SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
http presentation 1.pptx
1. HTTP
• HTTP stands for Hypertext TransferProtocol.
• It is an TCP/IP based communication protocol which is used to
deliver virtually all files and other data, collectively called
resources, on the World Wide Web. These resources could be
HTML files, image files, query results, or anything else.
• It is a Client-Server based protocol.
• Here the browser works as an HTTP client because it sends
requests to an HTTP server which is called Web server. The
Web Server then sends responses back to the client.
• The standard and default port for HTTP servers to listen on is
80.
2. WHY HTTP?
• HTTP is like SMTP because the data transferred
between the client and server are similar in
appearance to SMTP messages. Also, the format
of the messages is controlled by MIME-like
headers
.BUT unlike SMTP HTTP doesn’t store the
intermediate messages it just transmits them
dynamically.
• HTTP is like FTP because they both transfer files
and use the services of TCP . BUT unlike FTP
HTTP is non-persistent type whereas the former
one is persistent type.
• Thus HTTP incorporates the features of both FTP &
SMTP and can be considered to be a advanced
and augmented version of both.
3. • An client sends a request message to an
server. The server, returns a response message.
• The HTTP client first initiates a TCP connection with the server. Once the connection
is established, the browser and the server processes access TCP through their
socket interfaces
is a stateless protocol.
• In other words, the current request does not know what has been done in the
previous requests.
4. There are three important things about
HTTP of which you should be aware:
• HTTP is connectionless: After a request is made, the client disconnects
from the server and waits for a response. The server must re-establish the
connection after it process the request.
• HTTP is media independent: Any type of data can be sent by HTTP as
long as both the client and server know how to handle the datacontent.
• HTTP is stateless: This is a direct result of HTTP's being connectionless.
The server and client are aware of each other only during a request.
Afterwards, each forgets the other. For this reason neither the client nor the
browser can retain information between different request across the web
pages.
6. HTTP - URLs
• URL -- Uniform Resource Locator
•A URL is used to uniquely identify a resource over the web.
Syntax :
• protocol://hostname:port/path-and-file-
Name
Example :
http://xxx.myplace.com:80/cgi-bin/t.html
protocol (http, ftp, smtp,dns,news..etc)
host name (name.domain name)
port (usually 80 but many on 8080)
directory path to the resource
resource name
7. HTTP MESSAGES
HTTP messages act as the language in which web
clients and web servers talk to each other.
Each message, whether a request or a response, has
three parts:
1. The request or the response line
2. A header section
3. The body of the message
8. 10
What the client does??
The client sends a message to the server at a
particular port (80 is the default)
The first part of the message is the Request line
containing:
A method (HTTP command) such as GET or POST
A document address, and
An HTTP version number
Example:
GET /index.html HTTP/1.0
9. 14
What the client does, part II
The second part of a request is optional
Header information, such as:
What the client software is
What formats it can accept
All information is in the form Name: Value
Example:
User-Agent: Mozilla/2.02Gold (WinNT; I)
Accept: image/gif, image/jpeg, */*
A blank line ends the header
10. 15
Client request headers
Accept: type/subtype, type/subtype, ...
Specifies media types that the client prefers to accept
Accept-Language: en, fr, de
Preferred language (For example: English, French, German)
User-Agent: string
The browser or other client program sending the request
From: dave@acm.org
Email address of user of client program
Cookie: name=value
Information about a cookie for that URL
Multiple cookies can be separated by commas
12. What the server does, part I
The server response is also in three parts
The first part is the Status line, which tells:
The HTTP version
A status code
A short description of what the status codemeans
Example: HTTP/1.1 404 Not Found
Status codes are in groups:
100-199 Informational
200-299 The request was successful
300-399 The request was redirected
400-499 The request failed
500-599 A server error occurred
13. Common status codes
200 OK
Everything worked, here’s the data
301 Moved Permanently
URI was moved, but here’s the new address for your records
302 Moved temporarily
URL temporarily out of service, keep the old one but use this
one for now
400 Bad Request
There is a syntax error in your request
403 Forbidden
You can’t do this, and we won’t tell you why
404 Not Found
No such document
408 Request Time-out, 504 Gateway Time-out
Request took too long to fulfill for some reason
14. 20
Server response headers
The second part of the response is
Header information, ended by a blank line
Server: NCSA/1.3
Name and version of the server
Content-Type: type/subtype
Should be of a type and subtype specified by the
client’s Accept header
Set-Cookie: name=value; options
Requests the client to store a cookie with the given
name and value
15. Advantage of HTTP
Platform independent- Allows Straight
cross platform porting.
No Runtime support required to run properly.
Usable over Firewalls! Global
applications possible.
Not Connection Oriented- No network
overhead to create and maintain session state
and
16. HTTP Limitations
Security Concerns
Privacy
Anyone can see content
Integrity
Someone might alter content. HTTP is insecure since no
encryption methods are used. Hence is subject to man in the
middle and eavesdropping of sensitive information.
Authentication
Not clear who you are talking with. Authentication is sent in the
clear — Anyone who intercepts the request can determine the
username and password being used.
.
17. Conclusion
HTTP is a fairly straightforward protocol with a lot of
possible kinds of predefined header information
More kinds can be added, so long as client and server agree
A request from the client consists of three parts:
1. A header line
2. A block of header information, ending with a blankline
3. The (optional) entity body, containing data
A response from the server consists of the same three
parts
HTTP headers are “under the hood” information, not
normally displayed to the user