HTTP

What is HTTP?

In 1989 Tim Berners-Lee (The creator of the World Wide Web) designed HTTP. Tim developed HTTP along with the Web to facilitate communication between servers and clients over the internet.

image of the request and response process

The Hypertext Transfer Protocol (HTTP) can be used to send and receive plaintext, hypertext, audio, images, or any other internet-accessible form of data. HTTP operates between a client’s browser and a web server.

Once a TCP connection is established, the client’s browser makes a HTTP request. The server receives the request and sends back an HTTP response.

HTTP is a stateless protocol. This means that each transaction is treated independently. A new TCP connection is created for each transaction and is terminated once completed.

Tim Berners-Lee designed HTTP to be simple and extensible. The protocol was designed to transmit data efficiently. There is great flexibility in the formats that HTTP is capable of sending.

HTTP vs. HTML

People are often confused by these two very similar, web related terms. HTML or Hypertext Markup Language is a markup language that uses tags to convert normal text to hypertext. For example, in HTML using the <a> tag, normal words can become a link to another place on a page or another website.

HTTP or Hypertext Transfer Protocol is a set of rules for how files like HTML are sent over the internet.

HTTP Messages

HTTP operates through the communication of messages. Requests and responses are two different ways that information is sent.

Messages include a method or action requested, the url they want to reach, headers for information about the message, and the current version of HTTP being used.

Requests are used to make a request to the server from the client.

Responses are sent from the server in response to the specific HTTP request that the client’s browser made.

Request Message Structure

Requests are made up of five elements, the Request-line, General-Headers, Request-Headers, Entity-Headers, and the Entity-Body.

Request-line: states the method or action of the request, the resource requested, and the HTTP version
General-Headers: Contains fields applicable to the request message, but do not affect the entity being transferred
Request-Headers: Contain information about the request and client. This could include under what conditions the request action should happen, or what formats the client is capable of receiving.
Entity-Header: Contains information about the resource identified by the request and info about the entity-body
Entity-Body: The body of the message

General Header Fields

General header fields are used in both request and response messages to give specifics about the interaction.

Forwarded - Gateways and Proxies use this field to detail the processes along a chain of requests or responses.
Pragma - Contains information regarding implementation.
Cache-Control - Specifies comamnds that caching mechanism must obey.
Connection - Contains keywords and field names that apply to own TCP connection.
Keep-Alive - Indicates the time that the sender will wait for connection or the maximum count of requests.
Date - The date and time the HTTP message was created.
MIME-Version - declares that the HTTP message complies with MIME version

Response Message Structure

A response has the same format but uses Status-line instead of request-line, and response-headers instead of request headers.

Status-line: Indicates version of HTTP, gives status information regarding the attempted request.
Response-Headers: Provide additional information on the status-line.

Entities

Entities are made up of two parts, a head and a body.

Entity Header

The header includes fields that give information about the body.

Entity Header Fields:

Content-encoding - indicates the encodings that have been applied to the resource in the body.
Allow - This shares the accepted methods on the content.
Content-Language - Shares the language of the recipient of the content in the body.
Content-Length - the size of the body.
Content-Type - the type of format of the body content.
URL-Header - contains other URLs where the resource is found.

Entity Body

Entity bodies are the vehicle for transferring content between the server and client. When a GET request is made to the server, the server sends the content back in the entity body. This content could be images, videos, or entire html files. Requests use the entity body to send the information that they want to add to the server. If a form is sent from the user, the content of the form is contained in the entity-body of the POST request.

Methods

Methods tell the server which kind of action to perform

Get

You loaded this web page using the GET HTTP method. When you entered the web address into the browser an HTTP GET request with the URL was sent to the server storing the HTML, CSS, Javascript, and images that make up this page.

Example: GET /index.html HTTP/1.1

This gets the files from the filepath "/index.html" and uses HTTP version 1.1

Post

If you have ever filled out a form or entered information online, you have used the POST method. For example, if you registered for a Facebook account, your username, email, and password are sent with an HTTP request using the POST method. Your information is sent using POST and added to the database of users.

Example: POST /register.jsp HTTP/1.1

This example POSTS the contents of the message entity body to the filepath "/register.jsp"

Required Connection

HTTP requires a TCP connection between a client and a server. This can either be a direct connection or can occur through intermediate HTTP systems. Some of these intermediate systems are Proxies, Gateways, and Tunnels.

Proxies operate in between clients and servers. To the client, the proxy operates like the server, and to the server it operates like a client. This is done to facilitate communication securely through firewalls or secured networks.

Gateways appear to the client as if it were the original server. Gateways are used when servers are unable to directly communicate with clients. Gateways are typically used to access servers protected by firewalls, or in non-HTTP protocol servers. In this situation the Gateway translates the HTTP request into the protocol of the server, and the response back into HTTP.

Tunnels act as a relay point between TCP connections. Tunnels are used when an intermediary system is required, but the content of the HTTP messages is not required to change or be passed through security or firewalls.