Wednesday, 24 May 2017

What is HTTP Request and Response?


OVERVIEW OF HTTP REQUEST AND RESPONSE

WHAT IS HTTP?

  • HTTP is an application layer protocol
  • The default port for HTTP is 80
  • World Wide Web Consortium and the Internet Engineering Task Force, both coordinates in the standardization of the HTTP protocol
  • The resources that can be requested by using HTTP protocol is made available with the help of a type of URI (Uniform Resource Identifier) called URL (Uniform Resource Locator).
  • A series of request and response in HTTP is called as a session in HTTP
  • HTTP version 0.9 was the first documented version of HTTP
  • HTTP is a stateless protocol (which means each and every connection is independent of each other.)
  • Hypertext Transfer Protocol (HTTP) uses Transmission Control Protocol (TCP) as the Transport Layer Protocol at Well Known port number 80. Once the TCP connection is established, the two steps in Hypertext Transfer Protocol (HTTP) communication are
    • HTTP Client Request
    • HTTP Server Response


1

  • HTTP Client Request: Hypertext Transfer Protocol (HTTP) client sends a Hypertext Transfer Protocol (HTTP) Request to the Hypertext Transfer Protocol (HTTP) Server according to the HTTP standard, specifying the information the client like to retrieve from the Hypertext Transfer Protocol (HTTP) Server.
E.g. HTTP Request Message
GET /hello.htm HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows NT)Host: wwww.example.comAccept-Language: en-usAccept-Encoding: gzip, deflateConnection: Keep-Alive
  • HTTP Server Response: Once the Hypertext Transfer Protocol (HTTP) Request arrived at the Hypertext Transfer Protocol (HTTP) server, it will process the request and creates a Hypertext Transfer Protocol (HTTP) Response message. The Hypertext Transfer Protocol (HTTP) response message may contain the resource the Hypertext Transfer Protocol (HTTP) Client requested or information why the Hypertext Transfer Protocol (HTTP) request failed.
E.g. HTTP Response Message
POST /cgi-bin/process.cgi HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows NT)Host: www.example.comContent-Type: application/x-www-form-urlencodedContent-Length: lengthAccept-Language: en-usAccept-Encoding: gzip, deflateConnection: Keep-Alive licenseID=string&content=string&/paramsXML=string
  • HTTP Response varies from the different server the HTTP request is sent.
From an Apache 1.3.23 server
HTTP/1.1 200 OK
Date: Sun, 15 Jun 2003 17:10: 49 GMT
Server: Apache/1.3.23
Last-Modified: Thu, 27 Feb 2003 03:48: 19 GMT
ETag: 32417-c4-3e5d8a83
Accept-Ranges: bytes
Content-Length: 196
Connection: close
Content-Type: text/HTML
From a Microsoft IIS 5.0 server:

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Expires: Yours, 17 Jun 2003 01:41: 33 GMT
Date: Mon, 16 Jun 2003 01:41: 33 GMT
Content-Type: text/HTML
Accept-Ranges: bytes
Last-Modified: Wed, 28 May 2003 15:32: 21 GMT
ETag: b0aac0542e25c31: 89d
Content-Length: 7369
From a Netscape Enterprise 4.1 server:
HTTP/1.1 200 OK
Server: Netscape-Enterprise/4.1
Date: Mon, 16 Jun 2003 06:19: 04 GMT
Content-type: text/HTML
Last-modified: Wed, 31 Jul 2002 15:37: 56 GMT
Content-length: 57
Accept-ranges: bytes
Connection: close

There are various HTTP Header Security implementation required for a secure web application. Please go through my next blog HTTP Header Security.

No comments:

Post a Comment