Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Introduction to HTTP
Aviran Mordo
Head Of Back-End Engineering @ Wix
@aviranm
http://www.linkedin.com/in/aviran
http://www...
Intro
• The Hyper Text Transfer Protocol (HTTP) is a client-server
network protocol
• In use by the World-Wide Web since 1...
HTTP Request Message
HTTP
Method

relative URL of the resource
or a full URL

HTTP
Version

GET /website/template/photogra...
HTTP Response
Status
line

HTTP/1.1 200 OK
X-Seen-By: sputnik3.aus_dsp
X-Seen-By: s3.aus_pp
Date: Wed, 21 Aug 2013 09:02:4...
Everything is an extendable convention
• You may create your own headers
• You may create your own methods
• You may not i...
HTTP Methods
• GET method means retrieve whatever information. Is identified
by the Request-URI
• POST - used to send data...
HTTP Headers
• Accept: text/plain; - specify certain media types which are acceptable for the response.
• Accept-Encoding:...
HTTP Status Codes and Errors
• 1xx – Informational - intermediate response and indicates that the server
has received the ...
Cookies
Servers supply cookies by populating the set-cookie
response header with the following details: Set-Cookie: name=v...
Type of cookies - Terminology
• Session cookie - Web browsers normally delete session cookies when the user closes
the bro...
HTTP Caching
• Preventing Caching - Cache-Control: no-cache (HTTP 1.1);
Pragma: no-cache (HTTP 1.0)
• Last-Modified: Wed, ...
HTTP Methods
• GET - method is used to retrieve information from a specified
URI and is assumed to be a safe, have no side...
POST Request
Method

POST /httpgallery/methods/default.aspx HTTP/1.1
Host: www.httpwatch.com
User-Agent: Mozilla/5.0 (Wind...
Redirection
• HTTP allows servers to redirect a client request to a different
location. Although, this will usually result...
HTTPS
• The Secure Sockets Layer (SSL) was designed to encrypt any
TCP/IP based network traffic and provide the following
...
AJAX
XML

- Asynchronous JavaScript And

• AJAX is a technology used by interactive web applications to
make HTTP requests...
Cross-origin resource sharing (CORS)
• Allows JavaScript on a web page to make XMLHttpRequests to
another domain
• "prefli...
JSONP - "JSON with padding"
• Provides a method to request data from a server in a different
domain
• JSONP has nothing to...
Resources
• http://www.httpwatch.com/httpgallery/introduction/
• http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
Upcoming SlideShare
Loading in …5
×

Introduction to HTTP protocol

17,320 views

Published on

The basics of HTTP protocol

Published in: Technology, Business
  • Dating for everyone is here: ♥♥♥ http://bit.ly/369VOVb ♥♥♥
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Sex in your area is here: ❤❤❤ http://bit.ly/369VOVb ❤❤❤
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download Full EPUB Ebook here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download Full doc Ebook here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download PDF EBOOK here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download EPUB Ebook here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download doc Ebook here { http://shorturl.at/mzUV6 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Introduction to HTTP protocol

  1. 1. Introduction to HTTP Aviran Mordo Head Of Back-End Engineering @ Wix @aviranm http://www.linkedin.com/in/aviran http://www.aviransplace.com
  2. 2. Intro • The Hyper Text Transfer Protocol (HTTP) is a client-server network protocol • In use by the World-Wide Web since 1990. • It is based on Request – Response Paradigm.
  3. 3. HTTP Request Message HTTP Method relative URL of the resource or a full URL HTTP Version GET /website/template/photography/ HTTP/1.1 Accept:*/* Accept-Language: en-gb Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0) Host: www.httpwatch.com Connection: Keep-Alive Head ers
  4. 4. HTTP Response Status line HTTP/1.1 200 OK X-Seen-By: sputnik3.aus_dsp X-Seen-By: s3.aus_pp Date: Wed, 21 Aug 2013 09:02:49 GMT Server: Apache cache-control: max-age=604800 cache-control: no-cache Pragma: no-cache Set-Cookie: _wixAB2=5371#5567#2014-03-19T14-27-00.000-0500|15711#3472#2014-08-13T11-01-00.0000500|14841#8565#2014-07-23T09-16-00.000-0500|15551#935#2014-08-11T07-55-00.000-0500|15451#3523#2014-08-07T0755-00.000-0500|14451#3267#2014-07-14T09-23-00.000-0500|15941#4497#2014-08-15T15-39-00.0000500|14951#8608#2014-07-28T07-24-00.000-0500|15861#7296#2014-08-15T10-02-00.000-0500|12891#3395#2014-06-23T0734-00.000-0500|13501#6547#2014-07-01T12-46-00.000-0500|15361#2985#2014-08-05T13-30-00.000-0500; Domain=.wix.com; Expires=Tue, 21-Aug-2018 14:06:39 GMT; Path=/ Set-Cookie: _wixCIDX=7e98f6cd-1c79-4661-9312-6f7aaeebf932; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ Set-Cookie: _wixUIDX=10647958|1a2c4034-469d-4f4d-bbd9-17deddaf67ec; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ Vary: User-Agent,Accept-Encoding Content-Language: en Content-Encoding: gzip double CRLF (carriage return, line feed) Content-Length: 8162 Content-Type: text/html;charset=UTF-8 Expires: 0 Cache-Control: no-cache Headers contents of the requested resource <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xmlns:fb="https://www.facebook.com/2008/fbml" > <head> <meta http-equ
  5. 5. Everything is an extendable convention • You may create your own headers • You may create your own methods • You may not implement some methods • You may not implement header logic
  6. 6. HTTP Methods • GET method means retrieve whatever information. Is identified by the Request-URI • POST - used to send data to the server for updates. • PUT - method requests that the enclosed entity be stored under the supplied Request-URI. • DELETE - requests that the origin server delete the resource identified by the Request-URI. • HEAD - identical to GET except that the server MUST NOT return a message-body in the response. • TRACE - llows the client to see what is being received at the other end of the request chain and use that data for testing or
  7. 7. HTTP Headers • Accept: text/plain; - specify certain media types which are acceptable for the response. • Accept-Encoding: compress, gzip ; • Accept-Language: da, en-gb;q=0.8, en;q=0.7 ; • Cache-Control: max-age=0, must-revalidate • Vary: User-Agent,Accept-Encoding • ETag: "xyzzy" • Set-Cookie: _wixAB2=15361#2985#2014-08-05T13-30-00.000-0500 • Access-Control-Allow-Origin: * • X-Seen-By: sputnik3.aus_dsp • X-Wix-Dispatcher-Cache-Hit: no • X-Wix-Renderer-Server: apu2.aus.wixpress.com • X-Wix-Not-Found-Reason: Meta Site was not found
  8. 8. HTTP Status Codes and Errors • 1xx – Informational - intermediate response and indicates that the server has received the request but has not finished processing it. • 2xx – Successful: 200 OK • 3xx – Redirection: 301-permanent, 302-temporary • 4xx - Client Error: 400-bad request, 403-forbidden, 404-not found, 418 I'm a teapot • 5xx - Server Error: 500 Internal Server Error, 503-Service Unavailable,504-Gateway Timeout
  9. 9. Cookies Servers supply cookies by populating the set-cookie response header with the following details: Set-Cookie: name=value Name Name of the cookie Value Textual value to be held by the cookie Expire Date/time when the cookie should be discarded by the browser. s If this field is empty the cookie expires at the end of the current browser session. This field can also be used to delete a cookie by setting a date/time in the past. Path Path below which the cookie should be supplied by the browser. Domai Web site domain to which this cookie applies. n This will default to the current domain and attempts to set cookies on other domains are subject to the privacy controls built into the browser.
  10. 10. Type of cookies - Terminology • Session cookie - Web browsers normally delete session cookies when the user closes the browser • Persistent cookie - A persistent cookie will outlast user sessions – expires on a set timestamp • Secure cookie - A secure cookie has the secure attribute enabled and is only used via HTTPS • HttpOnly cookie - On a supported browser, only when transmitting HTTP (or HTTPS) requests. Not accessible to Javascript. • Third-party cookie - cookies that belong to domains different from the one shown in the address bar. Browsers send cookies via request header. Cookie: name=value; name2=value2 • Supercookie - cookie with an origin of a TLD(such as .com)
  11. 11. HTTP Caching • Preventing Caching - Cache-Control: no-cache (HTTP 1.1); Pragma: no-cache (HTTP 1.0) • Last-Modified: Wed, 15 Sep 2004 12:00:00 GMT – Browser can check the server for changes • GET /images/logo.gif HTTP/1.1 Jan 2038 19:14:07 GMT - browser can reuse Expires: Sun, 17 Accept: */* the content without having to check the server Referer: http://www.google.com/ Accept-Encoding: gzip, deflate If-Modified-Since: Thu, 23 Sep 2004 17:42:04 GMT User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;) Host: www.google.com HTTP/1.1 304 Not Modified Content-Type: text/html Server: GWS/2.1 Content-Length: 0 Date: Thu, 04 Oct 2004 12:00:00 GMT
  12. 12. HTTP Methods • GET - method is used to retrieve information from a specified URI and is assumed to be a safe, have no side effects repeatable operation by browsers, caches and other HTTP aware components. • GET can only supply data in the form of parameters encoded in the URI (Query String) or as cookies. Therefore, GET cannot be used for uploading files or other operations that require large amounts of data to be sent to the server. • POST method is used for operations that have side effects and cannot be safely repeated. • POST request message has a content body that is normally used to send parameters and data. Unlike using the request URI or cookies, there is no upper limit on the amount of data that can be sent
  13. 13. POST Request Method POST /httpgallery/methods/default.aspx HTTP/1.1 Host: www.httpwatch.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Referer: http://www.httpwatch.com/httpgallery/methods/ Cookie: __utma=1.1256977602.1377003403.1377082307.1377092487.5; __utmc=1; __utmz=1.1377003403.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); __utmb=1.4.9.1377092850054 Proxy-Authorization: Basic b21lckB3aXguY29tOmg2M2ZycQ== Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 19 Set-Cookie: _wixAB2=5371#5567#2014-03-19T14-27-00.000-0500|15711#3472#2014-08-13T11-01-00.0000500|14841#8565#2014-07-23T09-16-00.000-0500|15551#935#2014-08-11T07-55-00.000-0500|15451#3523#2014-08-07T0755-00.000-0500|14451#3267#2014-07-14T09-23-00.000-0500|15941#4497#2014-08-15T15-39-00.0000500|14951#8608#2014-07-28T07-24-00.000-0500|15861#7296#2014-08-15T10-02-00.000-0500|12891#3395#2014-06-23T0734-00.000-0500|13501#6547#2014-07-01T12-46-00.000-0500|15361#2985#2014-08-05T13-30-00.000-0500; Domain=.wix.com; Expires=Tue, 21-Aug-2018 14:06:39 GMT; Path=/ double CRLF (carriage return, line feed) Set-Cookie: _wixCIDX=7e98f6cd-1c79-4661-9312-6f7aaeebf932; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ Set-Cookie: _wixUIDX=10647958|1a2c4034-469d-4f4d-bbd9-17deddaf67ec; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ post data / body Cache-Control: no-cache Headers Amount=10&B2=Submit
  14. 14. Redirection • HTTP allows servers to redirect a client request to a different location. Although, this will usually result in another network 30 round trip Permanent redirect – Content move permanently at the location specified by the Location header 1 and future requests should be directed to this location. 30 Temporary Redirect - future requests should still be sent to the original location 2 30 This status code was intended to be the only status code that caused a POST to be converted to a 3 GET. However, most browsers treat a 302 like a 303. 30 Not modified - Used in response to an If-Modified header to redirect a request to the browser's local 4HTTP/1.1 302 Found cache. Cache-Control: private,Public Content-Length: 162 Content-Type: text/html; charset=utf-8 Location: /httpgallery/redirection/default.aspx#example Set-Cookie: balance=990; path=/httpgallery/redirection/
  15. 15. HTTPS • The Secure Sockets Layer (SSL) was designed to encrypt any TCP/IP based network traffic and provide the following capabilities • Prevents eavesdropping • Prevents tampering or replaying of messages • Uses certificates to authenticate servers and optionally clients • The HTTPS protocol is the same text based protocol as HTTP but is run over an encrypted SSL session.
  16. 16. AJAX XML - Asynchronous JavaScript And • AJAX is a technology used by interactive web applications to make HTTP requests to a server without causing page transitions. • Requests have to go to the same domain as the page <script type="text/javascript"> function GetShoppingList() { // Create an instance of the HTTP request object var xmlHttp = new XMLHttpRequest(); // Specify HTTP GET by default and supply the relative url xmlHttp.open("GET", "getlist.aspx", false); // Start a synchronous AJAX request and wait for the response xmlHttp.send(null); var targetNode = document.getElementById("divShoppingList") ; // Use the HTML returned from server to create list targetNode.innerHTML = xmlHttp.responseText; }
  17. 17. Cross-origin resource sharing (CORS) • Allows JavaScript on a web page to make XMLHttpRequests to another domain • "preflighted" requests first send an HTTP OPTIONS method OPTIONS /resources/post-here/ HTTP/1.1 on the other domain, to determine if the request to the resource Host: bar.other request is safe to send. User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre) Gecko/20081130 Minefield/3.1b3pre Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Connection: keep-alive Origin: http://foo.example Access-Control-Request-Method: POST Access-Control-Request-Headers: X-PINGOTHER HTTP/1.1 200 OK Date: Mon, 01 Dec 2008 01:15:39 GMT Access-Control-Allow-Origin: http://foo.example Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Allow-Headers: X-PINGOTHER Access-Control-Max-Age: 1728000 POST /resources/post-here/ HTTP/1.1 Host: bar.other …
  18. 18. JSONP - "JSON with padding" • Provides a method to request data from a server in a different domain • JSONP has nothing to do with Ajax, since it does not use XMLHttpRequest. Instead it dynamically inserts Step 1 - You need to create a callback function. The function accepts some data. function w3r_callback(data){ console.log(data); } Step 2 - Include a script in your web page which contains the callback function created a step 1 as a parameter <script src="http://www.example.com?q=w3r_callback"><script> Step 3 - It outputs a script which calls the function and requested data is passed w3r_callback({ "FirstName" : "xyz", "LastName" : "abc", "Grade" : "A" } );
  19. 19. Resources • http://www.httpwatch.com/httpgallery/introduction/ • http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

×