HTTP protocol Format

ABNF

The Abbreviation of Backus normal form is BNF. It is a formal representation of grammar named after The American Backus and the Danish Naur. It is used to describe a formal system of grammar and is a typical meta-language. Also known as backus-Naurform. Not only does it strictly represent grammatical rules, but the grammar it describes is context-free. It has the characteristics of simple syntax, explicit representation, easy to analyze and compile.

The extended Bacos-Nauer normal form (ABNF) is a meta-language based on the Bacos-Nauer normal form (BNF).

Q: Why is HTTP defined by ABNF? A: For example, as shown in the figure below


This requires a strict format to express the protocol: ABNF Format The following describes common operators in ABNF. For details, please click the link above.

  • Whitespace characters: Used to separate elements in a definition.
  • Select / : Indicates that multiple rules are optional rules
  • Value scope % c # # – # # : OCTAL = “0”/” 1 “/” 2 “, “3”/” 4 “/” 5 “/” 6 “/” 7 “and OCTAL = % x – 37 equivalence
  • Sequence composition () : Combine rules as a single element.
  • Unquantified repetition m*n: 1, * elements represent zero or more elements. 2, 1* elements represent one or more elements
  • Optional sequence []

Let’s look at the core rule:

The rules Formal definition meaning
DIGIT %x30-39 Numbers (0-9)
HEXDIF DIGIT / “A” / “B” / “C” / “D” / “E” / “F” Hexadecimal numbers (0-9, A-f, A-F)
SP %x20 The blank space
HTAB %x09 Horizontal tabs
VCHAR %x21-7E Visible print character
CRLF %x0D %x0A Internet standard newline

HTTP protocol format based on ABNF description

HTTP-message = start-line *(header-fielf CRLF) CRLF [message-body]

  • Start-line = request-line/status-line 1, request-line = method SP request-target SP http-version CRLF 2, status-line = HTTP-version SP status-code SP reason-phrase CRLF
  • Header-field = field-name “:” OWS field-value OWS 1, OWS = *(SP/HTAB) 2, field-name = token 3, field-value = *(field-content / obs-fold)
  • message-body = *OCTET

In the wireshark


The request line

request-line = method SP request-target SP HTTP-version CRLF

  • Method: indicates the purpose of an operation, verb
  • Request-target = origin-form/absoulte-form/authority-form/asterisk-form origin-form = absolute-path[“?” query] Requests to the Origin Server must pass/if path is empty
  • Absolut-form = absolt-uri Is used only when sending a request to the forward proxy
  • Author-form = authority is used only for the CONNECT method
  • Asterisk-form = “*” only for OPTIONS methods

Http-version Version:

  • HTTP/0.9: Only GET method is supported, obsolete
  • HTTP/1.0: RFC1945, 1996, commonly used for proxy servers
  • HTTP/1.1: RFC2616, 1999
  • HTTP/2.0: Released in 2015

Method Common methods:

  • GET: obtains resources, idempotent.
  • HEAD: Similar to GET, but the server does not send the body to GET the HEAD metadata, idempotent.
  • POST: Used to submit forms, add resources, etc.
  • PUT: Updates resources, with conditional constant idempotent.
  • DELETE: deletes resources, which is idempotent.
  • CONNECT: establishes a tunnel.
  • OPTIONS: Displays the methods supported by the server to access resources, idempotent.

Response line

status-line = HTTP-version SP status-code SP reason-phrase CRLF

  • status-code = 3DIGIT
  • reason-phrase = *(HTAB / SP / VCHAR / obs-text)

Status-code: 1, 1xx: Request received, requires further processing to complete, not supported by HTTP1.0

  • 100Continue: used before uploading large files. Triggered by the Expect:100-continue header in the client request
  • 101Switch Protocols: used for protocol Upgrade, triggered by client requests carrying Upgrade: header
  • 102Processing: Indicates that the server has received and is processing requests, but no response is available.

2. 2xx: The request was successfully processed

  • 200OK: Successful response is returned
  • 201Created: A new resource is created on the server
  • 202Accepted: The server receives and starts processing the request, but the request is not completed
  • 203non-authoriative Informatino: When a proxy server changes the original response packet body of the Origin Server, the proxy server can inform the client of this fact by changing 200 to 203
  • 204No Content: The request was successfully executed with no response package body and indicates that the client does not need to update the current page
  • 205Reset Content: The request was successfully executed without the response body and indicates that the client needs to update the current page
  • 206Partial Content: Response code that returns partial response Content when range is used
  • 207multi-status: Returns the Status of multiple resources as XML in WEBDAV
  • 208Already Reportd: To prevent resources in the same set from being reported repeatedly under 207, use the response code of the parent set

3, 3xx: redirects resources pointed to by Location or in the cache. It is also stipulated that the client should not be redirected more than 5 times to prevent endless loops.

  • 300Multiple Choiecs: The resource has multiple representations. After 300 is returned to the client, the client can choose which representation to access.
  • 301Moved Permanently: The resource is Permanently redirected to another URI
  • 302Found: Resource temporarily redirected to another URI.
  • 303See Other: Redirects resources to Other resources. It is used in the response of POST or PUT methods.
  • 304Not Modified: When the client has a cache that may expire, it carries information such as eTAG and time to ask the server whether the cache is still reusable, while 304 tells the client that the cache can be reused
  • 307Temporary Redirect: Similar to 302, but the request method must be the same as the original request method.

4. 4XX: An error occurs on the client

  • 400Bad Request: This error code is used when the server considers that an error occurs on the client but cannot identify the error
  • 401Unauthorized: User authentication information is true or incorrect, causing the server to fail to process the request
  • 403Forbidden: The server understands the meaning of the request but does not have the permission to execute it
  • 404Not Found: The server did not find the corresponding resource
  • 405Method Not Allowed: The server does Not support the method method in the request line
  • 406Not Acceptable: The resource expression specified to the client does not exist and the server returns a list of expressions for the client to choose from
  • 407Proxy Authentication Required: The server does not verify the Authentication information Required by the proxy
  • 408Reqest Timeout: Requests received by the server have timed out
  • 409Confli: Resource conflict
  • 410Gone: The server has not found the corresponding resource and knows that the resource cannot be found permanently
  • 411Length Required: This field is returned if the request contains a packet body, contains a Content-Length header, and does not belong to the chunk class
  • 412Feed Failed: The if-Umodified-since or IF-none-match header passed during the multiplexing cache is not met
  • 413Payload Too Large/Request Entity Too Large: The requested packet size exceeds the maximum length that the server can handle
  • 414URI Too Long: The requested URI exceeds the maximum length acceptable by the server
  • 415Unsupported Media Type: indicates that the uploaded file Type is not supported by the server
  • 416Range Not Satisfiable: Cannot provide the specified Range of packets
  • 417Expectation Failed: response code when Expect cannot meet the expectation of the request header
  • 421Misdirected Request: The server decides that this Request should not be sent to it because it cannot handle it
  • 426Upgrade Required: The server refuses to provide services based on the current HTTP protocol and uses the Upgrade header to inform the client that the protocol must be upgraded to continue processing
  • 428Precondition: The condition class header, such as IF-match, is missing in the user request
  • 429Too Many Requests: The client sent Requests too fast
  • 431Request Header Fields Too Large: The size of the Header Header in the request exceeds the limit
  • 451Unavailable For Legal Reasons: The access is unavailable For Legal Reasons

5, 5XX: server error

  • 500Internal Server Error: indicates an internal Server Error that does not belong to the following Error types
  • 501Not Implemented: The server does not support the functionality required to implement the request
  • 502Bad Gateway: The proxy server fails to obtain legitimate resources
  • 503Service Unavailable: Server resources are not ready to handle the current request
  • 504Gateway Timeout: The proxy server fails to get a response from the upstream in time
  • 505HTTP Verson Not Supported: The HTTP version used in the request is Not Supported
  • 507Insufficient Storage: The server has insufficient space to process requests
  • 508Loop Detected: Loops are Detected when resources are accessed
  • 511Network Authentication Required: The proxy server discovers that the client requires Authentication to obtain network access rights

conclusion

Learning ABNF syntax helps us better understand and learn HTTP protocol more rigorously.

note

For more articles, please go to Github, if you like, please click star, which is also a kind of encouragement to the author