iCoder

Now, You Know About HTTP: Learn What Matters!

Lets discuss about HTTP Protocol

Prakhar Sinha's photo
Prakhar Sinha
Β·

7 min read

Now, You Know About HTTP: Learn What Matters!

Table of contents

Hey Folks! hope you all are doing extremely well, today we are gonna learn about HTTP, not everything but everything in the sense that matters, that will enhance your understanding of how things work under the hood!

So, let us Enter the digital highway, where every click, tap, and scroll is choreographed by the unsung maestro of the internet – the Hypertext Transfer Protocol, or as we all know it, HTTP. Buckle up, because we're about to take a thrilling ride through the pulsating veins of the World Wide Web!

Here We GoπŸš€

I'm pretty sure, You Might have one question in concern with this blog post and that is Why aren't you covering HTTPS and why HTTP right?

So, let me clear this at first, It is because of the following reasons:

  1. Basic Understanding: When discussing web protocols, it's essential to establish a foundational understanding of HTTP before delving into HTTPS. HTTP provides the fundamental principles of communication between clients and servers, making it a common starting point for educational purposes.

  2. Transition to HTTPS: HTTPS is an extension of HTTP with an added layer of security (SSL/TLS encryption). While the industry is actively encouraging the adoption of HTTPS for improved security and privacy, HTTP is still in use, particularly in scenarios where encryption is not a critical requirement. Discussions about transitioning from HTTP to HTTPS are common, emphasizing the importance of securing web communication.

and many more...

πŸ‘‰ We'll be covering HTTPS as well in the future until you develop your understanding of HTTP.

What is HTTP ?

HTTP, or Hypertext Transfer Protocol, is the foundation of any data exchange on the web. Developed by Sir Tim Berners-Lee in 1989, HTTP serves as the protocol for transmitting hypertext documents, allowing users to navigate between interconnected pages and access various resources.

A typical flow over HTTP involves a client machine requesting a server, which then sends a response message.

Request-Response Cycle:

At its core, HTTP follows a simple yet powerful request-response cycle. A client, typically a web browser, sends a request to a server for a specific resource (e.g., a web page). The server processes the request and sends back a response containing the requested data. This exchange forms the basis of every interaction on the web.

Each HTTP request made from the client side to the server carries data in encoded form, that carries different types of information.

***What Does A Typical HTTP Request Contain ?***πŸ€”

  • HTTP version type

  • a URL

  • HTTP method

  • HTTP request headers

  • HTTP body(optional)

HTTP Headers

The typical use-case of HTTP headers is to send the metadata, in the form of key-value along with the request and response.

Also, in caching mechanism, authentication and authorization, state management, etc.

Request Headers - from the client

Response Headers - from server

Representation Headers - for encoding/compression

Payload Headers - for sending data

Most Common Request Headers :

  • accept : this header basically tells the type of data, that the server will be accepting.

    For ex. application/json or XML or text/html etc.

  • user-agent : this header basically tells, from which application request has been made, if the request is made from the browser let's say then, its name will be displayed followed by the version.

    For Ex. Chrome/5.0

    It could be platforms like Postman or Thunderclient as well!

  • Authorization : we used to send this header from the frontend for the authentication purpose, you might have seen many a time like

    Authorization: Bearer {bnjnsdjnbf6r845rjhf48} This is something called an auth token.

  • Content-Type : This header plays a crucial role in ensuring that the server and client can interpret the content correctly, making it a fundamental component of the HTTP protocol. When sending an HTTP request or response, the appropriate Content-Type value should be set to accurately describe the nature of the content being transmitted.

    For Ex. application/json, application/xml amd many more.

  • cookie : sent in the form of objects.

  • cache-control : if we need, like when data will expire or if data want to reside in the network or not.

    For Ex. after 3000s reset the data or state lets say.

    CORS Headers

  • Access-Control-Allow-Origin

  • Access-Control-Allow-Credentials

  • Access-Control-Allow-Method

Security Headers

  • Cross-Origin-Embedder-Policy

  • Cross-Origin-Opener-Policy

  • Content-Security-Policy

  • XSS-Protection

HTTP Methods

  1. GET: Retrieve data from the server. It's a safe and idempotent operation, meaning multiple identical requests will have the same effect as a single request.

  2. POST: Submit data to be processed to a specified resource. It's used for creating a new resource or triggering a specific operation on the server.

  3. PUT: Update a resource or create a new resource if it doesn't exist at a specified URI. It replaces the entire resource.

  4. PATCH: Apply partial modifications to a resource. It's used when you want to apply only some updates to the resource, not replace it entirely.

  5. DELETE: Request the removal of a resource at a specified URI. It's used to delete the resource identified by the URI.

  6. OPTIONS: Retrieve information about the communication options available for the target resource. It's often used to describe the communication options for the target resource.

  7. HEAD: Retrieve the headers of a resource as if making a GET request but without the actual data. It's used for retrieving metadata about a resource.

  8. TRACE: this method performs a message loop-back test along the path to the target resource, providing a useful debugging mechanism.

HTTP Status Codes

HTTP status codes are three-digit numbers returned by a server in response to a client's request made to the server. They provide information about the status of the request and the outcome of the server's attempt to process it. The status codes are grouped into several classes, each serving a specific purpose. Here are some common HTTP status code classes:

  1. 1xx (Informational): The request was received, continuing process.

    • 100 Continue: The server has received the request headers and the client should proceed to send the request body.

  2. 2xx (Successful): The request was successfully received, understood, and accepted.

    • 200 OK: The request was successful.

    • 201 Created: The request resulted in the creation of a new resource.

    • 204 No Content: The server successfully processed the request but there is no additional content to send in the response.

  3. 3xx (Redirection): Further action needs to be taken to complete the request.

    • 301 Moved Permanently: The requested resource has been permanently moved to a new location.

    • 302 Found (or Temporary Redirect): The requested resource resides temporarily under a different URI.

    • 304 Not Modified: The resource has not been modified since the version specified in the request headers.

  4. 4xx (Client Error): The request contains bad syntax or cannot be fulfilled.

    • 400 Bad Request: The server cannot or will not process the request due to a client error.

    • 401 Unauthorized: Similar to 403 Forbidden, but specifically for authentication issues.

    • 403 Forbidden: The client does not have permission to access the requested resource.

    • 404 Not Found: The requested resource could not be found on the server.

  5. 5xx (Server Error): The server failed to fulfill a valid request.

    • 500 Internal Server Error: A generic error message indicating an unexpected condition.

    • 502 Bad Gateway: The server, while acting as a gateway or proxy, received an invalid response from an upstream server.

    • 503 Service Unavailable: The server is not ready to handle the request. Common causes are a server that is down for maintenance or is overloaded.

πŸ‘‰These codes help both developers and clients understand the outcome of an HTTP request and take appropriate action based on the response from the server.

As we venture forth into the ever-evolving digital frontier, let HTTP be your guiding star, reminding you that every click, every request, and every response is a step in the ongoing saga of the internet's evolution. Keep exploring, keep learning, and may your online journey be as fascinating as the protocol that started it all.

With That Set, let us End Up Here!, I hope that I was able to add some knowledge and value to your learnings through this blog!
Still Doubtful ?πŸ€”πŸ€·β€β™‚οΈ Comments are always open. I will be Glad to help!

πŸ‘‰Do Consider Subscribing to The Newsletter, so that you never miss an update from us!

#LearningInPublic #http

#HappyLearningFolks!

Did you find this article valuable?

Support Prakhar Sinha by becoming a sponsor. Any amount is appreciated!

networkingWeMakeDevs#HiteshChaudhary Web DevelopmentCyberSecSecuritykunalkushwaha
Β