Introduction to HTTP
HTTP (HyperText Transfer Protocol) is the foundation of communication on the web. It enables clients (browsers, mobile apps) to communicate with servers to request and retrieve resources such as web pages, images, videos, and APIs.
1. HTTP Request Structure
An HTTP request consists of three main parts:
1.1 Request Line
The request line specifies the HTTP method, the resource path, and the HTTP version.
Example:
GET /index.html HTTP/1.1
-
GET- HTTP method -
/index.html- Resource being requested -
HTTP/1.1- Protocol version
1.2 Request Headers
Headers provide additional information about the request.
Example:
Host: example.com
User-Agent: Mozilla/5.0
Accept: text/html,application/xhtml+xml
1.3 Request Body (Optional)
Used in POST, PUT, and PATCH requests to send data to the server.
Example:
POST /api/user HTTP/1.1
Host: example.com
Content-Type: application/json
Content-Length: 34
{
"username": "john_doe",
"password": "securepass"
}
2. HTTP Response Structure
An HTTP response also consists of three parts:
2.1 Status Line
Indicates the status of the request.
Example:
HTTP/1.1 200 OK
-
HTTP/1.1- Protocol version -
200- Status code -
OK- Status message
2.2 Response Headers
Metadata about the response.
Example:
Content-Type: text/html
Content-Length: 1024
Server: Apache/2.4.41 (Ubuntu)
2.3 Response Body
Contains the actual content requested.
Example:
<!DOCTYPE html>
<html>
<head><title>Welcome</title></head>
<body><h1>Hello, World!</h1></body>
</html>
3. HTTP Methods
3.1 GET (Retrieve Data)
Used to request data from a server.
GET /users HTTP/1.1
Host: api.example.com
3.2 POST (Send Data)
Used to submit data to a server.
POST /users HTTP/1.1
Host: api.example.com
Content-Type: application/json
{
"name": "Alice",
"email": "alice@example.com"
}
3.3 PUT (Update Data)
Used to update a resource completely.
PUT /users/123 HTTP/1.1
Host: api.example.com
Content-Type: application/json
{
"name": "Alice Updated",
"email": "alice.new@example.com"
}
3.4 PATCH (Partial Update)
Used to modify part of a resource.
PATCH /users/123 HTTP/1.1
Host: api.example.com
Content-Type: application/json
{
"email": "alice.updated@example.com"
}
3.5 DELETE (Remove Data)
Used to delete a resource.
DELETE /users/123 HTTP/1.1
Host: api.example.com
4. HTTP Status Codes
| Code | Meaning |
|---|---|
| 200 | OK |
| 201 | Created |
| 204 | No Content |
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Not Found |
| 500 | Internal Server Error |
5. HTTP Headers
5.1 Request Headers
Headers sent by the client.
User-Agent: Mozilla/5.0
Authorization: Bearer token
Accept: application/json
5.2 Response Headers
Headers sent by the server.
Content-Type: application/json
Cache-Control: no-cache
Set-Cookie: sessionId=abc123; HttpOnly
6. Security in HTTP
6.1 HTTPS (Secure HTTP)
Uses SSL/TLS to encrypt data between the client and server.
6.2 Authentication
-
Basic Auth:
Authorization: Basic base64(username:password) -
Bearer Token:
Authorization: Bearer <token> - OAuth 2.0 / OpenID Connect: Used for authentication and authorization.
7. Connection Types
7.1 Persistent Connection (Keep-Alive)
Keeps the connection open for multiple requests.
Connection: keep-alive
7.2 Non-Persistent Connection
Closes the connection after a single request.
Connection: close
8. Cookies & Sessions
8.1 Cookies
Stores user-related data on the client.
Set-Cookie: userId=123; HttpOnly; Secure
8.2 Sessions
Stores user-related data on the server.
Conclusion
Understanding HTTP is crucial for building and optimizing web applications. By mastering HTTP requests, responses, methods, headers, and security features, you can create efficient and secure APIs and web services.
Top comments (0)