What is HTTP?
The HTTP(Hyper Text Transfer Protocol) is a protocol that is responsible communication between web servers & clients. The client makes a HTTP request to a server. The server then returns a response to the client.
Why learn about HTTP?
When you visit a website, your browser make many requests to the server in the background. You can view these requests in the Chrome browser by clicking on the Network tab in Chrome Dev Tools. For example, in the image below, we can see that 35 requests were made when loading Wikipedia.
Learning about how HTTP requests allows us to optimise our server to better respond to HTTP requests.
HTTP requests
In HTTP, every request consists of a request line, headers and optionally, a body.
Request Line
The request line is the first line in the request message. It indicates the type of method, a URL address and the HTTP version number.
Example:
GET https://www.google.com/ HTTP/1.1
Headers
HTTP headers are used to send additional parameters along with the request or response. Each HTTP header is made up of a name and a value.
Example of a request header:
Host: abc.com
User-Agent: Chrome/5.0 (Windows 10)
Accept-Language: fr, de
In the above example, you’re submitting a GET request to the abc.com host for a specific resource in French or German on the Chrome browser.
Example of a response header:
Date: Tue, 24 Jan 2023 12:30:12 GMT
Server: Apache/2.2.14 (Win32)
Last-Modified: Wed, 22 Jul 2022 19:15:56 GMT
Content-Length: 50
Content-Type: text/html
Connection: Closed</code.
The response header tells us what web server and OS the host uses. If you’re requesting a file, the header will also show information about its latest modification date, the length and content type of the file. The final line indicates that the connection is closed since the request is complete.
Message Body
The message contains the data that you’re either sending or receiving, depending the request method used. For example, if you're requesting a HTML file with the GET method, the request may look like this:
Date: Tue, 24 Jan 2023 12:30:12 GMT
Server: Apache/2.2.14 (Win32)
Last-Modified: Wed, 22 Jul 2022 19:15:56 GMT
Content-Length: 50
Content-Type: text/html
Connection: Closed</code.
<!DOCTYPE html>
<html>
<head>
<title>Title of the document</title>
</head>
<body>
The content of the document......
</body>
</html>
The body of a HTTP request or repsonse comes right after the header.
HTTP Methods
Now that we have learnt about how a HTTP request or response is made, it's time to take a look at different HTTP methods. Some commonly used HTTP methods are:
| Method | Description | Example |
|---|---|---|
| GET | retreive data from server | loading a HTML page, JSON data, images, etc. |
| POST | submit data to the server | submitting contact form |
| PUT | update data that is already on ther server | editing a blog post |
| DELETE | delete data from the server | deleting a file |
HTTP Response Status Codes
Every HTTP response message contains a HTTP status code, which tells us about the result of the request. Responses can be classified into five groups:
| Status Codes | Type |
|---|---|
| 100 – 199 | Informational |
| 200 – 299 | Successful |
| 300 – 399 | Redirection |
| 400 – 499 | Client Error |
| 500 – 599 | Server Error |
Common status codes:
| Status Code | Description |
|---|---|
| 200 OK | Request successful |
| 201 Created | Request successful & resource created |
| 301 Moved Permanently | Location of requested resource has been moved to another URL |
| 400 Bad Request | Client Error (eg. wrong request syntax) |
| 401 Unauthorized | No valid authentication credentials for the requested resource |
| 404 Not Found | Server cannot find requested resource |
| 500 Internal Server Error | Server encountered something unexpected |
HTTPS
HTTPS (Hypertext Transfer Protocol Secure), in short, is the secure version of HTTP. It is not a separate protocol from HTTP. It is simply using TLS/SSL encryption over the HTTP protocol, which enables clients to safely transmit sensitive data to the server.
Any website, especially those that require login credentials, should use HTTPS. Modern web browsers such as Chrome and Firefox flag all non-HTTPS websites as not secure.
Top comments (0)