Hypertext Transfer Protocol (HTTP)

1. Overview

The Hypertext Transfer Protocol(HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, where hypertext documents include hyperlinks to other resources that the user can easily access.

1.1 Versions

• HTTP/1.0
  • The connection is closed after a single request/response pair
  • A separate connection to the same server is made for every resource request
•  HTTP/1.1
  • First documented in RFC 2068 in 1997
  • Can reuse a connection multiple times to download resources after the page has been delivered

• HTTP/2
  • Published in 2015
  • Supported by major web servers and browsers over Transport Layer Security(TLS) using an Application-Layer Protocol Negotiation(ALPN)
• HTTP/3
  • Using UDP instead of TCP for the underlying transport protocol like HTTP/2
  • Does not obsolete previous major versions

 

2. Description

2.1 Technical

• HTTPs functions as a request-response protocol in the client-server computing model.
• The client submits an HTTP request message to the server.
• The server, which provides resources such as HTML files, and other content, or performs other functions on behalf of the client, returns a response message to the client.
• The response contains completion status information about the request and may also contain requested content in its message body.
• Designed to permit intermediate network elements to improve communications between clients and servers
  • High-traffic websites often benefit from web cache servers that deliver content on behalf of upstream servers to servers
  • HTTP proxy servers at private network boundaries can facilitate communication for clients without a globally routable address
• Application layer protocol designed within the framework of the Internet protocol suite
• TCP is commonly used for underlying and reliable transport layer protocol.
• Can be adapted to use unreliable protocols such as the User Datagram Protocol(UDP) in HTTPU and SSDP
• HTTP resources are identified and located on the network by Uniform Resource Locators(URLs), using the Uniform Resource Identifier(URI's) schemes HTTP and https.

2.2 User-agent

• Web browser
• Web crawlers(indexing software used by search providers)
• Voice browsers
• Mobile apps
• Other software accesses, consumes or displays web content

2.3 HTTP session

• A sequence of network request-response transactions
• An HTTP client initiates a request by establishing a Transmission Control Protocol(TCP) connection to a particular port on a server
• An HTTP server listening on that port waits for a client's request message
• The server sends back a status line(such as HTTP/1.1 200) and a message of its own
  • The body of this message is typically the requested resource, although an error message or other information may also be returned

2.4 Persistent connection

• A keep-alive-mechanism reduces request latency perceptibly because the client does not need to re-negotiate the TCP-3-Way-Handshake connection after the first request has been sent.
• a keep-alive-mechanism was introduced
  • Can reuse a connection multiple times to download resources after the page has been delivered
• slow-start-mechanism make the connection faster with time 
• chunked transfer encoding to allow content on persistent connections to be streamed rather than buffered.
• HTTP pipelining allows the client to send multiple requests before waiting for each response reduces lag time
• byte serving, where a server transmits just the portion of a resource explicitly requested by a client.

2.5 HTTP session state

• HTTP is a stateless protocol
• However, some web applications implement states or server-side sessions using, for instance, HTTP cookies or hidden variables within web forms

2.6 HTTP Authentication

• A challenge-response mechanism: Identifies and issues a challenge before serving the requested content
  • basic access authentication
  • digest access authentication

2.7 Authentication realms

• Define separate authentication scopes under on root URI
• The realm value string is combined with the canonical root URI to form the protection space component of the challenge

2.8 Message format

• Request
  • Safe methods
  • Idempotent methods and web applications

2.9 HTTP Method's role

Name	Description
GET	Request a representation of the specified resource. Request using GET should only retrieve data
HEAD	Asks for a response identical to that of a GET request, but without the response body
POST	being used to submit an entity to the specified resource, often causing a change in state or side effects on the server
PUT	Replace all current representations of the target resource with the request payload
DELETE	Delete the specified resource
CONNECT	Establishing a tunnel to the server identified by the target resource
OPTIONS	being used to describe the communication options for the target resource
TRACE	Performing a message loop-back test along the path to the target resource
PATCH	being used to apply partial modifications to a resource

2.10 HTTP Method's features

HTTP method	RFC	Request has Body	Response has Body	Safe	Idempotent	Cacheable
GET	RFC 7231	Optional	Yes	Yes		Yes
HEAD	RFC 7231	Optional	No	Yes		Yes
POST	RFC 7231	Yes	Yes	No		Yes
PUT	RFC 7231	Yes	Yes	No		No
DELETE	RFC 7231	Optional	Yes	No		No
CONNECT	RFC 7231	Optional	Yes	No		No
OPTIONS	RFC 7231	Optional	Yes	Yes		No
TRACE	RFC 7231	No	Yes	Yes		No
PATCH	RFC 5789	Yes	Yes	No		No

2.11 Response

 

3. References

https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol

https://www.steveschoger.com/status-code-poster/

https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods