HTTP/HTTPS

Author: Tran Tuan Quy

Date: July 7, 2014

Updated: Jan 1, 2018

About Me

  • Full Stack JavaScript Developer

  • Technical Manager at NAU Studio

  • I have worked for Pyramid Consulting as Frontend Manager

 

Contact Me

  • Twitter: #tuanquynet                              

  • G+: tuanquynet

  • Gmail: tuanquynet

Contents

  • Basic Concepts

  • HTTP Message

  • Web Authentication

  • Resource

  • Recap

Basic Concepts

from: TCP/IP vs. OSI: What’s the Difference Between the Two Models?

HTTP, FTP, SMTP

HTTP

HyperText Transfer Protocol

Current version: 1.1

Next Version: 2.0
http://http2.github.io/http2-spec/index.html

Use TCP, not UDP

HTTP 1.1

  • Charset
    • ASCII, ANSI, ISO-8859-1, UTF-8
       
  • Date/Time:
  • Sun, 06 Nov 1994 08:49:37 GMT ; RFC 822
     
  • Content-Coding:
    • gzip
    • compress
    • deflate
    • identify

HTTP/2

  • HTTP methods, status codes and semantics are the same as HTTP 1.1
  • Focus on performance; specifically, end-user perceived latency, network and server resource usage
  • Differences from HTTP/1.x
    • is binary, instead of textual
    • is fully multiplexed, instead of ordered and blocking
    • can therefore use one connection for parallelism
    • uses header compression to reduce overhead
    • allows servers to “push” responses proactively into client caches

How web communication work

HTTP Server

HTTP Client

How Client Talk with Server

Open https://plus.google.com/

 

  1. Client make TCP connection to 173.194.127.160
  2. Client send HTTP request message to server
  3. Client read HTTP response returned from server
  4. Client close TCP connection

 

How Client Talk with Server

How Client Talk with Server

HTTPS

HTTPS stand for HyperText Transfer Protocol Secure

HTTP + SSL = HTTPS

HTTPS

HTTPS Handshake

HTTP Message

HTTP Message

HTTP Request

HTTP Response

HTTP Request

HTTP Request Method

GET

POST

PUT

DELETE

HEAD

OPTIONS

TRACE

CONNECT

HTTP Request Header

Host

Content-Type

Cookies

Expires

User-Agent
Authorization

HTTP header definitions

Request Body

user:abc@gmail.com&pass=123456

Related Header:

  • Content-Length: 202
  • Content-Encoding: gzip | compress

HTTP Response

Status Code

1xx: Informational:

  • 100 Continue
  • 101 Switch protocol

 

2xx: Successful

  • 200 OK
  • 201 Created

3xx: Redirection

  • 301 Moved Permanently
  • 304 Not Modified

Status Code

4xx: Client Error

  • 400 Bad Request
  • 401 Unauthorized

 

5xx: Server Error

  • 500 Internal Server Error
  • 501 Not Implemented

 

HTTP Response Header

Content-Type

Content-Length

Content-Encoding

Set-Cookies

Server

HTTP header definitions

Web Authentication

Basic Access Authentication

Authenticate with Password

Authenticate with JWT

Resource

  1. MDN (Mozila Developer Network)
  2. Google Web Fundamentals
  3. Youtube

Question & Answer

Thank for Your Attention

Made with Slides.com