HTTP Protocol Design and Description

1

6

HTTP Protocol Design and Description

Web Protocols and Practice

2

Topics


HTTP PROTOCOL DESIGN AND

DESCRIPTION

Protocol Definition Protocol Properties HTTP Headers HTTP Response Classes

3

Protocol Definition


A protocol is a language with a Grammar Syntactic structure Semantic rules

HTTP is A request-response protocol An application-level protocol

The HTTP protocol evolved along with the Web and URI and HTML. (Table 6.1)


DESCRIPTION

4

Table 6.1. Historical timeline of HTTP-related documents

DateDocumentMar 1990

Jan 1992

Feb 1992

Dec 1992

Feb 1993

Mar 1993

Jun 1993

Oct 1993

Nov 1993

Mar 1994

May 1996

Jan 1997

Jun 1999

2001

CERN labs document proposing Web

HTTP/0.9 specification

W3 and WAIS/X.500

Proposal to add MIME to HTTP

UDI (Universal Document Identifier) for the Network

HTTP/1.0 first draft

HTML (1.0 Specification)

URL specification

HTTP/1.0 second draft

URI in WWW

HTTP/1.0 Informational, RFC 1945

HTTP/1.1 Proposed Standard, RFC 2068

HTTP/1.1 Draft Standard, RFC 2616

HTTP/1.1 Formal Standard



DESCRIPTION

5

Protocol Properties


Global URI HTTP Request/Response Format Statelessness Resource Metadata HTTP Request Methods


DESCRIPTION

6

Global URI


URI (Uniform Resource Identifier) permits resources to reside anywhere on the Internet

URL (Uniform Resource Locator) shows the location of a copy of a resource

URN (Uniform Resource Name) is a unique name for a resource

URI is a superset of both URL and URN


DESCRIPTION

7

Global URI


URI

URN URL


DESCRIPTION

8

HTTP Request


Consider the following HTTP request:GET /foo.html HTTP/1.o

each request message consists of a Request-line

» Method: GET

» Resource: /foo.html

» HTTP version number: 1.0

General/Request/Entity Header (s) CRLF Entity body (optional)


DESCRIPTION

9

HTTP Request Format


GET /motd HTTP/1.0

Date: Wed,22 Mar 2000 08:09:01 GMT

Pragma: No-cache

From :[email protected]

User-Agent: Mozilla/4.03

<no entity body>

Request line

General headers

Request headers

Figure 6.1. An HTTP request message


DESCRIPTION

mailto:[email protected]

10

HTTP Request Format


PUT /motd HTTP/1.0

Date: Wed,22 Mar 2000 08:09:01 GMT

From :[email protected]

User-Agent: Mozilla/4.03

Request line

General header

Request headers

Figure 6.2. Another HTTP request message

Content-Length:23

Allow: GET, HEAD, PUT

Welcome to Comer’s Vax

Entity headers

Entity body


DESCRIPTION

mailto:[email protected]

11

HTTP Response


Consider the following HTTP response:HTTP/1.o 200 OK

Date: Wed,22 Mar 2000 08:01:01 GMT

Last-Modified: Wed,22 Mar 2000 02:16:33 GMT

Content-Length: 3913

…

<3,913 bytes of the current contents of /foo.html>


DESCRIPTION

12

HTTP Response


Each response message consists of a Status-line

» HTTP version number

» Status code (indicating success or failure)

» Status phrase

General/Response/Entity Header (s)» Date

» Last-Modified

» Content-Length

CRLF Entity body (optional)


DESCRIPTION

13

HTTP Response Format


HTTP/1.0 200 OK

Date: Wed,22 Mar 2000 08:09:01 GMT

Server: Netscape-Enterprise/3.51

Status line

General header

Response header

Figure 6.2. An HTTP response message

Content-Length:23

Welcome to Comer’s Vax

Entity header

Entity body


DESCRIPTION

14

Statelessness


HTTP is a stateless protocol. NNTP and FTP maintain some amount of state.


DESCRIPTION

15

Resource Metadata


Metadata is information that relates to a resource but is not part of a resource itself.

Metadata includes: The size of a resource The type of the content The last modification time of the resource


DESCRIPTION

16

HTTP Request methods


A request method represents what action an HTTP sever should perform on the resource.

Some methods are: GET,HEAD,POSE,PUT,DELETE,LINK,UNLINK


DESCRIPTION

17

HTTP Request methods


Properties of a method are: Safety

» A request method that examines the state of a resource is a safe method.

» A method that can alter the state of the resource is not safe.

Idempotence» A method that its side effect is the same as multiple

identical requests.


DESCRIPTION

18

HTTP Request methods (GET)


Is applied to the resource specified in the URL, and the generated response is the current value of the resource.

Is safe and idempotent. Could include arguments on the user’s input.

GET http://www.altavista.com/cgi-bin/query?q=foo

Can have modifier If-Modified-Since in header.GET /foo.html HTTP/1.0

If-Modified-Since: Sun, 12 Nov 2000 11:12:23 GMT


DESCRIPTION

http://www.altavista.com/cgi-bin/query?q=foo

19

HTTP Request methods (HEAD)


Is introduced to obtain just the metadata associated with a resource.

Is safe and idempotent. A HEAD request such as:

HEAD /foo.html HTTP/1.0

might retrunHTTP/1.0 200 OK

Content-Length: 3219

Last-Modified: Sun, 12 Nov 2000 11:12:23 GMT

Content-Type: text/html


DESCRIPTION

20

HTTP Request methods (HEAD)


Uses of HEAD method include: Debugging the server Determining recently resource changes

Not have request modifier such as If-Modified-Since

Has no request body


DESCRIPTION

21

HTTP Request methods (POST)


Is used to update an existing resource or provide input to a process handling data.

The body of the request includes the data. Is not safe and idempotent. The Content-Length header is required as part

of a POST request .


DESCRIPTION

22

HTTP Request methods (PUT)


Is similar to POST. Is not safe but idempotent.


DESCRIPTION

23

HTTP Request methods (DELETE)


Is used to delete the resource remotely identified in Request-URI.

Is not safe but idempotent.


DESCRIPTION

24

HTTP Request methods (LINK and UNLINK)


The LINK method permitted creation of links between the Request-URI and other resources.

The UNLINK method was used to delete links created via the LINK method.


DESCRIPTION

25

HTTP Headers


General Headers Request Headers Response Headers Entity Headers


DESCRIPTION

26

HTTP Headers


HTTP header:Fieldname : Fieldvalue CRLF

A header is a free-format ASCII string representing the name with a value.

Headers are used to Alter the handling of a request Provide metadata about the resource Parameterize or describe a request or a response.

New headers in HTTP have arbitrary length. Headers are limited by CR and LF.


DESCRIPTION

27

HTTP Headers


A message header could be A general header A request header A response header An entity header

The order of different headers are not significant but it is common to have

General header Request/Response header Entity header


DESCRIPTION

28

General Headers


General headers appear in both request and response messages.

The General headers are significant only to the message itself and not to the entity.

A general header has only two fields: Date

» Displayed in three different formats

Pragma» Are directives for recipient of the message» no-cache is the only directive


DESCRIPTION

29

Request Headers


A request header can be used by the client to send information with the request or to specify constraints on the sever handling the request.

Five request headers are: Authorization

» To include appropriate credentials required to access a resource

From» To include user’s email address


DESCRIPTION

30

Request Headers


If-Modified-Since Is a conditional header Retrieves resource if it has not changed since the

argument specified in the If-Modified-Since header.

Referer Lets the client include the URI of the resource from

which the request-URI was obtained.


DESCRIPTION

31

Request Headers


User-Agent Can be used to include information about

» Version of the used browser» The client machine’s operating system version» Hardware details


DESCRIPTION

32

Response Headers


Response headers send additional information about the response and the server that originated the response.

If a response header is not recognized, it is assumed to be an entity header.

HTTP/1.0 defines three response headers: Location

» Is used to redirect the request to where the resource can be found.


DESCRIPTION

33

Response Headers


Server» Can be used to include information about

Version of the origin server softwareConfiguration details

WWW-Authenticate» Is used to issue a challenge to the client seeking

access to an authenticated resource.


DESCRIPTION

34

Entity Headers


An entity header is used to include information about the body of the entity or the resource.

Entity headers may be found in requests and in responses.

There are six entity headers Allow

» Is used to indicate the list of valid methods that can be applied to a resource.

Content-Type» Indicates the media type of the entity body


DESCRIPTION

35

Entity Headers


Content-Encoding» Indicates how the resource could be decoded into

the format indicated in the Content-Type.

Content-Length» Indicates the length of the entity body in bytes.

Expires» Indicates that the entity should be considered stale

after the time specified in the header.

Last-Modified» Indicates the time at which the resource was

modified last.


DESCRIPTION

36

HTTP Response Classes


The various kinds of responses are grouped into a set of response classes:

Informational class» 1xx

Success class» 2xx are generated after a server received and accepted

the HTTP request for processing 200 OK 201 Created 202 Accepted 204 No Content


DESCRIPTION

37



Redirection class» 3xx is used to inform the user agent that additional

action is needed to complete the request. 300 Multiple Choices 301 Moved Permanently 302 Moved Temporarily 304 Not Modified

Client error class» 4xx is used for identifying errors that made by

clients. 400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found


DESCRIPTION

38



Server error class» 5xx is used for identifying errors that made by the

server. 500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable


DESCRIPTION

Documents

HTTP Protocol Design and Description