HTTP
and beyond
Shota Papiashvili
@shotapa
@shotap
shota@walla.net.il
What is HTTP?
The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web.
OSI and TCP/IP model
In OSI protocol Model, HTTP runs on Application Layer whereas TCP runs on Transport Layer.
HTTP functions as a request–response protocol in the client–server computing model
HTTP Request
- A Request-line
- Zero or more header fields followed by CRLF
- An empty line (i.e., a line with nothing preceding the CRLF) indicating the end of the header fields
- Optionally a message-body
Request-Line = Method SP Request-URI SP HTTP-Version CRLF
HTTP Methods
UR*
URI = Uniform Resource Identifier
URL = Uniform Resource Locator
scheme:[//[user:password@]host[:port]][/]path[?query][#fragment]
i.e. In HTML, the value of the src attribute of the img element provides a URI reference, as does the value of the href attribute of the a or link element.
URN = Uniform Resource Name
HTTP Response
- A Status-line
- Zero or more header fields followed by CRLF
- An empty line (i.e., a line with nothing preceding the CRLF) indicating the end of the header fields
- Optionally a message-body
Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF
HTTP Status
| Code | Description |
|---|---|
| 1XX | Informational |
| 2XX | Success |
| 3XX | Redirection |
| 4XX | Client Error |
| 5XX | Server Error |
https://httpstatuses.com/
HTTPS
HTTP is not encrypted and is vulnerable to man-in-the-middle and eavesdropping attacks.
HTTP Cache
The 3 guiding principles of caching
Cache as much as you can
Cache as long as you can
Cache as close as you can
HTTP Cache
CDN = Content Delivery Network
CDN is a globally distributed network of proxy servers deployed in multiple data centers.
The goal of a CDN is to serve content to end-users with high availability and high performance.
CDNs serve a large fraction of the Internet content today,
HTTP Cache
The most important part is to control the cache, cache is great if you know how its cached
ETag
Validation token is communicated by the server via the ETag HTTP header
Validation token enables efficient resource update checks: no data transfer if the resource has not changed.
HTTP Cache
The most important part is to control the cache, cache is great if you know how its cached
Headers
Each resource can define its caching policy via Cache-Control HTTP header
Cache-Control directives control who can cache the response, under which conditions, and for how long
HTTP Cache
The most important part is to control the cache, cache is great if you know how its cached
cachebuster
A cache-buster is a unique piece of code that prevents a browser from reusing an ad it has already seen and cached, or saved, to a temporary memory file.
HTTP/2
HTTP/2 is a replacement for how HTTP is expressed “on the wire.” It is not a ground-up rewrite of the protocol; HTTP methods, status codes and semantics are the same, and it should be possible to use the same APIs as HTTP/1.x to represent the protocol.
HTTP/2
At a high level, HTTP/2:
- is binary, instead of textual
- is fully multiplexed, instead of ordered and blocking
- can therefore use one connection for parallelism
- uses header compression to reduce overhead
- allows servers to “push” responses proactively into client caches
Q&A
