DEV Community

Michael Caveney
Michael Caveney

Posted on

What Do Web Developers Need To Know About HTTP/HTTPS?

In the Web Developer Roadmap and other sources, it's said that web developers should have some working knowledge of HTTP. I find the scope of this subject hard to parse, and am wondering what folks think webdevs need to know about HTTP, apart from status codes and request methods?

Top comments (5)

Collapse
 
ssimontis profile image
Scott Simontis

If you can answer these, I would say you're ahead of the game.

  • Status codes: what is the most appropriate response you can return for a given situation?
  • HTTP/2: why is the number of resource requests made by a page less important on a server supporting HTTP/2?
  • HTTP caching. I feel like most people don't have a solid grasp of what the different headers mean and don't explore past the point of "Clear your cache if you don't see the CSS updates!"
  • Know your common headers, especially those that pertain to security. Content Security Policy, referrer policies, Strict Transport Security
Collapse
 
nicolus profile image
Nicolas Bailly

And CORS, whether you're doing front-end or back-end you should learn about CORS or one day you'll spend hours wondering why your query doesn't return anything, and why your browser is making "OPTIONS" request instead of POSTing your damn form.

Collapse
 
apihlaja profile image
Antti Pihlaja • Edited

I remember someone saying that good test of HTTP-knowledge is to browse internet using telnet. That may be a bit too cumbersome now. At the time, some websites were hand-written HTML so it was a bit more pleasant to read. On the other hand, interacting with REST-API should be rather trivial. Only potential issue is that HTTPS doesn't work but there is an alternative.

Web developer should be familiar with tools like curl or httpie. That kind of tools are essential time to time when debugging things. I don't think you can use those tools effectively without having some grasp of the underlying protocols (TCP and HTTP).

Collapse
 
leoat12 profile image
Leonardo Teteo • Edited

I think the other answers already talked about you should know about HTTP, but about HTTPS it would be good to know how certificates actually works, how to properly issue one and what you have to do to have the padlock beside your site URL.
One important thing is if your site is delivered through HTTPS, everything must be delivered through HTTPS. Sometimes you will not understand the warnings when one little image is being delivered through HTTP instead of HTTPS. And that HTTP is over port 80 and HTTPS over port 443. ;-)

Collapse
 
dylanesque profile image
Michael Caveney

These are great answers, thanks for chiming in!