Introduction to HTTP
HTTP (HyperText Transfer Protocol) is the foundation of communication on the web. It enables clients (browsers, mobile apps) to communicate with servers to request and retrieve resources such as web pages, images, videos, and APIs.
1. HTTP Request Structure
An HTTP request consists of three main parts:
1.1 Request Line
The request line specifies the HTTP method, the resource path, and the HTTP version.
Example:
GET /index.html HTTP/1.1-
GET- HTTP method -
/index.html- Resource being requested -
HTTP/1.1- Protocol version
1.2 Request Headers
Headers provide additional information about the request.
Example:
Host: example.com
User-Agent: Mozilla/5.0
Accept: text/html,application/xhtml+xml1.3 Request Body (Optional)
Used in POST, PUT, and PATCH requests to send data to the server.
Example:
POST /api/user HTTP/1.1
Host: example.com
Content-Type: application/json
Content-Length: 34
{
"username": "john_doe",
"password": "securepass"
}2. HTTP Response Structure
An HTTP response also consists of three parts:
2.1 Status Line
Indicates the status of the request.
Example:
HTTP/1.1 200 OK-
HTTP/1.1- Protocol version -
200- Status code -
OK- Status message
2.2 Response Headers
Metadata about the response.
Example:
Content-Type: text/html
Content-Length: 1024
Server: Apache/2.4.41 (Ubuntu)2.3 Response Body
Contains the actual content requested.
Example:
</span>
Welcome
Hello, World!
Enter fullscreen mode
Exit fullscreen mode
3. HTTP Methods
3.1 GET (Retrieve Data)
Used to request data from a server.
GET /users HTTP/1.1
Host: api.example.com
Enter fullscreen mode
Exit fullscreen mode
3.2 POST (Send Data)
Used to submit data to a server.
POST /users HTTP/1.1
Host: api.example.com
Content-Type: application/json
{
"name": "Alice",
"email": "[email protected]"
}
Enter fullscreen mode
Exit fullscreen mode
3.3 PUT (Update Data)
Used to update a resource completely.
PUT /users/123 HTTP/1.1
Host: api.example.com
Content-Type: application/json
{
"name": "Alice Updated",
"email": "[email protected]"
}
Enter fullscreen mode
Exit fullscreen mode
3.4 PATCH (Partial Update)
Used to modify part of a resource.
PATCH /users/123 HTTP/1.1
Host: api.example.com
Content-Type: application/json
{
"email": "[email protected]"
}
Enter fullscreen mode
Exit fullscreen mode
3.5 DELETE (Remove Data)
Used to delete a resource.
DELETE /users/123 HTTP/1.1
Host: api.example.com
Enter fullscreen mode
Exit fullscreen mode
4. HTTP Status Codes
Code
Meaning
200
OK
201
Created
204
No Content
400
Bad Request
401
Unauthorized
403
Forbidden
404
Not Found
500
Internal Server Error
5. HTTP Headers
5.1 Request Headers
Headers sent by the client.
User-Agent: Mozilla/5.0
Authorization: Bearer token
Accept: application/json
Enter fullscreen mode
Exit fullscreen mode
5.2 Response Headers
Headers sent by the server.
Content-Type: application/json
Cache-Control: no-cache
Set-Cookie: sessionId=abc123; HttpOnly
Enter fullscreen mode
Exit fullscreen mode
6. Security in HTTP
6.1 HTTPS (Secure HTTP)
Uses SSL/TLS to encrypt data between the client and server.
6.2 Authentication
Basic Auth: Authorization: Basic base64(username:password)
Bearer Token: Authorization: Bearer
OAuth 2.0 / OpenID Connect: Used for authentication and authorization.
7. Connection Types
7.1 Persistent Connection (Keep-Alive)
Keeps the connection open for multiple requests.
Connection: keep-alive
Enter fullscreen mode
Exit fullscreen mode
7.2 Non-Persistent Connection
Closes the connection after a single request.
Connection: close
Enter fullscreen mode
Exit fullscreen mode
8. Cookies & Sessions
8.1 Cookies
Stores user-related data on the client.
Set-Cookie: userId=123; HttpOnly; Secure
Enter fullscreen mode
Exit fullscreen mode
8.2 Sessions
Stores user-related data on the server.
Conclusion
Understanding HTTP is crucial for building and optimizing web applications. By mastering HTTP requests, responses, methods, headers, and security features, you can create efficient and secure APIs and web services.