Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
Comparison of layout...
Online auction...
Assignment (computer...
Blind credential
Multi-paradigm...
TiddlyWiki
WebGUI
recommendation
Freenet DSL
Who's Online
12 user(s) are online (11 user(s) are browsing encyclopedia)

Members: 0
Guests: 12

more...
browser tip
recommendation!
Sponsored
partner

HyperText Transfer Protocol

HyperText Transfer communications protocol (HTTP) is the primary method used to convey information on the World Wide Web. The original purpose was to provide a way to publish and receive HTML pages.

Development of HTTP was co-ordinated by the World Wide Web Consortium and working groups of the Internet Engineering Task Force, culminating in the publication of a series of Request for Commentss, most notably RFC 2616, which defines HTTP/1.1, the version of HTTP in common use today.

HTTP is a request/response protocol between clients and servers. An HTTP client, such as a web browser, typically initiates a request by establishing a Transmission Control Protocol connection to a particular port (computing) on a remote host (port 80 by default). An HTTP server listening on that port waits for the client to send a request string, such as GET / HTTP/1.1 (which would request the default page of that web server), followed by an email-like MIME message which has a number of informational header strings that describe aspects of the request, followed by an optional body of arbitrary data. Some headers are optional, while others (such as Host) are required by the HTTP/1.1 protocol. Upon receiving the request string (and message, if any), the server sends back a response string, such as 200 OK , and a message of its own, the body of which is perhaps the requested file, an error message, or some other information.

= HTTP request methods =

  • GET By far the most common method used to request for a specified URL.
  • HEAD Identical to GET, except that the page content is not returned; just the headers are. Useful for retrieving meta-information.
  • POST Similar to GET, except that a message body, typically containing key-value pairs from an HTML form submission, is included in the request.
  • PUT Used for uploading files to a specified Uniform_Resource_Identifier on a web-server.
  • DELETE Rarely implemented, deletes a resource (i.e. a file).
  • TRACE Echoes back the received request, so that a client can see what intermediate servers are adding or changing in the request.
  • OPTIONS Returns the HTTP methods that the server supports. This can be used to check the functionality of a web server.
  • CONNECT For use with a proxy that can change to being an Secure Sockets Layer tunnel.
    • HTTP servers are supposed to implement at least GET and HEAD methods and, whenever possible, also OPTIONS method.

    = HTTP URL =

    The locations of HTTP (and HTTPS) pages are given as Uniform Resource Locators or URLs. This address location syntax was created for linking Web pages.

    = HTTP versions =

    HTTP differs from other TCP-based protocols such as FTP, because HTTP has different protocol versions:

  • 0.9 Deprecated. Was never widely used. Only supports one command, GET. Does not support headers. Since this version does not support POST the client can t pass much information to the server.
  • HTTP/1.0 Still in wide use, especially by proxy servers; it allows one request-response per connection.
  • HTTP/1.1 Current version; it allows persistent connections (alias keep-alive connections) with more than one request-response per TCP/IP connection, thus speeding up response time and improving network bandwidth utilization (fewer data packets are sent).

    • = HTTP connection persistence =

    In HTTP/0.9 and HTTP/1.0, a client sends a request to the server, the server sends a response back to the client. After this, the connection is closed. HTTP/1.1, however, supports persistent connections. This enables the client to send a request and get a response, and then send additional requests and get additional responses. The TCP connection is not released for the multiple additional requests, so the relative overhead due to TCP is much less per request. The use of persistent connection is often called keep alive . It is also possible to send more than one (usually between two and five) request before getting responses from previous requests. This is called HTTP pipelining .

    There is a HTTP/1.0 extension for connection persistence, but its utility is limited due to HTTP/1.0 s lack of unambiguous message delimition rules. This extension uses a header called Keep-Alive, while the HTTP/1.1 connection persistence uses the Connection header. Therefore a HTTP/1.1 may choose to support either just HTTP/1.1 connection persistence, or both HTTP/1.0 and HTTP/1.1 connection persistence. Some HTTP/1.1 clients and servers do not implement connection persistence or have it disabled in their configuration.

    = HTTP connection closing =

    Both HTTP servers and clients are allowed to close TCP/IP connections at any time (i.e. depending on their settings, their load, etc.). This feature makes HTTP ideal for the World Wide Web, where pages regularly link to many other pages on the same server or to external servers.

    Closing an HTTP/1.1 connection can be a much longer operation (from 200 milliseconds up to several seconds) than closing an HTTP/1.0 connection, because the first usually needs a linger close while the second can be immediately closed as soon as the entire first request has been read and the full response has been sent.

    = HTTP session state =

    HTTP can occasionally pose problems for Web developers (Web Applications), because HTTP is stateless (i.e. it does not keep session information) so this feature forces the use of alternative methods for maintaining users state . Many of these methods involve the use of HTTP cookie.

    = HTTPS: the secure version of HTTP =

    HTTPS is the secure version of HTTP, using Transport Layer Security to protect the traffic. The protocol normally uses TCP port 443. SSL, originally created to protect HTTP, is especially suited for HTTP since it can provide (some) protection even if only one side to the communication, the server, is authenticated. This is typically the case in HTTP transactions over the Internet.

    = Sample =

    Below is a sample conversation between an HTTP client and an HTTP server running on www.example.com, port 80.

    Client request (followed by a double Newline, each in the form of a carriage return followed by a line feed.):

    GET /index.html HTTP/1.1 Host: www.example.com

    The Host header distinguishes between various Domain Name System names sharing a single IP address. While optional in HTTP/1.0, it is mandatory in HTTP/1.1.

    Server response (followed by a blank line and text of the requested page):

    HTTP/1.1 200 OK Date: Mon, 23 May 2005 22:38:34 GMT Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT Etag: 3f80f-1b6-3e1cb03b Accept-Ranges: bytes Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8

    =See also=

  • List of HTTP status codes
  • 404 error
  • Uniform resource locator
  • Basic authentication scheme
  • Digest access authentication
  • Captive portal
  • HTTP proxy
  • Content negotiation

    • = External links =

    ==Specifications and references==

  • HTTP/1.0 specification (May 1996) as plain text: RFC 1945
  • HTTP/1.1 specification (June 1999) as plain text: RFC 2616; also [http://www.w3.org/Protocols/rfc2616/rfc2616.html as HTML], [ftp://ftp.isi.edu/in-notes/rfc2616.ps as PostScript], and [http://www.w3.org/Protocols/HTTP/1.1/rfc2616.pdf as PDF];
  • [http://purl.org/NET/http-errata HTTP/1.1 specification errata]
  • Tim Berners-Lee s [http://www.w3.org/Protocols/HTTP/HTTP2.html original 1992 Internet-Draft]
  • [http://www.eventhelix.com/RealtimeMantra/Networking/http_sequence_diagram.pdf HTTP Sequence Diagram] (PDF)

    • ==Tutorials and tools==

  • [http://www.jmarshall.com/easy/http/ HTTP Made Really Easy]
  • [http://analyze.forret.com HTTP header viewer]
  • [http://www.webconfs.com/http-header-check.php HTTP Header Check - Bookmarklet]
  • [http://web-sniffer.net/ View HTTP Request and Response Header]
  • Command-line HTTP clients: [http://curl.haxx.se/ cURL], [http://www.gnu.org/software/wget/wget.html Wget], [http://www.xach.com/snarf/ Snarf], [http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.bin/fetch/ fetch]
  • [http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf HTTP Request Smuggling] (PDF)
  • [http://www.http-compression.com HTTP compression]
  • [http://livehttpheaders.mozdev.org/ Live HTTP Headers Extension for Firefox]
    		•