One, five layer network model
-
1. Physical layer: The main function is to define how physical devices transmit data
-
2. Data link layer: Establish data link connections between communicating entities
-
3. Network layer: Create logical links for data transmission between nodes
-
4. Transport layer: To provide users with reliable end-to-end services, the transport layer hides the details of data communication from the lower layer to the higher layer
-
5. Application layer: It provides many services for application software, which is built on TCP protocol and hides details related to network transmission
Second, the HTTP
- 1. Three handshakes
Uri-urls and UrNs
- 1.URI: Uniform Resource Identifier (URI), which uniquely identifies information resources on the Internet, including urls and UrNs
- URL: Uniform Resource Locator/ Uniform Resource Locator
http://user:[email protected]:80/path?query=string#hash
These formats are called URLS, such as FTP
- 3.URN: A permanent uniform resource locator that can be found after the resource is moved. There is no mature use scheme yet
4. HTTP packets
- 1.HTTP methods: used to define operations on resources, such as GET and POST, have their own semantics by definition
- 2.HTTP CODE: defines the server’s processing result of the request. The CODE of each interval has its own semantic meaning
Create a simple Web service
- 1. Install nodejs
- 2. Create a folder and add it
server.js
const http = require('http');
http.createServer(function (request, response){
console.log('request com', request.url)
response.end('123');
}).listen(8888)
console.log('server listening on 8888');
Copy the codeRestrictions and resolution of cross-domain requests
- 1. Description: Browser interception of request return
- 2. Cross-domain scenarios:
Different domain names; The main domain name is the same, but the subdomain name is different; The domain name and domain name correspond to the same IP address. Same domain name, different protocol; Same domain name, different port; Same domain name, different files or paths;
- 3. Solutions:
Jsonp, configure the response header
- Case 4.
Test.html The HTML code for the test initiates a cross-domain Ajax request
<! DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, <meta HTTP-equiv =" x-UA-compatible "content=" IE =edge"> <title>Document</title> </head> <body> </body> <! Using JSONP, you can solve cross-domain problems --> <! -- <script SRC ="http://127.0.0.1:8887/"></script> --> <script> var XHR = new XMLHttpRequest(); XHR. Open (' GET 'and' http://127.0.0.1:8887/ ') XHR. The send () < / script > < / HTML >Copy the codeServer.js builds the service and uses test.html to initiate cross-domain requests
const http = require('http');
const fs = require('fs')
http.createServer(function (request, response){
console.log('request com', request.url)
const html = fs.readFileSync('test.html', 'utf8');
response.writeHead(200, {
'Content-Type': 'text/html'
})
response.end(html);
}).listen(8888)
console.log('server listening on 8888');
Copy the codeServer2.js Receive server, solve cross-domain problems
const http = require('http'); http.createServer(function (request, response){ console.log('request com', // Response. writeHead(200, {// 'access-Control-allow-origin ': Response.writehead (200, {' access-Control-allow-origin ': 'http://127.0.0.1:8888' all allow}) response. / / the end (' 123 '); }).listen(8887) console.log('server listening on 8887');Copy the codeCORS cross-domain limits pre-request validation
- 1. Permit method
GET
HEAD
POST
- 2. Allow the content-type
text/plain
multipart/form-data
application/x-www-form-urlencoded
- 3. Other restrictions
None of the XMLHttpRequestUpload objects are registered with any event listeners No ReadableStream object is used in the request
- 4. Case
Response. writeHead(200, {' access-control-allow-origin ': '*', // all 'access-Control-allow-headers ': 'X-Test-Cors', 'Access-Control-Allow-Methods': 'POST, PUT, DELETE', 'Access-Control-Max-Age': '1000' })Copy the codeCache-control
- 1. Cacheable rows
Public The HTTP cache can be initiated anywhere. Private The cache can be initiated only on the browser that initiates the request. No-cache No node can be cached
- 2. Due
S-maxage =
Read stale=
Set for the proxy server max-stale=
Even if the cache expires, the stale cache can be used within the specified time. PS: The browser does not use the stale cache
- 3. Revalidate
Must-revalidate After we set max-age to expire, we must re-request proxy-revalidate to be used in the cache server
- 4. Other
No-cache Checks with the server to determine whether the local cache can be used every time a request is sent. PS: The local cache can be stored locally. No-store The local cache and the proxy server cannot use the cache
Cache validation last-Modified and Etag
- 1.Last-Modified
Last Modified time with if-modified-since or if-unmodified-since is used to compare the last Modified time to verify whether the resource needs to be updated
- 2.Etag
If the content of the data signature resource is changed, the signature is different. Then the resource is obtained and matched with if-match or if-non-match to determine whether the cache is used
Ten, Cookie&Session
- 1.Cookie
Cookie, in a nutshell, is to save some historical information about user operations (including login information of course) on the local computer, and when the user visits the site again, the browser sends the local Cookie content to the server through HTTP protocol, so as to complete authentication or continue the previous operation.
By setting set-cookie the next request will automatically bring key-value pairs. Multiple Cookie properties can be Set
Max-age and Expires set expiration time Secure sends only when HTTPS sets HttpOnly that cannot be accessed through document.cookie
- 2.session
Session, in short, is the storage of historical information about user actions on the server. The server uses a session ID to identify a session. The session ID is generated by the server to ensure randomness and uniqueness. The session ID is equivalent to a random key, preventing the user’s password from being exposed during handshake or transmission.