HTTP - Dleifnesor/NET-215 GitHub Wiki
The web operates on three foundational technologies:
-
HTML (HyperText Markup Language)
Provides consistent formatting of resources/documents. -
URL (Uniform Resource Locator)
Provides an addressing scheme to uniquely locate any resource. -
HTTP (HyperText Transfer Protocol)
Defines the protocol for exchanging resources/documents between systems.
A web resource is any content served by a web server. It may be:
Stored as files on the server:
-
.html,.jpg,.pdf,.mp4, etc. - Located directly in the web server's filesystem.
Generated in real time by server-side applications:
- Vary based on user input, session state, time, database queries, etc.
- Examples: real estate search, live camera feeds, dynamic dashboards.
- A URI (Uniform Resource Identifier) is a unique name for a web resource.
- A URL is the most common type of URI and points to the location of a resource.
http://www.joes-hardware.com/specials/saw-blade.gif
| Type | Definition | Example |
|---|---|---|
| Absolute | Full path including domain | http://example.com/images/pic.jpg |
| Relative | Path relative to current site |
images/pic.jpg, ../about/page.html
|
Rules:
- Use relative paths for internal links.
- Use absolute paths for external links.
Web paths begin from the web root, not the server's full filesystem.
- Apache (Linux):
/var/www/html - IIS (Windows):
C:\InetPub
URL: http://test.com/cncs/cyber.html
- Apache:
/var/www/html/cncs/cyber.html - IIS:
C:\InetPub\cncs\cyber.html
http://test.com/var/www/html/cncs/cyber.html won't work.
HTTP relies on TCP/IP for network communications.
- Requires IP address + Port
- Port 80 = default HTTP
- Port 443 = default HTTPS
http://207.200.83.29:80/index.html
http://www.netscape.com:80/index.html
http://www.netscape.com/index.html
DNS resolves hostnames to IPs.
HTTP is not secure:
- Anyone can read data (forms, cookies, headers).
- Use HTTPS (TLS encryption) to protect data.
HTML forms collect and submit user input:
<form action="welcome_get.php" method="get">
Name: <input type="text" name="name"><br>
E-mail: <input type="text" name="email"><br>
<input type="submit">
</form>GET /welcome_get.php?name=adam&[email protected] HTTP/1.1
HTTP defines a number of request methods that indicate the desired action to be performed on a resource.
| Method | Description |
|---|---|
| GET | Retrieves data from the server. Should not have any side effects. |
| POST | Sends data to the server to create or process a resource. Often used with forms. |
| PUT | Replaces or creates a resource at a specific URI. Idempotent. |
| DELETE | Removes the specified resource from the server. |
| HEAD | Same as GET, but returns only headers (no response body). Useful for testing links or caching. |
| OPTIONS | Describes the communication options for the target resource. Often used in CORS (Cross-Origin Resource Sharing). |
| PATCH | Applies partial updates to a resource. |
| TRACE | Echoes the received request so the client can see what (if any) changes or additions have been made by intermediate servers. |
- Safe methods: GET, HEAD, OPTIONS, TRACE — do not modify data.
- Idempotent methods: GET, PUT, DELETE, HEAD, OPTIONS — can be repeated without causing additional effects.
- Non-idempotent methods: POST, PATCH — may result in changes each time they're repeated.
<html>
<body>
Welcome <?php echo $_GET["name"]; ?><br>
Your email address is: <?php echo $_GET["email"]; ?>
</body>
</html>| Feature | GET | POST |
|---|---|---|
| Data sent in | URL | Body of request |
| Cacheable | Yes | No |
| Browser history | Yes | No |
| Bookmarkable | Yes | No |
| Length restrictions | Yes | No |
| Use with sensitive data | No | Yes |
Two types:
- Request (from client)
- Response (from server)
Start-Line
Header: Value
Header: Value
[Optional Body]
GET /index.html HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0
Referer: https://google.com
If-Modified-Since: Sat, 28 Nov 2009 03:50:37 GMT
HTTP/1.1 200 OK
Date: Sat, 28 Nov 2009 04:36:25 GMT
Server: LiteSpeed
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
<!DOCTYPE html>
<html>...</html>
- Host – Domain to request
- User-Agent – Info about browser & OS
- Referer – Previous page
- If-Modified-Since – For caching
- Content-Type – MIME type of response
- Last-Modified – For client-side caching
- Cache-Control – How client should cache data
| Code | Description |
|---|---|
| 200 | OK – Success |
| 301 | Moved Permanently (Redirect) |
| 304 | Not Modified (Use cached version) |
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Not Found |
| 500 | Internal Server Error |
| 418 | I'm a teapot (nerds) |