Hello friends, today we are going to discuss about What is Http and details.
Whether you are a user or a website owner, the one word you might come across when browsing is HTTP. It is important to get the basics of HTTP to understand how Internet works and the details sent and received between your browser and the web server. Here is a beginner’s guide to What is Http attempting to explain the basics.
What is Http?
HTTP means Hypertext Transfer Protocol. HTTP is the underlying protocol used by the World Wide Web and this protocol defines how messages are formatted and transmitted. How server will recognize these commands and what actions Web servers and browsers should take in response to various commands. HTTP is the set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) on the World Wide Web.
HTTP functions as a request–response protocol in the client–server computing model. A web browser, for example, may be the client and an application running on a computer hosting a website may be the server. The client submits an HTTP request message to the server. The server, which provides resources such as HTML files and other content, or performs other functions on behalf of the client, returns a response message to the client. The response contains completion status information about the request and may also contain requested content in its message body.
Let’s first discuss about how website works.
Web Request Life Cycle
In general below is the flow of any web request. You can get more information about the flow here.
- User types any address in any browser e.g. google.com.
- Browser sends request to web server.
- Web server creates a new process or assign a thread to process this request.
- Web server processes the request and generate the response.
- This response is sent back to client.
- Now assigned process or thread is free to receive another requests.
- Browser displays the response to user.
This is very basic and top view of the process.
A simple request message from a client computer consists of the following components:
- A request line to get a required resource, for example a request GET /content/page1.html is requesting a resource called /content/page1.html from the server.
- Headers (Example – Accept-Language: EN).
- An empty line.
- A message body which is optional.
All the lines should end with a carriage return and line feed. The empty line should only contains carriage return and line feed without any spaces.
A simple response from the server contains the following components:
- HTTP Status Code (For example HTTP/1.1 301 Moved Permanently, means the requested resource was permanently moved and redirecting to some other resource).
- Headers (Example – Content-Type: html)
- An empty line.
- A message body which is optional.
All the lines in the server response should end with a carriage return and line feed. Similar to request, the empty line in a response also should only have carriage return and line feed without any spaces.
HTTP is called a stateless protocol because each command is executed independently, without any knowledge of the commands that came before it. Server receives the request, process it and create a response for client. Once response is transferred to client then connection drops and next request from same client is treated independently.
A web browser is an example of a user agent (UA). Other types of user agent include the indexing software used by search providers (web crawlers), voice browsers, mobile apps, and other software that accesses, consumes, or displays web content.
A server is the machine which host the resource and can serve client based on the request. All web resources are hosted on any server. Dedicated computers and appliances may be referred to as Web servers as well.
Web servers are able to map the path component of a Uniform Resource Locator (URL) into:
- A local file system resource (for static requests)
- An internal or external program name (for dynamic requests)
For a static request the URL path specified by the client is relative to the web server’s root directory.
Consider the following URL as it would be requested by a client:
The client’s user agent will translate it into a connection to www.example.com with the following HTTP 1.1 request:
GET /path/file.html HTTP/1.1
The web server on www.example.com will append the given path to the path of its root directory. On an Apache server, this is commonly /home/www (on Unix machines, usually /var/www). The result is the local file system resource:
The web server then reads the file, if it exists, and sends a response to the client’s web browser. The response will describe the content of the file and contain the file itself or an error message will return saying that the file does not exist or is unavailable.
An HTTP session is a sequence of network request-response transactions. An HTTP client initiates a request by establishing a Transmission Control Protocol (TCP) connection to a particular port on a server (typically port 80, occasionally port 8080; see List of TCP and UDP port numbers). An HTTP server listening on that port waits for a client’s request message. Upon receiving the request, the server sends back a status line, such as “HTTP/1.1 200 OK”, and a message of its own. The body of this message is typically the requested resource, although an error message or other information may also be returned.
HTTP sessions are opened by an HTTP Client (i.e. the user’s browser) via a user agent and a connection Request Message is sent to an HTTP Server (i.e. the Web Server). Once the response has been delivered the Web Server closes the connection. This type of connection is known as Stateless in that it exists only for the duration of the data exchange.
Let us take an example that you want to open a page “home.html” from the site “yoursite.com”. Below is how the request from the client browser should look like to get a “home.html” page from “yoursite.com”.
HTTP Request Structure:
GET /home.html HTTP/1.1 Host: www.yoursite.com
The response from the web server should look like below:
HTTP Response Structure:
HTTP/1.1 200 OK Date: Sun, 28 Jul 2013 15:37:37 GMT Server: Apache Last-Modified: Sun, 07 Jul 2013 06:13:43 GMT Transfer-Encoding: chunked Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Webpage Content
Chunked transfer encoding is a method in which the server responds with a data in chunks and this used in place of Content-Length header. The communication is stopped when a zero length of chunk is received and this method is used in HTTP Version 1.1.
Authentication is a process in which the credentials provided are compared to those on file in a database of authorized users’ information on a local operating system or within an authentication server. If the credentials match, the process is completed and the user is granted authorization for access.
HTTP provides multiple authentication schemes such as basic access authentication and digest access authentication which operate via a challenge-response mechanism whereby the server identifies and issues a challenge before serving the requested content.
We’ll discuss more about these authentication schemas in detail in upcoming articles.
HTTP defines methods (sometimes referred to as verbs) to indicate the desired action to be performed on the identified resource. What this resource represents, whether pre-existing data or data that is generated dynamically, depends on the implementation of the server.
The GET method requests a representation of the specified resource. Requests using GET should only retrieve data and should have no other effect.
The HEAD method asks for a response identical to that of a GET request, but without the response body. This is useful for retrieving meta-information written in response headers, without having to transport the entire content.
The POST method requests that the server accept the entity enclosed in the request as a new subordinate of the web resource identified by the URI. The data Posted might be, for example, an annotation for existing resources; a message for a bulletin board, newsgroup, mailing list, or comment thread; a block of data that is the result of submitting a web form to a data-handling process; or an item to add to a database.
The PUT method requests that the enclosed entity be stored under the supplied URI. If the URI refers to an already existing resource, it is modified; if the URI does not point to an existing resource, then the server can create the resource with that URI.
The DELETE method deletes the specified resource.
The TRACE method echoes the received request so that a client can see what (if any) changes or additions have been made by intermediate servers.
The OPTIONS method returns the HTTP methods that the server supports for the specified URL. This can be used to check the functionality of a web server by requesting ‘*’ instead of a specific resource.
The CONNECT method converts the request connection to a transparent TCP/IP tunnel, usually to facilitate SSL-encrypted communication (HTTPS) through an unencrypted HTTP proxy
The PATCH method applies partial modifications to a resource.
All general-purpose HTTP servers are required to implement at least the GET and HEAD methods, and all other methods are considered optional by the specification.
Some of the methods (for example, HEAD, GET, OPTIONS and TRACE) are, by convention, defined as safe, which means they are intended only for information retrieval and should not change the state of the server.
We’ll discuss more about these methods, usage and limitations in detail in upcoming articles.
Depending on the availability or otherwise of the Resource HTTP provides an appropriate status code (also referred to as the ‘Server Response’) determined by the protocol. These are as follows:
- 1xx – an informational message only
- 2xx – success of some kind, e.g: 200 OK – file found
- 3xx – the client to another URL, e.g: 301 moved permanently
- 4xx – an error on the client’s part, e.g: 404 – file not found
- 5xx – an error on the server’s part, e.g: 500 server error
Secure HTTP (HTTPS)
Now you understand HTTP then what is that HTTPS? HTTPS is the secured HTTP protocol required to send and receive information securely over internet. Nowadays it is mandatory for all websites to have HTTPS protocol to have secured internet. Browsers like Google Chrome will show an alert with “Not Secure” message in the address bar if the site is not served over HTTPS.
This typically involves the use of an SSL Certificate which creates a secure, encrypted connection between the browser and the web server.
This is typically used for secure areas of websites where sensitive data is transferred such as payment details or login credentials. In recent years though HTTPS has been listed as a Google ranking factor and more and more websites are moving to HTTPS for that reason.
Whereas HTTP uses port 80, HTTPS uses port 443 for communication.
We’ll discuss more about SSL, usage and implementations in detail in upcoming articles.
Http 2015 is relatively new but still in implementation phase. We can say that 1.1 is the mostly used version as of now.
How to Check HTTP Request and Response on Chrome?
Let us take Google Chrome the popular browser, but the process remains same in all other browsers to view the details.
- Open a webpage in Google Chrome and go to “View > Developer > Developer Tools” menu.
- You can also open the developer console by right clicking on the page and choose “Inspect” option.
- Go to “Network” tab and then reload the page. Now you will see the loading time for each single component on the page.
- Here you can see request\Response headers.
- You can check complete response also in highlighted Response tab.
That’s all about Http for this session.