A detailed description of the HTTP protocol and the way the Web works
HTTP (Hypertext Transfer Protocol) Is one of the application protocols of TCP/IP. TCP/IP is a protocol suite that provides support for the Internet.
I'll solve it: noOneAmong all agreements, it is definitely the most successful and popular agreement.
HTTP is what makes the World Wide Web work. It provides a language for browsers to communicate with remote servers that host web pages.
Due to the work done by Tim Berners-Lee at CERN since 1989, HTTP was first standardized in 1991.
The goal is to make it easy for researchers to exchange and link their papers. This is a way for the scientific community to work better.
At that time, the main Internet applications mainly included FTP (File Transfer Protocol), Email and Usenet (newsgroups, which are almost deprecated today).
In 1993, the first graphical web browser Mosaic was released, and things have skyrocketed ever since.
The Web has become the killer application of the Internet.
Over time, the Web and its surrounding ecosystem have undergone tremendous development, but the foundation still exists. An example of evolution: HTTP now not only provides a REST API for web pages, but also a REST API, which is a common method for accessing services programmatically via the Internet.
HTTP made a minor revision using HTTP/1.1 in 1997, and a subsequent revision in 2015,HTTP/2It has been standardized and is now implemented by major web servers used worldwide.
Like any other protocol (SMTP, FTP...) that does not provide services through an encrypted connection, the HTTP protocol is considered insecure. This is why the use of HTTPS is now vigorously promoted, HTTPS is HTTP served over TLS.
In other words, the building blocks of HTTP/2 and HTTPS originated from HTTP. In this article, I will introduce how HTTP works.
HTTP is the methodbrowserFor example, Chrome, Firefox, Edge, etc.clientFrom here) andNetwork Server.
The name of the hypertext transfer protocol originates from not only the need to transfer files (for example, called "file transfer protocol" in FTP), but also the need to transfer hypertext. The hypertext will be written in HTML and then rendered graphically by the browser , And has a beautiful appearance and interactivity. link.
Links are the driving force for adoption and it is easy to create new web pages.
HTTP is a tool for transferring those hypertext files (and the images and other file types we will see) over the network.
In a web browser, a document can use a link to point to another document.
The link consists of the first part, which determines the protocol and server address by domain name or IP.
Of course, this part is not unique to HTTP.
Then comes the documentation part. Anything in the address part represents the document path.
For example, the address of this document is
httpsIt is an agreement.
flaviocopes.comIs the domain name pointing to my server
/http/Is the document URL relative to the server root path.
Paths can be nested:
https://flaviocopes.com/page/privacy/In this case, the document URL is
The web server is responsible for interpreting the request and providing the correct response after analysis.
What's in the request?
The first thing isURL, We have seen it before.
When we enter an address and press Enter in the browser, the server will send it to the correct IP address, as shown below:
where /a-page is the URL you requested.
The second thing is the HTTP method (also called verb).
HTTP in the early days defined 3 of them:
and HTTP/1.1 introduced
We’ll see them in detail in a minute.
The third thing that composes a request is a set of HTTP headers.
Headers are a set of
key: valuepairs that are used to communicate to the server-specific information that is predefined, so the server can know what we mean.
I described them in detail in the HTTP request headers list.
Give that list a quick look. All of those headers are optional, except
GET is the most used method here. It’s the one that’s used when you type an URL in the browser address bar, or when you click a link.
It asks the server to send the requested resource as a response.
HEAD is just like GET, but tells the server to not send the response body back. Just the headers.
The client uses the POST method to send data to the server. It’s typically used in forms, for example, but also when interacting with a REST API.
The PUT method is intended to create a resource at that specific URL, with the parameters passed in the request body. Mainly used in REST APIs
The DELETE method is called against an URL to request deletion of that resource. Mainly used in REST APIs
When a server receives an OPTIONS request it should send back the list of HTTP methods allowed for that specific URL.
Returns back to the client the request that has been received. Used for debugging or diagnostic purposes.
HTTP Client/Server communication
HTTP, as most of the protocols that belong to the TCP/IP suite, is a stateless protocol.
Servers have no idea what’s the current state of the client. All they care about is that they get request and they need to fulfill them.
Any prior request is meaningless in this context, and this makes it possible for a web server to be very fast, as there’s less to process, and also it gives it bandwidth to handle a lot of concurrent requests.
HTTP is also very lean, and communication is very fast in terms of overhead. This contrasts with the protocols that were the most used at the time HTTP was introduced: TCP and POP/SMTP, the mail protocols, which involve lots of handshaking and confirmations on the receiving ends.
Graphical browsers abstract all this communication, but we’ll illustrate it here for learning purposes.
A message is composed by a first line, which starts with the HTTP method, then contains the resource relative path, and the protocol version:
GET /a-page HTTP/1.1
After that, we need to add the HTTP request headers. As mentioned above, there are many headers, but the only mandatory one is
GET /a-page HTTP/1.1 Host: flaviocopes.com
How can you test this? Using telnet. This is a command-line tool that lets us connect to any server and send it commands.
Open your terminal, and type
telnet flaviocopes.com 80
This will open a terminal, that tells you
Trying 22.214.171.124... Connected to flaviocopes.com. Escape character is '^]'.
You are connected to the Netlify web server that powers my blog. You can now type:
GET /axios/ HTTP/1.1 Host: flaviocopes.com
and press enter on an empty line to fire the request.
The response will be:
HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=0, must-revalidate Content-Length: 46 Content-Type: text/plain Date: Sun, 29 Jul 2018 14:07:07 GMT Location: https://flaviocopes.com/axios/ Age: 0 Connection: keep-alive Server: Netlify
Redirecting to https://flaviocopes.com/axios/
See, this is an HTTP response we got back from the server. It’s a 301 Moved Permanently request. See the HTTP status codes list to know more about the status codes.
It basically tells us the resource has permanently moved to another location.
Why? Because we connected to port 80, which is the default for HTTP, but on my server I set up an automatic redirection to HTTPS.
The new location is specified in the
LocationHTTP response header.
There are other headers, all described in the HTTP response headers list.
In both the request and the response, an empty line separates the request header from the request body. The response body in this case contains the string
Redirecting to https://flaviocopes.com/axios/
which is 46 bytes long, as specified in the
Content-Lengthheader. It is shown in the browser when you open the page, while it automatically redirects you to the correct location.
In this case we’re using telnet, the low-level tool that we can use to connect to any server, so we can’t have any kind of automatic redirect.
Let’s do this process again, now connecting to port 443, which is the default port of the HTTPS protocol. We can’t use telnet because of the SSL handshake that must happen.
Let’s keep things simple and use
curl, another command-line tool. We cannot directly type the HTTP request, but we’ll see the response:
curl -i https://flaviocopes.com/axios/
this is what we’ll get in return:
HTTP/1.1 200 OK Cache-Control: public, max-age=0, must-revalidate Content-Type: text/html; charset=UTF-8 Date: Sun, 29 Jul 2018 14:20:45 GMT Etag: "de3153d6eacef2299964de09db154b32-ssl" Strict-Transport-Security: max-age=31536000 Age: 152 Content-Length: 9797 Connection: keep-alive Server: Netlify
<!DOCTYPE html> <html prefix=“og: http://ogp.me/ns#” lang=“en”> <head> <meta charset=“utf-8”> <meta http-equiv=“X-UA-Compatible” content=“IE=edge”> <title>HTTP requests using Axios</title> …
I cut the response, but you can see that the HTML of the page is being returned now.
An HTTP server will not just transfer HTML files, but typically it will also serve other files: CSS, JS, SVG, PNG, JPG, lots of different file types.
This depends on the configuration.
HTTP is perfectly capable of transferring those files as well, and the client will know about the file type, thus interpret them in the right way.
More network tutorials:
- Introduction to WebSockets
- How HTTP requests work
- The HTTP Request Headers List
- The HTTP Response Headers List
- HTTP vs HTTPS
- What is an RFC?
- The HTTP protocol
- The HTTPS protocol
- The curl guide to HTTP requests
- Caching in HTTP
- The HTTP Status Codes List
- What is a CDN?
- The HTTP/2 protocol
- What is a port
- DNS, Domain Name System
- The TCP Protocol
- The UDP Protocol
- An introduction to REST APIs
- How to install a local SSL certificate in macOS
- How to generate a local SSL certificate
- How to configure Nginx for HTTPS
- A simple nginx reverse proxy for serving multiple Node.js apps from subfolders
- What is a reverse proxy?