Scribd
Upload
65 views

HTTP

The document provides an overview of the HTTP protocol. It describes how HTTP uses TCP to transfer objects between clients and servers. It outlines the basic operation of HTTP including URLs, requests, responses, headers, status codes, and methods. Persistent connections and cookies are also discussed. The document concludes by briefly introducing HTTPS which provides encryption over HTTP using TLS.

Uploaded by

Saras Pantulwar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
65 views

HTTP

The document provides an overview of the HTTP protocol. It describes how HTTP uses TCP to transfer objects between clients and servers. It outlines the basic operation of HTTP including URLs, requests, responses, headers, status codes, and methods. Persistent connections and cookies are also discussed. The document concludes by briefly introducing HTTPS which provides encryption over HTTP using TLS.

Uploaded by

Saras Pantulwar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

Application Layer protocols: HTTP

Application Layer Protocols


 Uses the services of transport layer protocols
(TCP/UDP) to enable different application specific
services to users
 Large number of protocols, too many to list
 Telnet, FTP, SSH, HTTP, IMAP, POP, SMTP, RDP, RTP,
….
 We will cover basics of HTTP as an example
HTTP
 HyperText Transfer Protocol
 TCP based protocol to transfer objects between a HTTP
client and server on the internet
 Standardized versions in use
 HTTP 1.1
 Supported by all websites
 HTTP 2.0
 Standardized in 2015, widely adopted
 Around 50% of the websites support
 HTTP 3.0 also there, not standardized yet
 We will cover some basics of HTTP 1.1
Uniform Resource Locators (URL)
 Identifier for resources/objects on the Internet
 Three main components
 Scheme: the protocol to be used to access the resource
 http, https, ftp….
 Host: identifies the host the resource is in
 Can also be followed by a port
 Path: identifies the resource in the host, or a subpart of the
resource
 Example
 http://www.abc.com/docs/paper1.pdf
 ftp://www.abc.com:21/docs/paper1.pdf
 http://www.abc.com/products/Model328#Specs
 Can also specify query strings, parameters to pass to scripts
Basic HTTP Operation
 Client-server based operation
 Client opens TCP connection to server (default port 80 for
http, port 443 for https)
 Client sends requests to server
 Methods along with resource URI and parameters
 Server sends response
 Always have status code to indicate success/error
 May have content depending on request method
 Presentation of the content is not part of the protocol
 HTTP 1.1 is a text-based protocol, all requests and responses
are sent as text
 HTTP is stateless, server need not remember any client state
Methods
 GET: return the contents of a resource
 Ex. A webpage, a file,…
 HEAD: return the header, without the actual contents
 Useful for testing validity of the URL, or for collecting meta-data for
the resource
 POST: Treat the document as a script and send some data to it
 Ex. when forms are submitted
 PUT: Replace the contents of a resource with some data
 DELETE Delete the resource
 TRACE: Echo the incoming request
 Useful for debugging
 OPTIONS: allows client to know what methods and headers can
be used with a resource
 CONNECT: for connecting through proxies
HTTP Message Format

Request/Response line

General headers
Request/Response headers
Headers
Entity headers
(one field in each line)

blank line
Entity Body
General headers
 Header fields that are applicable to both requests and
response
Request Headers
 Header fields specific to request messages only
HTTP Response Headers
Entity Headers
 Header fields specifying attributes of the data sent
Status Codes

27.12
27.13
HTTP Request Example: GET
Method URL Protocol Version

GET /index.html HTTP/1.1


Host: www.ag.com
User-Agent: Mozilla/98.0.1
Accept: text/html, *.*
Accept-Language: en-us
Headers If-modified-since: Wed, 21 Jan 2022
08:00:00 GMT
Connection: keep-alive

General headers
Request headers
Entity headers
HTTP Response Example
Version Status Code Status Message

HTTP/1.1 200 OK
Date: Thu, 24 Mar 2022 17:43:21 GMT
Server: Apache/2.4.41
Headers
Content-Type: text/html
Content-Length: 1846
blank line
<html>
Entity Body ...
</html>

General headers
Response headers
Entity headers
HTTP Request Example: PUT
Method URL Protocol Version

PUT /networks/readme.txt HTTP/1.1


Host: www.ag.com:8080
User-Agent: Mozilla/98.0.1
Content-type: text/plain
Headers Content-length: 754
Connection: close
Cache-control: no-cache
blank line

Entity Body …
General headers
Response headers
Entity headers
HTTP Response Example
Version Status Code Status Message

HTTP/1.1 200 OK
Date: Thu, 24 Mar 2022 18:36:27 GMT
Server: Apache/2.4.41
Headers

General headers
Response headers
Entity headers
Persistent Connection
 Non-persistent connection: one TCP connection made
for each request-response
 Inefficient when downloading say a page with lots of
images etc. which will need to be downloaded anyway
 Persistent connection: A connection is reused for
multiple request-response
 Default for HTTP 1.1 onwards
 The server can close the connection if client requests
(using connection header field) or on timeout
 Persistent connections can also pipeline requests
Cookies
 Small pieces of data that the server stores on client side
 Server sends cookies using set-cookie response header field
 Multiple set-cookie fields can be used to send more than one
piece of data
HTTP/2.0 200 OK
Content-Type: text/html
Set-Cookie: movie_seen=untouchables
Set-Cookie: actor=sean_connery

 Can set expiry time on cookies also
Set-Cookie: name=ag; Expires=Thu, 30 APR 2022
10:30:00 GMT
 Client sends on subsequent requests to same server/domain
 Uses the cookie field in request header

GET /arbit.html HTTP/1.1


Host: www.example.org
Cookie: movie_seen=untouchables;actor=sean_connery

 Allows servers to track users to push more personalized


information like name, targeted advertisements, personalized
movie recommendations etc.
HTTPS
 HTTP over a secure connection
 Uses Transport Layer Security (TLS)
 Earlier known as Secure Socket layer (SSL)
 Allows for both client and server authentication using
digital certificates
 Allows encrypted message exchange
 Security parameters (algorithms to use, keys etc.)
negotiated at the start before any actual data transfer
 Interoperability maintained by negotiating capabilities of
client and server at the beginning

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy