HTTP Explained

---

 

HTTP is an asymmetric request-response client-server protocol as illustrated.
  HTTP = Hyper Text Transfer Protocol

---

---

Characteristics

• HTTP is a stateless protocol = the current request does not know what has been done in the previous requests.

  
   

 

---

Structure of Request = Header + Body

URL http://www.nowhere123.com/doc/index.html into the following request message:

GET /docs/index.html HTTP/1.1
   Host: www.nowhere123.com
   Accept: image/gif, image/jpeg, */*
   Accept-Language: en-us
   Accept-Encoding: gzip, deflate
   User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
   (blank line)
***This example has no data being sent in body****    

line 1: Request Type (above GET) with path to request and version of HTTP
line 2: Host sending request to
line 3: Accept: client telling server what MIME data type they will accept
line 4: Accept-Language: client telling server the language they want the response in
line 5: Accept-Encoding: client telling server what encoded formats they want the resonse in (if there is an encoding)
line 6: User-Agent: client telling server what kind of client software (e.g. browser,etc) that request is made on
line 7: blank line - separates header from body of request
line 8++++: the data (if any) that is being sent from client to server

 

 

The HTTP Request TYPE : GET, POST, PUT, DELETE and MORE
 

GET This is the default method and causes the fill-out form contents to be appended to the URL as if they were a normal query . When the submit button is pressed, the contents of the form will be assembled into a query URL that looks like this: action?name=value&name=value&name=value Specifically, your CGI program will receive the encoded form input in the environment variable QUERY_STRING. Strange characters in any of the "name" or "value" instances will be escaped as usual; this includes "=" and "&". Note: This means that instances of "=" that separate names and values, and instances of "&" that separate name/value pairs, are not escaped. For text and password entry fields, whatever the user typed in will be the value; if the user didn't type anything, the value will be empty but the "name=" part of the query string will still be present. For checkboxes and radio buttons, the VALUE attribute specifies the value of a checkbox or radio button when it is checked. An unchecked checkbox is disregarded completely when assembling the query string. Multiple checkboxes can have the same NAME (and different VALUEs), if desired. Multiple radio buttons intended to have "one of many" behavior should have the same NAME and different VALUEs. If you use the GET method in your form, you will notice that the example GET server will choke if too much data (more than a couple hundred bytes) is submitted at a time -- the server is passing the data to the form-processing module via a shell command line, and the maximum shell command line length is being exceeded. This problem does not exist with the POST method and server.

POST This method causes the fill-out form contents to be sent to the server in a data body rather than as part of the URL. The contents of the form are encoded exactly as with the GET method (above), but rather than appending them to the URL specified by the form's ACTION attribute as a query, the contents are sent in a data block as part of the POST operation. The ACTION attribute (if any) is the URL to which the data block is POSTed. Specifically, your CGI program will receive the encoded form input on stdin. The server will NOT send you an EOF on the end of the data, instead you should use the environment variable CONTENT_LENGTH to determine how much data you should read from stdin.

---

Structure of a HTTP Response = Header + Body

 

An example of the HTTP response message is as shown:

HTTP/1.1 200 OK
   Date: Sun, 18 Oct 2009 08:56:53 GMT
   Server: Apache/2.2.14 (Win32)
   Last-Modified: Sat, 20 Nov 2004 07:16:26 GMT
   ETag: "10000000565a5-2c-3e94b66c2e680"
   Accept-Ranges: bytes
   Content-Length: 44
   Connection: close
   Content-Type: text/html
   X-Pad: avoid browser bug
<html><body><h1>It works!</h1></body></html>

---

About the Response Header - will minimally contain the following

1. Content-type

• Use if script is sending data back to the browser... e.g. a newly generated HTML file.
• Example: Content-type: text/html
• OR Content-type: text/plain
• OR Content-type: image/jpeg
• OR Content-type: video/mpeg
• OR Content-type: image/gif
• You describe the content by the MIME types (see your book)

2. Location

• Use if script wants to open and load another existing document on its server
• Can list full URL or relative path information.
• Example: Location: http://newton.sci.csuhayward.edu/~login/cgi-bin

3. Status

• Used to send special status code back to the browser to influence how it should respond.
• Example: Status: 204 No Response
• This means the browser should not expect any input back from the server.

 

Additional HTTP Header Info - Allow, Content-Type, Cookies, and more

HTTP w/ Cookies Request + Response Example