/1.1
Host: example.org
Content-Type: video/mp4
Content-Length: 115910000
Authorization: Basic bWFkZTp5b3VfbG9vaw==

{binary video data}
4


HTTP/1.1 201 Created
Date: Thu, 21 May 2009 23:05:34 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
X-Powered-By: PHP/5.3.0RC2
Content-Length: 119
Content-Type: text/html
Location: http://example.org/content/videos/1234

<html><body><p>Video uploaded! Go <a
href=quot;http://example.org/content/videos/
1234quot;>here</a> to see it.</p></body></html>
Successful (2xx)
200 OK
GET /content/videos/1234 HTTP/1.1
Host: example.org

HTTP/1.x 200 OK
Date: Thu, 21 May 2009 23:08:35 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
X-Powered-By: PHP/5.3.0RC2
Content-Type: video/mp4
Content-Length: 115910000

{binary data}
201 Created
                       1



POST /content/videos HTTP/1.1
Host: example.org
Content-Type: video/mp4
Content-Length: 115910000
Authorization: Basic bWFkZTp5b3VfbG9vaw==

{binary video data}
201 Created
                       2


HTTP/1.x 201 Created
Date: Thu, 21 May 2009 23:05:34 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
X-Powered-By: PHP/5.3.0RC2
Content-Length: 119
Content-Type: text/html
Location: http://example.org/content/videos/1234

<html><body><p>Video uploaded! Go <a
href=quot;http://example.org/content/videos/
1234quot;>here</a> to see it.</p></body></html>
202 Accepted
                       2

HTTP/1.x 202 Accepted
Date: Thu, 21 May 2009 23:05:34 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
X-Powered-By: PHP/5.3.0RC2
Content-Length: 137
Content-Type: text/html
Location:
  http://example.org/content/videos/1234/status

<html><body><p>Video processing! Check <a
href=quot;http://example.org/content/videos/1234/
statusquot;>here</a> for the status.</p></body></
html>
204 No Content
                       1



DELETE /content/videos/1234 HTTP/1.1
Host: example.org
Authorization: Basic bWFkZTp5b3VfbG9vaw==
204 No Content
                       2



HTTP/1.x 204 No Content
Date: Thu, 21 May 2009 23:28:34 GMT
205 Reset Content
 “The server has fulfilled the request and
 the user agent SHOULD reset the
 document view which caused the request
 to be sent. This response is primarily
 intended to allow input for actions to take
 place via user input, followed by a clearing
 of the form in which the input is given so
 that the user can easily initiate another
 input action.”
206 Partial Content

❖ Used when requests are made for
  ranges of bytes from a resource
❖ Determine whether a server supports
  range requests by checking for the
  Accept-Ranges header with HEAD
1



HEAD /2390/2253727548_a413c88ab3_s.jpg
HTTP/1.1
Host: farm3.static.flickr.com
2



HTTP/1.0 200 OK
Date: Mon, 05 May 2008 00:33:14 GMT
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 3980
Content-Type: image/jpeg
3



GET /2390/2253727548_a413c88ab3_s.jpg HTTP/1.1
Host: farm3.static.flickr.com
Range: bytes=0-999
4



HTTP/1.0 206 Partial Content
Date: Mon, 05 May 2008 00:36:57 GMT
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 1000
Content-Range: bytes 0-999/3980
Content-Type: image/jpeg

{binary data}
Redirection (3xx)
303 See Other
❖ The response to your request can be
  found at another URL identified by the
  Location header
❖ The client should make a GET request
  on that URL
❖ The Location is not a substitute for this
  URL
307 Temporary
Redirect
❖ The resource resides temporarily at the
  URL identified by the Location
❖ The Location may change, so don’t
  update your links
❖ If the request is not GET or HEAD, then
  you must allow the user to confirm the
  action
302 Found
❖ The resource has been found at another
  URL identified by the Location header
❖ The new URL might be temporary, so the
  client should continue to use this URL
❖ Redirections SHOULD be confirmed by
  the user (in practice, browsers don’t
  respect this)
301 Moved
Permanently
❖ The resource has moved permanently to
  the URL indicated by the Location
  header
❖ You should update your links accordingly

❖ Great for forcing search engines, etc. to
  index the new URL instead of this one
Client error (4xx)
❖ 400 Bad Request

❖ 401 Unauthorized / 403 Forbidden

❖ 404 Not Found

❖ 405 Method Not Allowed

❖ 410 Gone
❖ 411 Length Required

❖ 413 Request Entity Too Large

❖ 415 Unsupported Media Type

❖ 416 Requested Range Not Satisfiable
Server error (5xx)
❖ 500 Internal Server Error

❖ 503 Service Unavailable
Manipulating raw
HTTP
[bramsey@pippin ~] telnet phparch.com 80
[bramsey@pippin ~] telnet phparch.com 80
Trying 64.34.173.96...
Connected to phparch.com.
Escape character is '^]'.
[bramsey@pippin ~] telnet phparch.com 80
Trying 64.34.173.96...
Connected to phparch.com.
Escape character is '^]'.
HEAD / HTTP/1.1
Host: phparch.com
[bramsey@pippin ~] telnet phparch.com 80
Trying 64.34.173.96...
Connected to phparch.com.
Escape character is '^]'.
HEAD / HTTP/1.1
Host: phparch.com

HTTP/1.1 200 OK
Date: Thu, 21 May 2009 21:01:06 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.5 mod_ssl/2.2.9
  OpenSSL/0.9.8g
X-Powered-By: PHP/5.2.5
Set-Cookie: PHPSESSID=eeeff50d3b6ae241c934a5c2671b0005;
  expires=Sun, 21 Jun 2009 21:01:07 GMT; path=/;
  domain=.phparch.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate,
  post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8

Connection closed by foreign host.
Using HTTP in PHP
❖ header() function
  http://php.net/header

❖ Client URL library (cURL)
  http://php.net/curl

❖ Streams
  http://php.net/streams

❖ HTTP extension (pecl/http)
  http://php.net/http
Questions?
❖ Slides posted at benramsey.com

❖ Rate this talk at joind.in/213

❖ Read the HTTP spec at
  tools.ietf.org/html/rfc2616
❖ My company is Schematic
  schematic.com

More Related Content

What's hot

Uncovering XACML to solve real world business use cases
Uncovering XACML to solve real world business use cases Uncovering XACML to solve real world business use cases
Uncovering XACML to solve real world business use cases
WSO2
 
Best Practices in Web Service Design
Best Practices in Web Service DesignBest Practices in Web Service Design
Best Practices in Web Service Design
Lorna Mitchell
 
Intro to web services
Intro to web servicesIntro to web services
Intro to web services
Neil Ghosh
 

What's hot (20)

REST & RESTful Web Service
REST & RESTful Web ServiceREST & RESTful Web Service
REST & RESTful Web Service
 
The never-ending REST API design debate
The never-ending REST API design debateThe never-ending REST API design debate
The never-ending REST API design debate
 
What Makes a Great Open API?
What Makes a Great Open API?What Makes a Great Open API?
What Makes a Great Open API?
 
Uncovering XACML to solve real world business use cases
Uncovering XACML to solve real world business use cases Uncovering XACML to solve real world business use cases
Uncovering XACML to solve real world business use cases
 
Restful web services ppt
Restful web services pptRestful web services ppt
Restful web services ppt
 
Best Practices in Web Service Design
Best Practices in Web Service DesignBest Practices in Web Service Design
Best Practices in Web Service Design
 
ReST (Representational State Transfer) Explained
ReST (Representational State Transfer) ExplainedReST (Representational State Transfer) Explained
ReST (Representational State Transfer) Explained
 
REST vs SOAP
REST vs SOAPREST vs SOAP
REST vs SOAP
 
Spring MVC to iOS and the REST
Spring MVC to iOS and the RESTSpring MVC to iOS and the REST
Spring MVC to iOS and the REST
 
gRPC, GraphQL, REST - Which API Tech to use - API Conference Berlin oct 20
gRPC, GraphQL, REST - Which API Tech to use - API Conference Berlin oct 20gRPC, GraphQL, REST - Which API Tech to use - API Conference Berlin oct 20
gRPC, GraphQL, REST - Which API Tech to use - API Conference Berlin oct 20
 
Access Denied: Real-World Use Cases for APEX and Real Application Security
Access Denied: Real-World Use Cases for APEX and Real Application SecurityAccess Denied: Real-World Use Cases for APEX and Real Application Security
Access Denied: Real-World Use Cases for APEX and Real Application Security
 
Intro to web services
Intro to web servicesIntro to web services
Intro to web services
 
Soap web service
Soap web serviceSoap web service
Soap web service
 
Rest web services
Rest web servicesRest web services
Rest web services
 
Learn REST in 18 Slides
Learn REST in 18 SlidesLearn REST in 18 Slides
Learn REST in 18 Slides
 
REST-API design patterns
REST-API design patternsREST-API design patterns
REST-API design patterns
 
RESTful API - Best Practices
RESTful API - Best PracticesRESTful API - Best Practices
RESTful API - Best Practices
 
Requirement Elicitation Techniques
Requirement Elicitation Techniques Requirement Elicitation Techniques
Requirement Elicitation Techniques
 
introduction about REST API
introduction about REST APIintroduction about REST API
introduction about REST API
 
Soap Vs Rest
Soap Vs RestSoap Vs Rest
Soap Vs Rest
 

Viewers also liked

Web server คืออะไร
Web server คืออะไรWeb server คืออะไร
Web server คืออะไร
Sudkamon Play
 

Viewers also liked (6)

Web server คืออะไร
Web server คืออะไรWeb server คืออะไร
Web server คืออะไร
 
Technical SEO - Alec Bertram's Presentation from London Affiliate Conference ...
Technical SEO - Alec Bertram's Presentation from London Affiliate Conference ...Technical SEO - Alec Bertram's Presentation from London Affiliate Conference ...
Technical SEO - Alec Bertram's Presentation from London Affiliate Conference ...
 
Linux-Fu for PHP Developers
Linux-Fu for PHP DevelopersLinux-Fu for PHP Developers
Linux-Fu for PHP Developers
 
Преобразование Perl-структур в XML. Трефилова Екатерина. Moscow.pm 6 июля 2013
Преобразование Perl-структур в XML. Трефилова Екатерина. Moscow.pm 6 июля 2013Преобразование Perl-структур в XML. Трефилова Екатерина. Moscow.pm 6 июля 2013
Преобразование Perl-структур в XML. Трефилова Екатерина. Moscow.pm 6 июля 2013
 
CDI, Seam & RESTEasy: You haven't seen REST yet!
CDI, Seam & RESTEasy: You haven't seen REST yet!CDI, Seam & RESTEasy: You haven't seen REST yet!
CDI, Seam & RESTEasy: You haven't seen REST yet!
 
Cqrs api
Cqrs apiCqrs api
Cqrs api
 

Similar to Making the Most of HTTP In Your Apps

Interactive web. O rly?
Interactive web. O rly?Interactive web. O rly?
Interactive web. O rly?
timbc
 
5. HTTP и приятели
5. HTTP и приятели5. HTTP и приятели
5. HTTP и приятели
Stefan Kanev
 

Similar to Making the Most of HTTP In Your Apps (20)

Hidden Gems in HTTP
Hidden Gems in HTTPHidden Gems in HTTP
Hidden Gems in HTTP
 
HTTP Basics Demo
HTTP Basics DemoHTTP Basics Demo
HTTP Basics Demo
 
Apache and PHP: Why httpd.conf is your new BFF!
Apache and PHP: Why httpd.conf is your new BFF!Apache and PHP: Why httpd.conf is your new BFF!
Apache and PHP: Why httpd.conf is your new BFF!
 
HTTP fundamentals for developers
HTTP fundamentals for developersHTTP fundamentals for developers
HTTP fundamentals for developers
 
Speed = $$$
Speed = $$$Speed = $$$
Speed = $$$
 
DEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacksDEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacks
 
IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."
IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."
IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."
 
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc  2015 HTTP 1, HTTP 2 and folksDevoxx Maroc  2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
 
Resource-Oriented Web Services
Resource-Oriented Web ServicesResource-Oriented Web Services
Resource-Oriented Web Services
 
Interactive web. O rly?
Interactive web. O rly?Interactive web. O rly?
Interactive web. O rly?
 
Http capturing
Http capturingHttp capturing
Http capturing
 
HTTP
HTTPHTTP
HTTP
 
HTTP.pdf
HTTP.pdfHTTP.pdf
HTTP.pdf
 
Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018
 
Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018
 
5. HTTP и приятели
5. HTTP и приятели5. HTTP и приятели
5. HTTP и приятели
 
Implementing Early Hints in Chrome - Approaches and Challenges
Implementing Early Hints in Chrome - Approaches and ChallengesImplementing Early Hints in Chrome - Approaches and Challenges
Implementing Early Hints in Chrome - Approaches and Challenges
 
gofortution
gofortutiongofortution
gofortution
 
rest3d Web3D 2014
rest3d Web3D 2014rest3d Web3D 2014
rest3d Web3D 2014
 
WWW and HTTP
WWW and HTTPWWW and HTTP
WWW and HTTP
 

More from Ben Ramsey

Api Versioning
Api VersioningApi Versioning
Api Versioning
Ben Ramsey
 

More from Ben Ramsey (12)

Api Versioning
Api VersioningApi Versioning
Api Versioning
 
Grokking REST (ZendCon 2010)
Grokking REST (ZendCon 2010)Grokking REST (ZendCon 2010)
Grokking REST (ZendCon 2010)
 
Desktop Apps with PHP and Titanium (ZendCon 2010)
Desktop Apps with PHP and Titanium (ZendCon 2010)Desktop Apps with PHP and Titanium (ZendCon 2010)
Desktop Apps with PHP and Titanium (ZendCon 2010)
 
Introduction to AtomPub Web Services
Introduction to AtomPub Web ServicesIntroduction to AtomPub Web Services
Introduction to AtomPub Web Services
 
Caching with Memcached and APC
Caching with Memcached and APCCaching with Memcached and APC
Caching with Memcached and APC
 
Desktop Apps with PHP and Titanium
Desktop Apps with PHP and TitaniumDesktop Apps with PHP and Titanium
Desktop Apps with PHP and Titanium
 
Give Your Site a Boost with Memcache
Give Your Site a Boost with MemcacheGive Your Site a Boost with Memcache
Give Your Site a Boost with Memcache
 
Grokking the REST Architectural Style
Grokking the REST Architectural StyleGrokking the REST Architectural Style
Grokking the REST Architectural Style
 
Around the PHP Community
Around the PHP CommunityAround the PHP Community
Around the PHP Community
 
You Look Like You Could Use Some REST!
You Look Like You Could Use Some REST!You Look Like You Could Use Some REST!
You Look Like You Could Use Some REST!
 
Distribution and Publication With Atom Web Services
Distribution and Publication With Atom Web ServicesDistribution and Publication With Atom Web Services
Distribution and Publication With Atom Web Services
 
Distribution and Publication With Atom Web Services
Distribution and Publication With Atom Web ServicesDistribution and Publication With Atom Web Services
Distribution and Publication With Atom Web Services
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 

Making the Most of HTTP In Your Apps

  • 1. Making the Most of HTTP In Your Apps Ben Ramsey • php|tek • 22 May 2009
  • 3. Because you are a Web developer.
  • 4. HTTP is the Web.
  • 5. That’s all I have to say about that.
  • 7. ❖ A client-server architecture ❖ Atomic ❖ Cacheable ❖ A uniform interface ❖ Layered ❖ Code on demand
  • 8. Now, what does that sound like?
  • 10. And, that’s all I have to say about that, too.
  • 12. ❖ Methods ❖ Status Codes ❖ Playing with raw HTTP ❖ HTTP in PHP
  • 14. Safe methods ❖ GET & HEAD should not take action other than retrieval ❖ These are considered safe ❖ Allows agents to represent POST, PUT, & DELETE in a special way
  • 15. Idempotence ❖ Side-effects of N > 0 identical requests is the same as for a single request ❖ GET, HEAD, PUT and DELETE share this property ❖ OPTIONS and TRACE are inherently idempotent
  • 17. GET ❖ Retrieval of information ❖ Transfers a representation of a resource from the server to the client ❖ Safe ❖ Idempotent
  • 18. HEAD ❖ Identical to GET, except... ❖ Returns only the headers, not the body ❖ Useful for getting details about a resource representation before retrieving the full representation ❖ Safe ❖ Idempotent
  • 19. POST ❖ The body content should be accepted as a new subordinate of the resource ❖ Append, annotate, paste after ❖ Not safe ❖ Non-idempotent
  • 20. PUT ❖ Opposite of GET ❖ Storage of information ❖ Transfers a representation of a resource from the client to the server ❖ Not safe ❖ Idempotent
  • 21. DELETE ❖ Requests that the resource identified be removed from public access ❖ Not safe ❖ Idempotent
  • 22. Other methods ❖ OPTIONS ❖ TRACE ❖ CONNECT
  • 24. ❖ Informational (1xx) ❖ Successful (2xx) ❖ Redirection (3xx) ❖ Client error (4xx) ❖ Server error (5xx)
  • 27. 1. Client sends a request without a body and includes the Expect: 100-continue header and all other headers 2. Server determines whether it will accept the request and responds with 100 Continue (or a 4xx code on error) 3. Client sends the request again with the body and without the Expect header
  • 28. 1 POST /content/videos HTTP/1.1 Host: example.org Content-Type: video/mp4 Content-Length: 115910000 Authorization: Basic bWFkZTp5b3VfbG9vaw== Expect: 100-continue
  • 29. Failure state 2 HTTP/1.1 413 Request Entity Too Large Date: Thu, 21 May 2009 23:05:15 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 0 Connection: close Content-Type: text/html
  • 30. Success state 2 HTTP/1.1 100 Continue Date: Thu, 21 May 2009 23:05:15 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 0 Content-Type: text/html
  • 31. 3 POST /content/videos HTTP/1.1 Host: example.org Content-Type: video/mp4 Content-Length: 115910000 Authorization: Basic bWFkZTp5b3VfbG9vaw== {binary video data}
  • 32. 4 HTTP/1.1 201 Created Date: Thu, 21 May 2009 23:05:34 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 119 Content-Type: text/html Location: http://example.org/content/videos/1234 <html><body><p>Video uploaded! Go <a href=quot;http://example.org/content/videos/ 1234quot;>here</a> to see it.</p></body></html>
  • 34. 200 OK GET /content/videos/1234 HTTP/1.1 Host: example.org HTTP/1.x 200 OK Date: Thu, 21 May 2009 23:08:35 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Type: video/mp4 Content-Length: 115910000 {binary data}
  • 35. 201 Created 1 POST /content/videos HTTP/1.1 Host: example.org Content-Type: video/mp4 Content-Length: 115910000 Authorization: Basic bWFkZTp5b3VfbG9vaw== {binary video data}
  • 36. 201 Created 2 HTTP/1.x 201 Created Date: Thu, 21 May 2009 23:05:34 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 119 Content-Type: text/html Location: http://example.org/content/videos/1234 <html><body><p>Video uploaded! Go <a href=quot;http://example.org/content/videos/ 1234quot;>here</a> to see it.</p></body></html>
  • 37. 202 Accepted 2 HTTP/1.x 202 Accepted Date: Thu, 21 May 2009 23:05:34 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 137 Content-Type: text/html Location: http://example.org/content/videos/1234/status <html><body><p>Video processing! Check <a href=quot;http://example.org/content/videos/1234/ statusquot;>here</a> for the status.</p></body></ html>
  • 38. 204 No Content 1 DELETE /content/videos/1234 HTTP/1.1 Host: example.org Authorization: Basic bWFkZTp5b3VfbG9vaw==
  • 39. 204 No Content 2 HTTP/1.x 204 No Content Date: Thu, 21 May 2009 23:28:34 GMT
  • 40. 205 Reset Content “The server has fulfilled the request and the user agent SHOULD reset the document view which caused the request to be sent. This response is primarily intended to allow input for actions to take place via user input, followed by a clearing of the form in which the input is given so that the user can easily initiate another input action.”
  • 41. 206 Partial Content ❖ Used when requests are made for ranges of bytes from a resource ❖ Determine whether a server supports range requests by checking for the Accept-Ranges header with HEAD
  • 43. 2 HTTP/1.0 200 OK Date: Mon, 05 May 2008 00:33:14 GMT Server: Apache/2.0.52 (Red Hat) Accept-Ranges: bytes Content-Length: 3980 Content-Type: image/jpeg
  • 44. 3 GET /2390/2253727548_a413c88ab3_s.jpg HTTP/1.1 Host: farm3.static.flickr.com Range: bytes=0-999
  • 45. 4 HTTP/1.0 206 Partial Content Date: Mon, 05 May 2008 00:36:57 GMT Server: Apache/2.0.52 (Red Hat) Accept-Ranges: bytes Content-Length: 1000 Content-Range: bytes 0-999/3980 Content-Type: image/jpeg {binary data}
  • 47. 303 See Other ❖ The response to your request can be found at another URL identified by the Location header ❖ The client should make a GET request on that URL ❖ The Location is not a substitute for this URL
  • 48. 307 Temporary Redirect ❖ The resource resides temporarily at the URL identified by the Location ❖ The Location may change, so don’t update your links ❖ If the request is not GET or HEAD, then you must allow the user to confirm the action
  • 49. 302 Found ❖ The resource has been found at another URL identified by the Location header ❖ The new URL might be temporary, so the client should continue to use this URL ❖ Redirections SHOULD be confirmed by the user (in practice, browsers don’t respect this)
  • 50. 301 Moved Permanently ❖ The resource has moved permanently to the URL indicated by the Location header ❖ You should update your links accordingly ❖ Great for forcing search engines, etc. to index the new URL instead of this one
  • 52. ❖ 400 Bad Request ❖ 401 Unauthorized / 403 Forbidden ❖ 404 Not Found ❖ 405 Method Not Allowed ❖ 410 Gone
  • 53. ❖ 411 Length Required ❖ 413 Request Entity Too Large ❖ 415 Unsupported Media Type ❖ 416 Requested Range Not Satisfiable
  • 55. ❖ 500 Internal Server Error ❖ 503 Service Unavailable
  • 57. [bramsey@pippin ~] telnet phparch.com 80
  • 58. [bramsey@pippin ~] telnet phparch.com 80 Trying 64.34.173.96... Connected to phparch.com. Escape character is '^]'.
  • 59. [bramsey@pippin ~] telnet phparch.com 80 Trying 64.34.173.96... Connected to phparch.com. Escape character is '^]'. HEAD / HTTP/1.1 Host: phparch.com
  • 60. [bramsey@pippin ~] telnet phparch.com 80 Trying 64.34.173.96... Connected to phparch.com. Escape character is '^]'. HEAD / HTTP/1.1 Host: phparch.com HTTP/1.1 200 OK Date: Thu, 21 May 2009 21:01:06 GMT Server: Apache/2.2.9 (Debian) PHP/5.2.5 mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.5 Set-Cookie: PHPSESSID=eeeff50d3b6ae241c934a5c2671b0005; expires=Sun, 21 Jun 2009 21:01:07 GMT; path=/; domain=.phparch.com Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html; charset=utf-8 Connection closed by foreign host.
  • 62. ❖ header() function http://php.net/header ❖ Client URL library (cURL) http://php.net/curl ❖ Streams http://php.net/streams ❖ HTTP extension (pecl/http) http://php.net/http
  • 63. Questions? ❖ Slides posted at benramsey.com ❖ Rate this talk at joind.in/213 ❖ Read the HTTP spec at tools.ietf.org/html/rfc2616 ❖ My company is Schematic schematic.com