SlideShare a Scribd company logo

Introduction to HTTP protocol

Download as PPTX, PDF
Aviran Mordo
Aviran Mordo

HTTP is a client-server protocol for transmitting hypermedia documents across the internet. It uses a request-response paradigm where clients make requests which are answered by HTTP servers. Requests use methods like GET and POST, and include headers. Responses contain status lines, headers, and content. HTTP allows caching, cookies, authentication, and redirects. It is the foundation of data communication for the World Wide Web via the hypertext transfer protocol.

TechnologyBusiness
1 of 19
Introduction to HTTP Aviran Mordo Head Of Back-End Engineering @ Wix @aviranm http://www.linkedin.com/in/aviran http://www.aviransplace.com
Intro • The Hyper Text Transfer Protocol (HTTP) is a client-server network protocol • In use by the World-Wide Web since 1990. • It is based on Request – Response Paradigm.
HTTP Request Message HTTP Method relative URL of the resource or a full URL HTTP Version GET /website/template/photography/ HTTP/1.1 Accept:*/* Accept-Language: en-gb Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0) Host: www.httpwatch.com Connection: Keep-Alive Head ers
HTTP Response Status line HTTP/1.1 200 OK X-Seen-By: sputnik3.aus_dsp X-Seen-By: s3.aus_pp Date: Wed, 21 Aug 2013 09:02:49 GMT Server: Apache cache-control: max-age=604800 cache-control: no-cache Pragma: no-cache Set-Cookie: _wixAB2=5371#5567#2014-03-19T14-27-00.000-0500|15711#3472#2014-08-13T11-01-00.0000500|14841#8565#2014-07-23T09-16-00.000-0500|15551#935#2014-08-11T07-55-00.000-0500|15451#3523#2014-08-07T0755-00.000-0500|14451#3267#2014-07-14T09-23-00.000-0500|15941#4497#2014-08-15T15-39-00.0000500|14951#8608#2014-07-28T07-24-00.000-0500|15861#7296#2014-08-15T10-02-00.000-0500|12891#3395#2014-06-23T0734-00.000-0500|13501#6547#2014-07-01T12-46-00.000-0500|15361#2985#2014-08-05T13-30-00.000-0500; Domain=.wix.com; Expires=Tue, 21-Aug-2018 14:06:39 GMT; Path=/ Set-Cookie: _wixCIDX=7e98f6cd-1c79-4661-9312-6f7aaeebf932; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ Set-Cookie: _wixUIDX=10647958|1a2c4034-469d-4f4d-bbd9-17deddaf67ec; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ Vary: User-Agent,Accept-Encoding Content-Language: en Content-Encoding: gzip double CRLF (carriage return, line feed) Content-Length: 8162 Content-Type: text/html;charset=UTF-8 Expires: 0 Cache-Control: no-cache Headers contents of the requested resource <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xmlns:fb="https://www.facebook.com/2008/fbml" > <head> <meta http-equ
Everything is an extendable convention • You may create your own headers • You may create your own methods • You may not implement some methods • You may not implement header logic
HTTP Methods • GET method means retrieve whatever information. Is identified by the Request-URI • POST - used to send data to the server for updates. • PUT - method requests that the enclosed entity be stored under the supplied Request-URI. • DELETE - requests that the origin server delete the resource identified by the Request-URI. • HEAD - identical to GET except that the server MUST NOT return a message-body in the response. • TRACE - llows the client to see what is being received at the other end of the request chain and use that data for testing or
HTTP Headers • Accept: text/plain; - specify certain media types which are acceptable for the response. • Accept-Encoding: compress, gzip ; • Accept-Language: da, en-gb;q=0.8, en;q=0.7 ; • Cache-Control: max-age=0, must-revalidate • Vary: User-Agent,Accept-Encoding • ETag: "xyzzy" • Set-Cookie: _wixAB2=15361#2985#2014-08-05T13-30-00.000-0500 • Access-Control-Allow-Origin: * • X-Seen-By: sputnik3.aus_dsp • X-Wix-Dispatcher-Cache-Hit: no • X-Wix-Renderer-Server: apu2.aus.wixpress.com • X-Wix-Not-Found-Reason: Meta Site was not found
HTTP Status Codes and Errors • 1xx – Informational - intermediate response and indicates that the server has received the request but has not finished processing it. • 2xx – Successful: 200 OK • 3xx – Redirection: 301-permanent, 302-temporary • 4xx - Client Error: 400-bad request, 403-forbidden, 404-not found, 418 I'm a teapot • 5xx - Server Error: 500 Internal Server Error, 503-Service Unavailable,504-Gateway Timeout
Cookies Servers supply cookies by populating the set-cookie response header with the following details: Set-Cookie: name=value Name Name of the cookie Value Textual value to be held by the cookie Expire Date/time when the cookie should be discarded by the browser. s If this field is empty the cookie expires at the end of the current browser session. This field can also be used to delete a cookie by setting a date/time in the past. Path Path below which the cookie should be supplied by the browser. Domai Web site domain to which this cookie applies. n This will default to the current domain and attempts to set cookies on other domains are subject to the privacy controls built into the browser.
Type of cookies - Terminology • Session cookie - Web browsers normally delete session cookies when the user closes the browser • Persistent cookie - A persistent cookie will outlast user sessions – expires on a set timestamp • Secure cookie - A secure cookie has the secure attribute enabled and is only used via HTTPS • HttpOnly cookie - On a supported browser, only when transmitting HTTP (or HTTPS) requests. Not accessible to Javascript. • Third-party cookie - cookies that belong to domains different from the one shown in the address bar. Browsers send cookies via request header. Cookie: name=value; name2=value2 • Supercookie - cookie with an origin of a TLD(such as .com)
HTTP Caching • Preventing Caching - Cache-Control: no-cache (HTTP 1.1); Pragma: no-cache (HTTP 1.0) • Last-Modified: Wed, 15 Sep 2004 12:00:00 GMT – Browser can check the server for changes • GET /images/logo.gif HTTP/1.1 Jan 2038 19:14:07 GMT - browser can reuse Expires: Sun, 17 Accept: */* the content without having to check the server Referer: http://www.google.com/ Accept-Encoding: gzip, deflate If-Modified-Since: Thu, 23 Sep 2004 17:42:04 GMT User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;) Host: www.google.com HTTP/1.1 304 Not Modified Content-Type: text/html Server: GWS/2.1 Content-Length: 0 Date: Thu, 04 Oct 2004 12:00:00 GMT
HTTP Methods • GET - method is used to retrieve information from a specified URI and is assumed to be a safe, have no side effects repeatable operation by browsers, caches and other HTTP aware components. • GET can only supply data in the form of parameters encoded in the URI (Query String) or as cookies. Therefore, GET cannot be used for uploading files or other operations that require large amounts of data to be sent to the server. • POST method is used for operations that have side effects and cannot be safely repeated. • POST request message has a content body that is normally used to send parameters and data. Unlike using the request URI or cookies, there is no upper limit on the amount of data that can be sent
POST Request Method POST /httpgallery/methods/default.aspx HTTP/1.1 Host: www.httpwatch.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Referer: http://www.httpwatch.com/httpgallery/methods/ Cookie: __utma=1.1256977602.1377003403.1377082307.1377092487.5; __utmc=1; __utmz=1.1377003403.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); __utmb=1.4.9.1377092850054 Proxy-Authorization: Basic b21lckB3aXguY29tOmg2M2ZycQ== Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 19 Set-Cookie: _wixAB2=5371#5567#2014-03-19T14-27-00.000-0500|15711#3472#2014-08-13T11-01-00.0000500|14841#8565#2014-07-23T09-16-00.000-0500|15551#935#2014-08-11T07-55-00.000-0500|15451#3523#2014-08-07T0755-00.000-0500|14451#3267#2014-07-14T09-23-00.000-0500|15941#4497#2014-08-15T15-39-00.0000500|14951#8608#2014-07-28T07-24-00.000-0500|15861#7296#2014-08-15T10-02-00.000-0500|12891#3395#2014-06-23T0734-00.000-0500|13501#6547#2014-07-01T12-46-00.000-0500|15361#2985#2014-08-05T13-30-00.000-0500; Domain=.wix.com; Expires=Tue, 21-Aug-2018 14:06:39 GMT; Path=/ double CRLF (carriage return, line feed) Set-Cookie: _wixCIDX=7e98f6cd-1c79-4661-9312-6f7aaeebf932; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ Set-Cookie: _wixUIDX=10647958|1a2c4034-469d-4f4d-bbd9-17deddaf67ec; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ post data / body Cache-Control: no-cache Headers Amount=10&B2=Submit
Redirection • HTTP allows servers to redirect a client request to a different location. Although, this will usually result in another network 30 round trip Permanent redirect – Content move permanently at the location specified by the Location header 1 and future requests should be directed to this location. 30 Temporary Redirect - future requests should still be sent to the original location 2 30 This status code was intended to be the only status code that caused a POST to be converted to a 3 GET. However, most browsers treat a 302 like a 303. 30 Not modified - Used in response to an If-Modified header to redirect a request to the browser's local 4HTTP/1.1 302 Found cache. Cache-Control: private,Public Content-Length: 162 Content-Type: text/html; charset=utf-8 Location: /httpgallery/redirection/default.aspx#example Set-Cookie: balance=990; path=/httpgallery/redirection/
HTTPS • The Secure Sockets Layer (SSL) was designed to encrypt any TCP/IP based network traffic and provide the following capabilities • Prevents eavesdropping • Prevents tampering or replaying of messages • Uses certificates to authenticate servers and optionally clients • The HTTPS protocol is the same text based protocol as HTTP but is run over an encrypted SSL session.
AJAX XML - Asynchronous JavaScript And • AJAX is a technology used by interactive web applications to make HTTP requests to a server without causing page transitions. • Requests have to go to the same domain as the page <script type="text/javascript"> function GetShoppingList() { // Create an instance of the HTTP request object var xmlHttp = new XMLHttpRequest(); // Specify HTTP GET by default and supply the relative url xmlHttp.open("GET", "getlist.aspx", false); // Start a synchronous AJAX request and wait for the response xmlHttp.send(null); var targetNode = document.getElementById("divShoppingList") ; // Use the HTML returned from server to create list targetNode.innerHTML = xmlHttp.responseText; }
Cross-origin resource sharing (CORS) • Allows JavaScript on a web page to make XMLHttpRequests to another domain • "preflighted" requests first send an HTTP OPTIONS method OPTIONS /resources/post-here/ HTTP/1.1 on the other domain, to determine if the request to the resource Host: bar.other request is safe to send. User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre) Gecko/20081130 Minefield/3.1b3pre Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Connection: keep-alive Origin: http://foo.example Access-Control-Request-Method: POST Access-Control-Request-Headers: X-PINGOTHER HTTP/1.1 200 OK Date: Mon, 01 Dec 2008 01:15:39 GMT Access-Control-Allow-Origin: http://foo.example Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Allow-Headers: X-PINGOTHER Access-Control-Max-Age: 1728000 POST /resources/post-here/ HTTP/1.1 Host: bar.other …
JSONP - "JSON with padding" • Provides a method to request data from a server in a different domain • JSONP has nothing to do with Ajax, since it does not use XMLHttpRequest. Instead it dynamically inserts Step 1 - You need to create a callback function. The function accepts some data. function w3r_callback(data){ console.log(data); } Step 2 - Include a script in your web page which contains the callback function created a step 1 as a parameter <script src="http://www.example.com?q=w3r_callback"><script> Step 3 - It outputs a script which calls the function and requested data is passed w3r_callback({ "FirstName" : "xyz", "LastName" : "abc", "Grade" : "A" } );
Resources • http://www.httpwatch.com/httpgallery/introduction/ • http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

Recommended

HTTP Protocol Basic
HTTP Protocol BasicHTTP Protocol Basic
HTTP Protocol Basic
Chuong Mai
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basics
sanjoysanyal
 
HTTP Presentation
HTTP Presentation HTTP Presentation
HTTP Presentation
Lana Dujanovic
 
Http Protocol
Http ProtocolHttp Protocol
Http Protocol
N R Z Malik
 
HTTP request and response
HTTP request and responseHTTP request and response
HTTP request and response
Sahil Agarwal
 
Http-protocol
Http-protocolHttp-protocol
Http-protocol
Toushik Paul
 
Http protocol
Http protocolHttp protocol
Http protocol
Arpita Naik
 
Http
HttpHttp
Http
Luavis Kang
 

Recommended

HTTP Protocol Basic
HTTP Protocol BasicHTTP Protocol Basic
HTTP Protocol Basic
Chuong Mai
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basics
sanjoysanyal
 
HTTP Presentation
HTTP Presentation HTTP Presentation
HTTP Presentation
Lana Dujanovic
 
Http Protocol
Http ProtocolHttp Protocol
Http Protocol
N R Z Malik
 
HTTP request and response
HTTP request and responseHTTP request and response
HTTP request and response
Sahil Agarwal
 
Http-protocol
Http-protocolHttp-protocol
Http-protocol
Toushik Paul
 
Http protocol
Http protocolHttp protocol
Http protocol
Arpita Naik
 
Http
HttpHttp
Http
Luavis Kang
 
Http
HttpHttp
Http
NITT, KAMK
 
Http
HttpHttp
Http
Maiyur Hossain
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)
Gurjot Singh
 
Http request and http response
Http request and http responseHttp request and http response
Http request and http response
Nuha Noor
 
Hypertext Transfer Protocol
Hypertext Transfer ProtocolHypertext Transfer Protocol
Hypertext Transfer ProtocolShubham Srivastava
 
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...rahul kundu
 
Http Introduction
Http IntroductionHttp Introduction
Http Introduction
Akshay Dhole
 
Application layer protocols
Application layer protocolsApplication layer protocols
Application layer protocols
JUW Jinnah University for Women
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response Structure
BhagyashreeGajera1
 
Hypertext Transfer Protocol
Hypertext Transfer ProtocolHypertext Transfer Protocol
Hypertext Transfer ProtocolRajan Pandey
 
HTTP
HTTPHTTP
HTTP
bhavanatmithun
 
Web server
Web serverWeb server
Web server
Nirav Daraniya
 
File transfer protocol
File transfer protocolFile transfer protocol
File transfer protocol
Vipin Rai
 
Http and its Applications
Http and its ApplicationsHttp and its Applications
Http and its Applications
Nayan Dagliya
 
HTTP & WWW
HTTP & WWWHTTP & WWW
HTTP & WWW
RazanAlsaif
 
HTTP
HTTPHTTP
HTTP
vaibhavrai1993
 
HTTP Request Header and HTTP Status Code
HTTP Request Header and HTTP Status CodeHTTP Request Header and HTTP Status Code
HTTP Request Header and HTTP Status Code
Abhishek L.R
 
Hypertext transfer protocol (http)
Hypertext transfer protocol (http)Hypertext transfer protocol (http)
Hypertext transfer protocol (http)
Shimona Agarwal
 
HTTP Status Codes Cheat Sheet: An Exhaustive List
HTTP Status Codes Cheat Sheet: An Exhaustive ListHTTP Status Codes Cheat Sheet: An Exhaustive List
HTTP Status Codes Cheat Sheet: An Exhaustive ListMainstreethost
 
Http methods
Http methodsHttp methods
Http methods
maamir farooq
 
SPDY - http reloaded - WebTechConference 2012
SPDY - http reloaded - WebTechConference 2012SPDY - http reloaded - WebTechConference 2012
SPDY - http reloaded - WebTechConference 2012
Fabian Lange
 
The SPDY Protocol
The SPDY ProtocolThe SPDY Protocol
The SPDY Protocol
Fabian Lange
 

More Related Content

What's hot

Http
HttpHttp
Http
NITT, KAMK
 
Http
HttpHttp
Http
Maiyur Hossain
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)
Gurjot Singh
 
Http request and http response
Http request and http responseHttp request and http response
Http request and http response
Nuha Noor
 
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...rahul kundu
 
Http Introduction
Http IntroductionHttp Introduction
Http Introduction
Akshay Dhole
 
Application layer protocols
Application layer protocolsApplication layer protocols
Application layer protocols
JUW Jinnah University for Women
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response Structure
BhagyashreeGajera1
 
Hypertext Transfer Protocol
Hypertext Transfer ProtocolHypertext Transfer Protocol
Hypertext Transfer ProtocolRajan Pandey
 
HTTP
HTTPHTTP
HTTP
bhavanatmithun
 
Web server
Web serverWeb server
Web server
Nirav Daraniya
 
File transfer protocol
File transfer protocolFile transfer protocol
File transfer protocol
Vipin Rai
 
Http and its Applications
Http and its ApplicationsHttp and its Applications
Http and its Applications
Nayan Dagliya
 
HTTP & WWW
HTTP & WWWHTTP & WWW
HTTP & WWW
RazanAlsaif
 
HTTP
HTTPHTTP
HTTP
vaibhavrai1993
 
HTTP Request Header and HTTP Status Code
HTTP Request Header and HTTP Status CodeHTTP Request Header and HTTP Status Code
HTTP Request Header and HTTP Status Code
Abhishek L.R
 
Hypertext transfer protocol (http)
Hypertext transfer protocol (http)Hypertext transfer protocol (http)
Hypertext transfer protocol (http)
Shimona Agarwal
 
HTTP Status Codes Cheat Sheet: An Exhaustive List
HTTP Status Codes Cheat Sheet: An Exhaustive ListHTTP Status Codes Cheat Sheet: An Exhaustive List
HTTP Status Codes Cheat Sheet: An Exhaustive ListMainstreethost
 
Http methods
Http methodsHttp methods
Http methods
maamir farooq
 

What's hot (20)

Http
HttpHttp
Http
 
Http
HttpHttp
Http
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)
 
Http request and http response
Http request and http responseHttp request and http response
Http request and http response
 
Hypertext Transfer Protocol
Hypertext Transfer ProtocolHypertext Transfer Protocol
Hypertext Transfer Protocol
 
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
 
Http Introduction
Http IntroductionHttp Introduction
Http Introduction
 
Application layer protocols
Application layer protocolsApplication layer protocols
Application layer protocols
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response Structure
 
Hypertext Transfer Protocol
Hypertext Transfer ProtocolHypertext Transfer Protocol
Hypertext Transfer Protocol
 
HTTP
HTTPHTTP
HTTP
 
Web server
Web serverWeb server
Web server
 
File transfer protocol
File transfer protocolFile transfer protocol
File transfer protocol
 
Http and its Applications
Http and its ApplicationsHttp and its Applications
Http and its Applications
 
HTTP & WWW
HTTP & WWWHTTP & WWW
HTTP & WWW
 
HTTP
HTTPHTTP
HTTP
 
HTTP Request Header and HTTP Status Code
HTTP Request Header and HTTP Status CodeHTTP Request Header and HTTP Status Code
HTTP Request Header and HTTP Status Code
 
Hypertext transfer protocol (http)
Hypertext transfer protocol (http)Hypertext transfer protocol (http)
Hypertext transfer protocol (http)
 
HTTP Status Codes Cheat Sheet: An Exhaustive List
HTTP Status Codes Cheat Sheet: An Exhaustive ListHTTP Status Codes Cheat Sheet: An Exhaustive List
HTTP Status Codes Cheat Sheet: An Exhaustive List
 
Http methods
Http methodsHttp methods
Http methods
 

Similar to Introduction to HTTP protocol

SPDY - http reloaded - WebTechConference 2012
SPDY - http reloaded - WebTechConference 2012SPDY - http reloaded - WebTechConference 2012
SPDY - http reloaded - WebTechConference 2012
Fabian Lange
 
The SPDY Protocol
The SPDY ProtocolThe SPDY Protocol
The SPDY Protocol
Fabian Lange
 
Nginx Scalable Stack
Nginx Scalable StackNginx Scalable Stack
Nginx Scalable Stack
Bruno Paiuca
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
MksYi
 
HTTP/2 What's inside and Why
HTTP/2 What's inside and WhyHTTP/2 What's inside and Why
HTTP/2 What's inside and Why
Adrian Cole
 
Demystifying REST
Demystifying RESTDemystifying REST
Demystifying REST
Kirsten Hunter
 
Web performance across the HTTP to HTTPS transition
Web performance across the HTTP to HTTPS transitionWeb performance across the HTTP to HTTPS transition
Web performance across the HTTP to HTTPS transition
seanwalbran
 
Making the Most of HTTP In Your Apps
Making the Most of HTTP In Your AppsMaking the Most of HTTP In Your Apps
Making the Most of HTTP In Your Apps
Ben Ramsey
 
6 app-tcp
6 app-tcp6 app-tcp
6 app-tcp
Olivier Bonaventure
 
Overview of Cookies in HTTP - Miran al Mehrab
Overview of Cookies in HTTP - Miran al MehrabOverview of Cookies in HTTP - Miran al Mehrab
Overview of Cookies in HTTP - Miran al Mehrab
Cefalo
 
Hidden Gems in HTTP
Hidden Gems in HTTPHidden Gems in HTTP
Hidden Gems in HTTP
Ben Ramsey
 
Juglouvain http revisited
Juglouvain http revisitedJuglouvain http revisited
Juglouvain http revisited
marctritschler
 
Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSockets
Gunnar Hillert
 
Using NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheUsing NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content Cache
Kevin Jones
 
Optimising Web Application Frontend
Optimising Web Application FrontendOptimising Web Application Frontend
Optimising Web Application Frontendtkramar
 
What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?
NGINX, Inc.
 
What’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEAWhat’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEA
NGINX, Inc.
 
Choosing A Proxy Server - Apachecon 2014
Choosing A Proxy Server - Apachecon 2014Choosing A Proxy Server - Apachecon 2014
Choosing A Proxy Server - Apachecon 2014bryan_call
 
NGINX: HTTP/2 Server Push and gRPC – EMEA
NGINX: HTTP/2 Server Push and gRPC – EMEANGINX: HTTP/2 Server Push and gRPC – EMEA
NGINX: HTTP/2 Server Push and gRPC – EMEA
NGINX, Inc.
 

Similar to Introduction to HTTP protocol (20)

SPDY - http reloaded - WebTechConference 2012
SPDY - http reloaded - WebTechConference 2012SPDY - http reloaded - WebTechConference 2012
SPDY - http reloaded - WebTechConference 2012
 
The SPDY Protocol
The SPDY ProtocolThe SPDY Protocol
The SPDY Protocol
 
Nginx Scalable Stack
Nginx Scalable StackNginx Scalable Stack
Nginx Scalable Stack
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
 
HTTP/2 What's inside and Why
HTTP/2 What's inside and WhyHTTP/2 What's inside and Why
HTTP/2 What's inside and Why
 
Demystifying REST
Demystifying RESTDemystifying REST
Demystifying REST
 
HTTP.pdf
HTTP.pdfHTTP.pdf
HTTP.pdf
 
Web performance across the HTTP to HTTPS transition
Web performance across the HTTP to HTTPS transitionWeb performance across the HTTP to HTTPS transition
Web performance across the HTTP to HTTPS transition
 
Making the Most of HTTP In Your Apps
Making the Most of HTTP In Your AppsMaking the Most of HTTP In Your Apps
Making the Most of HTTP In Your Apps
 
6 app-tcp
6 app-tcp6 app-tcp
6 app-tcp
 
Overview of Cookies in HTTP - Miran al Mehrab
Overview of Cookies in HTTP - Miran al MehrabOverview of Cookies in HTTP - Miran al Mehrab
Overview of Cookies in HTTP - Miran al Mehrab
 
Hidden Gems in HTTP
Hidden Gems in HTTPHidden Gems in HTTP
Hidden Gems in HTTP
 
Juglouvain http revisited
Juglouvain http revisitedJuglouvain http revisited
Juglouvain http revisited
 
Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSockets
 
Using NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheUsing NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content Cache
 
Optimising Web Application Frontend
Optimising Web Application FrontendOptimising Web Application Frontend
Optimising Web Application Frontend
 
What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?
 
What’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEAWhat’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEA
 
Choosing A Proxy Server - Apachecon 2014
Choosing A Proxy Server - Apachecon 2014Choosing A Proxy Server - Apachecon 2014
Choosing A Proxy Server - Apachecon 2014
 
NGINX: HTTP/2 Server Push and gRPC – EMEA
NGINX: HTTP/2 Server Push and gRPC – EMEANGINX: HTTP/2 Server Push and gRPC – EMEA
NGINX: HTTP/2 Server Push and gRPC – EMEA
 

More from Aviran Mordo

Platform as a Runtime - PaaR QCON 2024 - Final
Platform as a Runtime - PaaR QCON 2024 - FinalPlatform as a Runtime - PaaR QCON 2024 - Final
Platform as a Runtime - PaaR QCON 2024 - Final
Aviran Mordo
 
Scaling Engineering by Hacking Conway’s Law - Geecon,2022
Scaling Engineering by Hacking Conway’s Law - Geecon,2022Scaling Engineering by Hacking Conway’s Law - Geecon,2022
Scaling Engineering by Hacking Conway’s Law - Geecon,2022
Aviran Mordo
 
Arrested by the cap devoxx uk 2018
Arrested by the cap devoxx uk 2018Arrested by the cap devoxx uk 2018
Arrested by the cap devoxx uk 2018
Aviran Mordo
 
Scaling wix.com to 100 million users
Scaling wix.com to 100 million users Scaling wix.com to 100 million users
Scaling wix.com to 100 million users
Aviran Mordo
 
Mircoservices, dev ops and Engineering best practices at Wix.com
Mircoservices, dev ops and Engineering best practices at Wix.comMircoservices, dev ops and Engineering best practices at Wix.com
Mircoservices, dev ops and Engineering best practices at Wix.com
Aviran Mordo
 
Scaling Wix engineering
Scaling Wix engineering Scaling Wix engineering
Scaling Wix engineering
Aviran Mordo
 
Scaling wix with microservices and multi cloud - 2015
Scaling wix with microservices and multi cloud - 2015Scaling wix with microservices and multi cloud - 2015
Scaling wix with microservices and multi cloud - 2015
Aviran Mordo
 
Road to Continuous Delivery - Wix.com
Road to Continuous Delivery - Wix.comRoad to Continuous Delivery - Wix.com
Road to Continuous Delivery - Wix.com
Aviran Mordo
 
Advanced A/B Testing - Jax London 2015
Advanced A/B Testing - Jax London 2015Advanced A/B Testing - Jax London 2015
Advanced A/B Testing - Jax London 2015
Aviran Mordo
 
Scaling wix with microservices architecture jax london-2015
Scaling wix with microservices architecture jax london-2015Scaling wix with microservices architecture jax london-2015
Scaling wix with microservices architecture jax london-2015
Aviran Mordo
 
Scaling wix with microservices architecture devoxx London 2015
Scaling wix with microservices architecture devoxx London 2015Scaling wix with microservices architecture devoxx London 2015
Scaling wix with microservices architecture devoxx London 2015
Aviran Mordo
 
The Art of A/B Testing
The Art of A/B TestingThe Art of A/B Testing
The Art of A/B Testing
Aviran Mordo
 
Wix.com Back-end Engineering Guild Manifesto
Wix.com Back-end Engineering Guild ManifestoWix.com Back-end Engineering Guild Manifesto
Wix.com Back-end Engineering Guild Manifesto
Aviran Mordo
 
Scaling Wix with microservices architecture and multi-cloud platforms - Reve...
Scaling Wix with microservices architecture and multi-cloud platforms - Reve... Scaling Wix with microservices architecture and multi-cloud platforms - Reve...
Scaling Wix with microservices architecture and multi-cloud platforms - Reve...
Aviran Mordo
 
Experimenting on Humans - Advanced A/B Tests - QCon SF 2014
Experimenting on Humans - Advanced A/B Tests - QCon SF 2014Experimenting on Humans - Advanced A/B Tests - QCon SF 2014
Experimenting on Humans - Advanced A/B Tests - QCon SF 2014
Aviran Mordo
 
Wix Architecture at Scale - QCon London 2014
Wix Architecture at Scale - QCon London 2014Wix Architecture at Scale - QCon London 2014
Wix Architecture at Scale - QCon London 2014
Aviran Mordo
 
Scaling r&d org while maintaining quality
Scaling r&d org while maintaining qualityScaling r&d org while maintaining quality
Scaling r&d org while maintaining quality
Aviran Mordo
 
Wix Dev-Centric Culture And Continuous Delivery
Wix Dev-Centric Culture And Continuous DeliveryWix Dev-Centric Culture And Continuous Delivery
Wix Dev-Centric Culture And Continuous Delivery
Aviran Mordo
 
Lessons Learned Monitoring Production
Lessons Learned Monitoring ProductionLessons Learned Monitoring Production
Lessons Learned Monitoring Production
Aviran Mordo
 
Strategies in continuous delivery
Strategies in continuous deliveryStrategies in continuous delivery
Strategies in continuous deliveryAviran Mordo
 

More from Aviran Mordo (20)

Platform as a Runtime - PaaR QCON 2024 - Final
Platform as a Runtime - PaaR QCON 2024 - FinalPlatform as a Runtime - PaaR QCON 2024 - Final
Platform as a Runtime - PaaR QCON 2024 - Final
 
Scaling Engineering by Hacking Conway’s Law - Geecon,2022
Scaling Engineering by Hacking Conway’s Law - Geecon,2022Scaling Engineering by Hacking Conway’s Law - Geecon,2022
Scaling Engineering by Hacking Conway’s Law - Geecon,2022
 
Arrested by the cap devoxx uk 2018
Arrested by the cap devoxx uk 2018Arrested by the cap devoxx uk 2018
Arrested by the cap devoxx uk 2018
 
Scaling wix.com to 100 million users
Scaling wix.com to 100 million users Scaling wix.com to 100 million users
Scaling wix.com to 100 million users
 
Mircoservices, dev ops and Engineering best practices at Wix.com
Mircoservices, dev ops and Engineering best practices at Wix.comMircoservices, dev ops and Engineering best practices at Wix.com
Mircoservices, dev ops and Engineering best practices at Wix.com
 
Scaling Wix engineering
Scaling Wix engineering Scaling Wix engineering
Scaling Wix engineering
 
Scaling wix with microservices and multi cloud - 2015
Scaling wix with microservices and multi cloud - 2015Scaling wix with microservices and multi cloud - 2015
Scaling wix with microservices and multi cloud - 2015
 
Road to Continuous Delivery - Wix.com
Road to Continuous Delivery - Wix.comRoad to Continuous Delivery - Wix.com
Road to Continuous Delivery - Wix.com
 
Advanced A/B Testing - Jax London 2015
Advanced A/B Testing - Jax London 2015Advanced A/B Testing - Jax London 2015
Advanced A/B Testing - Jax London 2015
 
Scaling wix with microservices architecture jax london-2015
Scaling wix with microservices architecture jax london-2015Scaling wix with microservices architecture jax london-2015
Scaling wix with microservices architecture jax london-2015
 
Scaling wix with microservices architecture devoxx London 2015
Scaling wix with microservices architecture devoxx London 2015Scaling wix with microservices architecture devoxx London 2015
Scaling wix with microservices architecture devoxx London 2015
 
The Art of A/B Testing
The Art of A/B TestingThe Art of A/B Testing
The Art of A/B Testing
 
Wix.com Back-end Engineering Guild Manifesto
Wix.com Back-end Engineering Guild ManifestoWix.com Back-end Engineering Guild Manifesto
Wix.com Back-end Engineering Guild Manifesto
 
Scaling Wix with microservices architecture and multi-cloud platforms - Reve...
Scaling Wix with microservices architecture and multi-cloud platforms - Reve... Scaling Wix with microservices architecture and multi-cloud platforms - Reve...
Scaling Wix with microservices architecture and multi-cloud platforms - Reve...
 
Experimenting on Humans - Advanced A/B Tests - QCon SF 2014
Experimenting on Humans - Advanced A/B Tests - QCon SF 2014Experimenting on Humans - Advanced A/B Tests - QCon SF 2014
Experimenting on Humans - Advanced A/B Tests - QCon SF 2014
 
Wix Architecture at Scale - QCon London 2014
Wix Architecture at Scale - QCon London 2014Wix Architecture at Scale - QCon London 2014
Wix Architecture at Scale - QCon London 2014
 
Scaling r&d org while maintaining quality
Scaling r&d org while maintaining qualityScaling r&d org while maintaining quality
Scaling r&d org while maintaining quality
 
Wix Dev-Centric Culture And Continuous Delivery
Wix Dev-Centric Culture And Continuous DeliveryWix Dev-Centric Culture And Continuous Delivery
Wix Dev-Centric Culture And Continuous Delivery
 
Lessons Learned Monitoring Production
Lessons Learned Monitoring ProductionLessons Learned Monitoring Production
Lessons Learned Monitoring Production
 
Strategies in continuous delivery
Strategies in continuous deliveryStrategies in continuous delivery
Strategies in continuous delivery
 

Recently uploaded

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 

Recently uploaded (20)

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 

Introduction to HTTP protocol

  • 1. Introduction to HTTP Aviran Mordo Head Of Back-End Engineering @ Wix @aviranm http://www.linkedin.com/in/aviran http://www.aviransplace.com
  • 2. Intro • The Hyper Text Transfer Protocol (HTTP) is a client-server network protocol • In use by the World-Wide Web since 1990. • It is based on Request – Response Paradigm.
  • 3. HTTP Request Message HTTP Method relative URL of the resource or a full URL HTTP Version GET /website/template/photography/ HTTP/1.1 Accept:*/* Accept-Language: en-gb Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0) Host: www.httpwatch.com Connection: Keep-Alive Head ers
  • 4. HTTP Response Status line HTTP/1.1 200 OK X-Seen-By: sputnik3.aus_dsp X-Seen-By: s3.aus_pp Date: Wed, 21 Aug 2013 09:02:49 GMT Server: Apache cache-control: max-age=604800 cache-control: no-cache Pragma: no-cache Set-Cookie: _wixAB2=5371#5567#2014-03-19T14-27-00.000-0500|15711#3472#2014-08-13T11-01-00.0000500|14841#8565#2014-07-23T09-16-00.000-0500|15551#935#2014-08-11T07-55-00.000-0500|15451#3523#2014-08-07T0755-00.000-0500|14451#3267#2014-07-14T09-23-00.000-0500|15941#4497#2014-08-15T15-39-00.0000500|14951#8608#2014-07-28T07-24-00.000-0500|15861#7296#2014-08-15T10-02-00.000-0500|12891#3395#2014-06-23T0734-00.000-0500|13501#6547#2014-07-01T12-46-00.000-0500|15361#2985#2014-08-05T13-30-00.000-0500; Domain=.wix.com; Expires=Tue, 21-Aug-2018 14:06:39 GMT; Path=/ Set-Cookie: _wixCIDX=7e98f6cd-1c79-4661-9312-6f7aaeebf932; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ Set-Cookie: _wixUIDX=10647958|1a2c4034-469d-4f4d-bbd9-17deddaf67ec; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ Vary: User-Agent,Accept-Encoding Content-Language: en Content-Encoding: gzip double CRLF (carriage return, line feed) Content-Length: 8162 Content-Type: text/html;charset=UTF-8 Expires: 0 Cache-Control: no-cache Headers contents of the requested resource <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xmlns:fb="https://www.facebook.com/2008/fbml" > <head> <meta http-equ
  • 5. Everything is an extendable convention • You may create your own headers • You may create your own methods • You may not implement some methods • You may not implement header logic
  • 6. HTTP Methods • GET method means retrieve whatever information. Is identified by the Request-URI • POST - used to send data to the server for updates. • PUT - method requests that the enclosed entity be stored under the supplied Request-URI. • DELETE - requests that the origin server delete the resource identified by the Request-URI. • HEAD - identical to GET except that the server MUST NOT return a message-body in the response. • TRACE - llows the client to see what is being received at the other end of the request chain and use that data for testing or
  • 7. HTTP Headers • Accept: text/plain; - specify certain media types which are acceptable for the response. • Accept-Encoding: compress, gzip ; • Accept-Language: da, en-gb;q=0.8, en;q=0.7 ; • Cache-Control: max-age=0, must-revalidate • Vary: User-Agent,Accept-Encoding • ETag: "xyzzy" • Set-Cookie: _wixAB2=15361#2985#2014-08-05T13-30-00.000-0500 • Access-Control-Allow-Origin: * • X-Seen-By: sputnik3.aus_dsp • X-Wix-Dispatcher-Cache-Hit: no • X-Wix-Renderer-Server: apu2.aus.wixpress.com • X-Wix-Not-Found-Reason: Meta Site was not found
  • 8. HTTP Status Codes and Errors • 1xx – Informational - intermediate response and indicates that the server has received the request but has not finished processing it. • 2xx – Successful: 200 OK • 3xx – Redirection: 301-permanent, 302-temporary • 4xx - Client Error: 400-bad request, 403-forbidden, 404-not found, 418 I'm a teapot • 5xx - Server Error: 500 Internal Server Error, 503-Service Unavailable,504-Gateway Timeout
  • 9. Cookies Servers supply cookies by populating the set-cookie response header with the following details: Set-Cookie: name=value Name Name of the cookie Value Textual value to be held by the cookie Expire Date/time when the cookie should be discarded by the browser. s If this field is empty the cookie expires at the end of the current browser session. This field can also be used to delete a cookie by setting a date/time in the past. Path Path below which the cookie should be supplied by the browser. Domai Web site domain to which this cookie applies. n This will default to the current domain and attempts to set cookies on other domains are subject to the privacy controls built into the browser.
  • 10. Type of cookies - Terminology • Session cookie - Web browsers normally delete session cookies when the user closes the browser • Persistent cookie - A persistent cookie will outlast user sessions – expires on a set timestamp • Secure cookie - A secure cookie has the secure attribute enabled and is only used via HTTPS • HttpOnly cookie - On a supported browser, only when transmitting HTTP (or HTTPS) requests. Not accessible to Javascript. • Third-party cookie - cookies that belong to domains different from the one shown in the address bar. Browsers send cookies via request header. Cookie: name=value; name2=value2 • Supercookie - cookie with an origin of a TLD(such as .com)
  • 11. HTTP Caching • Preventing Caching - Cache-Control: no-cache (HTTP 1.1); Pragma: no-cache (HTTP 1.0) • Last-Modified: Wed, 15 Sep 2004 12:00:00 GMT – Browser can check the server for changes • GET /images/logo.gif HTTP/1.1 Jan 2038 19:14:07 GMT - browser can reuse Expires: Sun, 17 Accept: */* the content without having to check the server Referer: http://www.google.com/ Accept-Encoding: gzip, deflate If-Modified-Since: Thu, 23 Sep 2004 17:42:04 GMT User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;) Host: www.google.com HTTP/1.1 304 Not Modified Content-Type: text/html Server: GWS/2.1 Content-Length: 0 Date: Thu, 04 Oct 2004 12:00:00 GMT
  • 12. HTTP Methods • GET - method is used to retrieve information from a specified URI and is assumed to be a safe, have no side effects repeatable operation by browsers, caches and other HTTP aware components. • GET can only supply data in the form of parameters encoded in the URI (Query String) or as cookies. Therefore, GET cannot be used for uploading files or other operations that require large amounts of data to be sent to the server. • POST method is used for operations that have side effects and cannot be safely repeated. • POST request message has a content body that is normally used to send parameters and data. Unlike using the request URI or cookies, there is no upper limit on the amount of data that can be sent
  • 13. POST Request Method POST /httpgallery/methods/default.aspx HTTP/1.1 Host: www.httpwatch.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Referer: http://www.httpwatch.com/httpgallery/methods/ Cookie: __utma=1.1256977602.1377003403.1377082307.1377092487.5; __utmc=1; __utmz=1.1377003403.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); __utmb=1.4.9.1377092850054 Proxy-Authorization: Basic b21lckB3aXguY29tOmg2M2ZycQ== Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 19 Set-Cookie: _wixAB2=5371#5567#2014-03-19T14-27-00.000-0500|15711#3472#2014-08-13T11-01-00.0000500|14841#8565#2014-07-23T09-16-00.000-0500|15551#935#2014-08-11T07-55-00.000-0500|15451#3523#2014-08-07T0755-00.000-0500|14451#3267#2014-07-14T09-23-00.000-0500|15941#4497#2014-08-15T15-39-00.0000500|14951#8608#2014-07-28T07-24-00.000-0500|15861#7296#2014-08-15T10-02-00.000-0500|12891#3395#2014-06-23T0734-00.000-0500|13501#6547#2014-07-01T12-46-00.000-0500|15361#2985#2014-08-05T13-30-00.000-0500; Domain=.wix.com; Expires=Tue, 21-Aug-2018 14:06:39 GMT; Path=/ double CRLF (carriage return, line feed) Set-Cookie: _wixCIDX=7e98f6cd-1c79-4661-9312-6f7aaeebf932; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ Set-Cookie: _wixUIDX=10647958|1a2c4034-469d-4f4d-bbd9-17deddaf67ec; Domain=.wix.com; Expires=Mon, 17-Feb-2014 09:02:49 GMT; Path=/ post data / body Cache-Control: no-cache Headers Amount=10&B2=Submit
  • 14. Redirection • HTTP allows servers to redirect a client request to a different location. Although, this will usually result in another network 30 round trip Permanent redirect – Content move permanently at the location specified by the Location header 1 and future requests should be directed to this location. 30 Temporary Redirect - future requests should still be sent to the original location 2 30 This status code was intended to be the only status code that caused a POST to be converted to a 3 GET. However, most browsers treat a 302 like a 303. 30 Not modified - Used in response to an If-Modified header to redirect a request to the browser's local 4HTTP/1.1 302 Found cache. Cache-Control: private,Public Content-Length: 162 Content-Type: text/html; charset=utf-8 Location: /httpgallery/redirection/default.aspx#example Set-Cookie: balance=990; path=/httpgallery/redirection/
  • 15. HTTPS • The Secure Sockets Layer (SSL) was designed to encrypt any TCP/IP based network traffic and provide the following capabilities • Prevents eavesdropping • Prevents tampering or replaying of messages • Uses certificates to authenticate servers and optionally clients • The HTTPS protocol is the same text based protocol as HTTP but is run over an encrypted SSL session.
  • 16. AJAX XML - Asynchronous JavaScript And • AJAX is a technology used by interactive web applications to make HTTP requests to a server without causing page transitions. • Requests have to go to the same domain as the page <script type="text/javascript"> function GetShoppingList() { // Create an instance of the HTTP request object var xmlHttp = new XMLHttpRequest(); // Specify HTTP GET by default and supply the relative url xmlHttp.open("GET", "getlist.aspx", false); // Start a synchronous AJAX request and wait for the response xmlHttp.send(null); var targetNode = document.getElementById("divShoppingList") ; // Use the HTML returned from server to create list targetNode.innerHTML = xmlHttp.responseText; }
  • 17. Cross-origin resource sharing (CORS) • Allows JavaScript on a web page to make XMLHttpRequests to another domain • "preflighted" requests first send an HTTP OPTIONS method OPTIONS /resources/post-here/ HTTP/1.1 on the other domain, to determine if the request to the resource Host: bar.other request is safe to send. User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre) Gecko/20081130 Minefield/3.1b3pre Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Connection: keep-alive Origin: http://foo.example Access-Control-Request-Method: POST Access-Control-Request-Headers: X-PINGOTHER HTTP/1.1 200 OK Date: Mon, 01 Dec 2008 01:15:39 GMT Access-Control-Allow-Origin: http://foo.example Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Allow-Headers: X-PINGOTHER Access-Control-Max-Age: 1728000 POST /resources/post-here/ HTTP/1.1 Host: bar.other …
  • 18. JSONP - "JSON with padding" • Provides a method to request data from a server in a different domain • JSONP has nothing to do with Ajax, since it does not use XMLHttpRequest. Instead it dynamically inserts Step 1 - You need to create a callback function. The function accepts some data. function w3r_callback(data){ console.log(data); } Step 2 - Include a script in your web page which contains the callback function created a step 1 as a parameter <script src="http://www.example.com?q=w3r_callback"><script> Step 3 - It outputs a script which calls the function and requested data is passed w3r_callback({ "FirstName" : "xyz", "LastName" : "abc", "Grade" : "A" } );