Introduction to HTTP


TunJS - Mai 2015

By Nader Toukabri

Plan

  • HTTP
  • REST
  • CORS

HTTP

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web.

HTTP

  • an application-level protocol for end-to-end communication
  • used for communication between a client and a server
    • a server could be a client too
  • a client sends a request to server which replies synchronously with a response

HTTP Request



GET /archive HTTP/1.1
Host: tunjs.github.io
Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2416.0 Safari/537.36
Referer: http://tunjs.github.io/
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cookie: ...

BODY...

HTTP Request



METHOD PATH PROTOCOL_VERSION
HEADERS

BODY...

HTTP Response



HTTP/1.1 200 OK
Age: 0
Cache-Control: max-age=600
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 981
Content-Type: text/html; charset=utf-8
Date: Fri, 29 May 2015 15:34:58 GMT
Expires: Fri, 29 May 2015 15:44:58 GMT
Last-Modified: Sat, 25 Apr 2015 14:06:51 GMT
Server: GitHub.com
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Cache: MISS

BODY...

HTTP Response



PROTOCOL_VERSION STATUS_CODE
HEADERS

BODY...

HTTP Headers

  • a list of key-value.
  • a request/response configuration

HTTP Methods

  • HTTP method/verb indicate the nature of desired operation
    • GET used to retrieve information with no side effects (changing data)
    • POST sends data and executues operation which might change data
    • PUT
    • PATCH
    • DELETE
    • OPTIONS
    • ...
  • either safe of unsafe

HTTP Status Code

  • a number for which is associated a message, e.g.
    • 200 Ok
    • 400 Bad Request
    • 500 Internal Server Error
    • ...
  • used to codify response state describing a situation regardin client, server or both
  • falls in one of 5 categories: informational, successful, redirection, client errors and server errors
  • custom status codes are supported as well

HTTP Status Code

  • Informational (1XX)
  • Successful (2XX)
    • 200 OK
    • 201 Created
  • Redirection (3XX)
    • 301 Moved Permanently
    • 302 Found
    • 304 Not Modified

HTTP Status Code

  • Client Error (4XX)
    • 400 Bad Request
    • 401 Unauthorized
    • 403 Forbidden
    • 404 Not Found
    • ...
  • Server Error (5XX)
    • 500 Internal Server Error
    • 501 Not Implemented
    • 502 Bad Gateway
    • 503 Service Unavailable
    • 504 Gateway Timeout
    • ...

HTTP

References

REST

Representational State Transfer (REST) is a software architecture style consisting of guidelines and best practices for creating scalable web services. REST is a coordinated set of constraints applied to the design of components in a distributed hypermedia system that can lead to a more performant and maintainable architecture

REST

  • ...

REST

References

CORS

CORS

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources (e.g. fonts, JavaScript, etc.) on a web page to be requested from another domain outside the domain from which the resource originated.

CORS

  • Web clients implement a security policy that prevent loading assets from unallowed sources, thus preventing security attacks, most notably XSS.
  • CORS solves this.

CORS

References

Refenrences

THE END