-
Hypertext Transfer Protocol (HTTP)Web/Protocol 2019. 8. 31. 12:22
1. Overview
The Hypertext Transfer Protocol(HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, where hypertext documents include hyperlinks to other resources that the user can easily access.
1.1 Versions
- HTTP/1.0
- The connection is closed after a single request/response pair
- A separate connection to the same server is made for every resource request
- HTTP/1.1
- First documented in RFC 2068 in 1997
- Can reuse a connection multiple times to download resources after the page has been delivered
- HTTP/2
- Published in 2015
- Supported by major web servers and browsers over Transport Layer Security(TLS) using an Application-Layer Protocol Negotiation(ALPN)
- HTTP/3
- Using UDP instead of TCP for the underlying transport protocol like HTTP/2
- Does not obsolete previous major versions
2. Description
2.1 Technical
- HTTPs functions as a request-response protocol in the client-server computing model.
- The client submits an HTTP request message to the server.
- The server, which provides resources such as HTML files, and other content, or performs other functions on behalf of the client, returns a response message to the client.
- The response contains completion status information about the request and may also contain requested content in its message body.
- Designed to permit intermediate network elements to improve communications between clients and servers
- High-traffic websites often benefit from web cache servers that deliver content on behalf of upstream servers to servers
- HTTP proxy servers at private network boundaries can facilitate communication for clients without a globally routable address
- Application layer protocol designed within the framework of the Internet protocol suite
- TCP is commonly used for underlying and reliable transport layer protocol.
- Can be adapted to use unreliable protocols such as the User Datagram Protocol(UDP) in HTTPU and SSDP
- HTTP resources are identified and located on the network by Uniform Resource Locators(URLs), using the Uniform Resource Identifier(URI's) schemes HTTP and https.
2.2 User-agent
- Web browser
- Web crawlers(indexing software used by search providers)
- Voice browsers
- Mobile apps
- Other software accesses, consumes or displays web content
2.3 HTTP session
- A sequence of network request-response transactions
- An HTTP client initiates a request by establishing a Transmission Control Protocol(TCP) connection to a particular port on a server
- An HTTP server listening on that port waits for a client's request message
- The server sends back a status line(such as HTTP/1.1 200) and a message of its own
- The body of this message is typically the requested resource, although an error message or other information may also be returned
2.4 Persistent connection
- A keep-alive-mechanism reduces request latency perceptibly because the client does not need to re-negotiate the TCP-3-Way-Handshake connection after the first request has been sent.
- a keep-alive-mechanism was introduced
- Can reuse a connection multiple times to download resources after the page has been delivered
- slow-start-mechanism make the connection faster with time
- chunked transfer encoding to allow content on persistent connections to be streamed rather than buffered.
- HTTP pipelining allows the client to send multiple requests before waiting for each response reduces lag time
- byte serving, where a server transmits just the portion of a resource explicitly requested by a client.
2.5 HTTP session state
- HTTP is a stateless protocol
- However, some web applications implement states or server-side sessions using, for instance, HTTP cookies or hidden variables within web forms
2.6 HTTP Authentication
- A challenge-response mechanism: Identifies and issues a challenge before serving the requested content
- basic access authentication
- digest access authentication
2.7 Authentication realms
- Define separate authentication scopes under on root URI
- The realm value string is combined with the canonical root URI to form the protection space component of the challenge
2.8 Message format
- Request
- Safe methods
- Idempotent methods and web applications
2.9 HTTP Method's role
Name Description GET Request a representation of the specified resource. Request using GET should only retrieve data HEAD Asks for a response identical to that of a GET request, but without the response body POST being used to submit an entity to the specified resource, often causing a change in state or side effects on the server PUT Replace all current representations of the target resource with the request payload DELETE Delete the specified resource CONNECT Establishing a tunnel to the server identified by the target resource OPTIONS being used to describe the communication options for the target resource TRACE Performing a message loop-back test along the path to the target resource PATCH being used to apply partial modifications to a resource 2.10 HTTP Method's features
HTTP method RFC Request has Body Response has Body Safe Idempotent Cacheable GET RFC 7231 Optional Yes Yes Yes HEAD RFC 7231 Optional No Yes Yes POST RFC 7231 Yes Yes No Yes PUT RFC 7231 Yes Yes No No DELETE RFC 7231 Optional Yes No No CONNECT RFC 7231 Optional Yes No No OPTIONS RFC 7231 Optional Yes Yes No TRACE RFC 7231 No Yes Yes No PATCH RFC 5789 Yes Yes No No 2.11 Response
3. References
https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol
'Web > Protocol' 카테고리의 다른 글
Dynamic Adaptive Streaming over HTTP (0) 2020.02.24 WebSockets vs Long Polling (0) 2020.02.23 QUIC (0) 2020.02.23 HTTP keepalive(HTTP persistent connection) (0) 2019.09.28 Stateful and stateless in Protocol (0) 2019.08.25 - HTTP/1.0