HTTP/HTTPS
Author: Tran Tuan Quy
Date: July 7, 2014
Updated: Jan 1, 2018
About Me
-
Full Stack JavaScript Developer
-
Technical Manager at NAU Studio
-
I have worked for Pyramid Consulting as Frontend Manager
Contact Me
-
Twitter: #tuanquynet
-
G+: tuanquynet
- Gmail: tuanquynet
Contents
-
Basic Concepts
-
HTTP Message
-
Web Authentication
-
Resource
-
Recap
Basic Concepts



HTTP, FTP, SMTP
HTTP
HyperText Transfer Protocol
Current version: 1.1
Next Version: 2.0
http://http2.github.io/http2-spec/index.html
Use TCP, not UDP
HTTP 1.1
- Charset
- ASCII, ANSI, ISO-8859-1, UTF-8
- ASCII, ANSI, ISO-8859-1, UTF-8
- Date/Time:
- Sun, 06 Nov 1994 08:49:37 GMT ; RFC 822
- Content-Coding:
- gzip
- compress
- deflate
- identify
- HTTP methods, status codes and semantics are the same as HTTP 1.1
- Focus on performance; specifically, end-user perceived latency, network and server resource usage
- Differences from HTTP/1.x
- is binary, instead of textual
- is fully multiplexed, instead of ordered and blocking
- can therefore use one connection for parallelism
- uses header compression to reduce overhead
- allows servers to “push” responses proactively into client caches
How web communication work

HTTP Server




HTTP Client




How Client Talk with Server
- Client make TCP connection to 173.194.127.160
- Client send HTTP request message to server
- Client read HTTP response returned from server
- Client close TCP connection
How Client Talk with Server

How Client Talk with Server

HTTPS
HTTPS stand for HyperText Transfer Protocol Secure
HTTP + SSL = HTTPS
HTTPS
HTTPS Handshake

HTTP Message
HTTP Message


HTTP Request
HTTP Response
HTTP Request

HTTP Request Method
GET
POST
PUT
DELETE
HEAD
OPTIONS
TRACE
CONNECT
HTTP Request Header
Host
Content-Type
Cookies
Expires
User-Agent
Authorization
Request Body
user:abc@gmail.com&pass=123456
Related Header:
- Content-Length: 202
- Content-Encoding: gzip | compress
HTTP Response

Status Code
1xx: Informational:
- 100 Continue
- 101 Switch protocol
2xx: Successful
- 200 OK
- 201 Created
3xx: Redirection
- 301 Moved Permanently
- 304 Not Modified
Status Code
4xx: Client Error
- 400 Bad Request
- 401 Unauthorized
5xx: Server Error
- 500 Internal Server Error
- 501 Not Implemented
HTTP Response Header
Content-Type
Content-Length
Content-Encoding
Set-Cookies
Server
Web Authentication
Basic Access Authentication

Authenticate with Password

Authenticate with JWT

Resource
Question & Answer
Thank for Your Attention
HTTP/HTTPS
By Quy Tran
HTTP/HTTPS
- 2,815