Moment For Technology

HTTP always has something you're interested in

Posted on Dec. 2, 2022, 7:08 p.m. by Denise Smith-Lewis
Category: The back-end Tag: The back-end security http The server

preface

A better plan of a week or two is to break. I haven't shared some dry goods with you for three weeks due to the previous eye disease. The body is the capital of the revolution, but also hope that the old code ape in overtime should also pay attention to health.

As a competent code farmer, in the three weeks of beautiful time did not forget to learn, the system to understand the next we are familiar with and have strange HTTP protocol

I believe that there are a large number of Web application developers among us who do not understand the HTTP protocol that underlies the Web. Let's familiarize ourselves with the HTTP protocol from the following points

  • HTTPThe birth of
  • HTTPHow does this function apply to client and server communication
  • HTTPRequest result status code
  • The safety ofHTTPS

The birth of HTTP

HTTP is called HyperText Transfer Protocol.

HTTP began in the 1980s as an effort to share knowledge among researchers around the world. In the ensuing period of development, the HTTP standard protocol was gradually established in the browser war between Netscape And Microsoft. The current mainstream HTTP protocol version is HTTP/1.1, released in January 1997. For a deep memory of HTTP/1.1 in our Web program, please see the previous Spring Boot Boot principle resolution (2) Tomcat startup detailed explanation of a figure

How does HTTP affect client-server communication

There are several TCP/IPD protocol families that need to be understood in order to understand how HTTP communicates:

1. Application layer: determines the communication activities when providing application services to users. 2. Transport layer: Provides data transmission between two computers in network connection to the upper application layer. 4. Data link layer: Deals with the hardware that connects to the networkCopy the code

The HTTP protocol uses the TCP/IP protocol family for network communication. It communicates with each other in hierarchical order.

Let's take a network request as an example. First, the client as the sender initiates an HTTP request for a WEB page at the application layer (HTTP protocol). Then the transport layer (TCP) divides the data (HTTP request packets) received by the application layer, marks the numbers and port numbers on each packet, and forwards the packets to the network layer. The network layer (IP protocol) adds the MAC address of the destination and forwards it to the link layer. At last, the link layer sends a request packet to the external network. The server at the receiving end receives data at the link layer and sends the data to the upper layer in sequence until the application layer. The process of responding to a request starts with the server sending data until the client receives the transmitted data. A complete HTTP request is completed.

From the above interpretation process of HTTP communication, we know that there is no link to save the communication state, so HTTP is a stateless protocol. In order to save the communication state, Cookie technology should be introduced.

HTTP request result status code

The status code describes the result of the request returned by the server. The categories of status codes are

  • 1xx Infomational status codeThe received request is being processed
  • 2xx Success status codeThe request is processed normally
  • 3xx Redirection(Redirection status code)
  • 4xx Client Error status code
  • 5xx Seriver Error(server Error status code)

The response from 2xx indicates that the request was processed normally.

The result of the 3XX redirection response indicates that the browser needs to perform some special processing to process the request correctly. 301 Moved Permannetly Permanent redirection. The requested resource has been assigned a new URI. 302 Found Temporary redirection, requested resource has been assigned a new URI;

4XX Client error Indicates that the client is the cause of the error. 400 Bad Request An error exists in the Request packet. 403 Forbidden The server refuses to access requested resources. 404 Requested resource not found on server.

5xx Server Error Indicates that an error occurs on the server

The safety ofHTTPS

HTTP + encryption + Authentication + Integrity protection = HTTPS Everything has two sides, and HTTP itself has its disadvantages

  • The communication is transmitted in plain text and there is a risk that the content will be eavesdropped
  • If you do not verify the identity of the communicating party, you may encounter disguise
  • The integrity of the packet cannot be proved, so the packet may have been tampered with

If unencrypted plaintext is used in HTTP communication, for example, when a WEB page is used for login, it may be eavesdropped and expose private information. In the case of HTTP, neither the server nor the client can identify the communicating party, so it is likely that the actual communication is not with the intended communicating party.

To solve the above problems, encryption and authentication mechanisms need to be added to HTTP. HTTP with encryption and authentication mechanisms is usually called HTTP(HTTP secret).

The last

In the company of three, there must be my teacher. At the same time to share dry goods to everyone, talent and learning shallow also hope that everyone to be made right. Also welcome to pay attention to my nugget or brief book, named firewood yards

Search
About
mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.