SlideShare a Scribd company logo

HTTP request and response

Download as PPTX, PDF
S
Sahil Agarwal

HTTP requests and responses follow a generic message format that includes a start line, message headers, an optional message body, and optional trailers. The start line indicates the request method and URI for requests or the HTTP version and status code for responses. Headers provide additional metadata about the message, sender, recipient, or content. The body carries request data or response content. Trailers are rarely used and provide additional headers after chunked content.

Technology
1 of 19
Downloaded 153 times
1
2
Most read
3
4
5
6
7
Most read
8
9
Most read
10
11
12
13
14
15
16
17
18
19
HTTP Request and Response -Sahil Agarwal
HTTP Generic Message ● All of the communication between devices using the Hypertext Transfer Protocol takes place via HTTP messages. ● There are only two types of HTTP messages : requests and responses. ● HTTP messages are text-based and loosely based on RFC 822 and 2822 message standards, and MIME standards.
HTTP Generic Message Format The HTTP generic message format is as follows: <start-line> <message-headers> <empty-line> [<message-body>] [<message-trailers>]
HTTP Generic Message Format <start-line> The start line is a special text line that conveys the nature of the message. In a request, this line indicates the nature of the request, in the form of a method, as well as specifying a URI to indicate the resource that is the object of the request. Responses use the start line to indicate status information in reply to a request. <message-headers> There are many dozens of message headers defined in HTTP, which are organized into groups by function as we will soon see. Almost all of these are optional; the one exception is the Host header, which must be present in each request in HTTP/1.1. Headers may be sent in any order, and all follow the same header format used in e-mail messages: <header-name>: <header-value>
HTTP Generic Message Format [<message-body>] The message body is optional, because it is only needed for certain types of messages. It may carry a set of information to be communicated between the client and server, such as a detailed error message in a response. More commonly, when present, it carries a file or other resource, which is formally called an entity in the HTTP standard. Entities are most often found in the body of a response message, since most client requests ask for a server to send a file or other resource. However, they can also be found in certain requests.
HTTP Generic Message Format [<message-trailers>] HTTP/1.1 uses persistent connections by default, so messages are sent in a steady stream from client to server and server to client. This requires that some means be used to mark where one message ends and the next begins, which is usually accomplished in one of two ways. ● The first is using a special header that indicates the length of the message so the receiving device knows when the entire message has been received. ● The second is a method called “chunking”, where a message is broken into pieces for transmission and the length of each piece indicated in the message body. When chunking is done, a set of message trailers may follow the body of the message. Trailers are in fact the same as headers except for their position in the file, but may only be used for entity headers.
Request Format HTTP requests use a message format that is based on the generic message format, but specific to the needs of requests. <request-line> <general-headers> <request-headers> <entity-headers> <empty-line> [<message-body>] [<message-trailers>]
Request Format Request Line Format : <METHOD> <request-uri> <HTTP-VERSION> Example - GET /login HTTP/1.1 ● Method - The type of action that the client wants the server to take. ● Request URI - Uniform Resource Identifier ● HTTP Version - Tells the server what version of HTTP is the client using. Headers : ● General Headers ○ These refer mainly to the message itself, instead of it’s contents. ○ They are used to control its processing or provide the recipient with extra information. ● Request Headers ○ Contain information about the nature of the client’s request. They give client more control over how the request is to be handled. ○ Format, encodings etc. ● Entity Headers ○ They describe the entity contained in the body of the request, if any.
Response Format HTTP responses use a message format that is based on the generic message format, but specific to the needs of responses. <status-line> <general-headers> <response-headers> <entity-headers> <empty-line> [<message-body>] [<message-trailers>]
Response Format Status Line Format : <HTTP-VERSION> <status-code> <reason-phrase> Example - HTTP/1.0 200 OK ● HTTP Version - Tells the client what version of HTTP is the server using. ● Status Code - ○ A three-digit number that indicates the formal result that the server is communicating to the client. ○ Intended for the client HTTP implementation to process so the Headers : ● General Headers ○ These refer mainly to the message itself, instead of it’s contents. ● Response Headers ○ They provide additional data that expands upon the summary result information in the status line. ○ The server may also return extra result information in the body of the message, especially when an error occurs, ● Entity Headers ○ They describe the entity contained in the body of the response, if any.
What’s in an HTTP Request? Raw Information GET /login HTTP/1.1 Host: 127.0.0.1:5000 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: en-US,en;q=0.8
What’s in an HTTP Request? Source IP address, port and proxy ● Source IP address and Source port : In order to send the appropriate response back to your computer, the web server necessarily knows your computer's IP address and source port. ● Via and X-Forwarded-For: If the HTTP request includes the header "Via", or "X-Forwarded-For", then that's a strong indication that there is at least one proxy server somewhere along the line.
What’s in an HTTP Request? Destination IP address, port, host and protocol ● Destination IP address tells us where the server is located. ● Port tells us which port is being used to contact the server. ● Host - Since many websites can be hosted on a single server, we need this to identify our website. ● Protocol - The HTTP protocol being used. Eg - HTTP/1.1
What’s in an HTTP Request? ● Requested URI - This specifies which document is to be retrieved from the website. ● Request method and content - The type of action that the client wants the server to take. Eg - POST, GET. If POST was submitted as request method, then a form is submitted. The contents of this form would appear here.
What’s in an HTTP Request? User Agent - The User-Agent header describes your web browser. Typically it contains the browser name and version, your Operating System and version , and possibly additional information. Eg - User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Accept Headers - These describe what sort of things the web browser can handle, and what it would prefer to be given if there's a choice. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: en-US,en;q=0.8
What’s in an HTTP Request? Referer: The "referer" header tells the page which document referred the user to it - in essence, if you followed a link to get to this page, it is the URL of the page you came from to get here. Cookie: ● Every time a web server provides you with a response (a page, a graphic, etc), it can send your browser a "cookie". These cookies are small pieces of information which your browser stores, and then sends back to that same web server whenever you subsequently request a document. ● The "contents" of the cookie (the data it contains) can only be made up of whatever information the web server already knew anyway.
What’s in an HTTP Request? Connection control Connection: keep-alive Keep-Alive: not present These headers are used to fine- tune the network traffic between you and the web server. They don't tell us much, except a little about the capabilities of your web browser. Cache control Pragma: not present Cache-Control: not present If-Modified-Since: not present These headers control cacheing of the document. By examining them the we can detect if you used your browser's "refresh" button to force the page to reload. For example, Mozilla (Netscape 6) sets "Cache-Control" to "max-age=0" when you use the "reload" button. MSIE 5.5 sets it to "no-cache" if you do a "hard" reload (while holding down the "control" key).
What’s in an HTTP Request? Authorisation Username: If you have "logged in" to a web site, your username appears here. This only applies to web sites which use proper HTTP authentication - a "login" window pops up and you get three chances to enter your username and password, otherwise you see a page which says "Authentication Required" or similar. It doesn't apply to web sites where the "login" is a separate page. It's also possible to supply the username and password in the URL you tell your browser to visit - for example, http://user:password@www.example.com/. In that case, the username would appear here too.
References ● RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1"

More Related Content

What's hot (20)

PPT
Php Presentation
Manish Bothra
 
PPTX
Http request and http response
Nuha Noor
 
PPTX
Simple object access protocol(soap )
balamurugan.k Kalibalamurugan
 
PPT
Scripting languages
teach4uin
 
PPTX
CS8651 Internet Programming - Basics of HTML, HTML5, CSS
Vigneshkumar Ponnusamy
 
PPTX
Ajax ppt
OECLIB Odisha Electronics Control Library
 
PPT
HTTP Basics
sanjoysanyal
 
PPTX
Client side scripting and server side scripting
baabtra.com - No. 1 supplier of quality freshers
 
PPT
Server Controls of ASP.Net
Hitesh Santani
 
PPT
Introduction to XML
yht4ever
 
PPTX
PHP FUNCTIONS
Zeeshan Ahmed
 
PPT
Cookies and sessions
Lena Petsenchuk
 
PDF
Servlet and servlet life cycle
Dhruvin Nakrani
 
PPTX
Dynamic HTML (DHTML)
Himanshu Kumar
 
PPT
Xml
Santosh Pandey
 
ODP
Introduction of Html/css/js
Knoldus Inc.
 
PPT
Introduction to PHP
Jussi Pohjolainen
 
PPTX
Chapter 3 servlet & jsp
Jafar Nesargi
 
PPTX
Css types internal, external and inline (1)
Webtech Learning
 
PPTX
Hypertext transfer protocol (http)
Shimona Agarwal
 
Php Presentation
Manish Bothra
 
Http request and http response
Nuha Noor
 
Simple object access protocol(soap )
balamurugan.k Kalibalamurugan
 
Scripting languages
teach4uin
 
CS8651 Internet Programming - Basics of HTML, HTML5, CSS
Vigneshkumar Ponnusamy
 
Ajax ppt
OECLIB Odisha Electronics Control Library
 
HTTP Basics
sanjoysanyal
 
Client side scripting and server side scripting
baabtra.com - No. 1 supplier of quality freshers
 
Server Controls of ASP.Net
Hitesh Santani
 
Introduction to XML
yht4ever
 
PHP FUNCTIONS
Zeeshan Ahmed
 
Cookies and sessions
Lena Petsenchuk
 
Servlet and servlet life cycle
Dhruvin Nakrani
 
Dynamic HTML (DHTML)
Himanshu Kumar
 
Xml
Santosh Pandey
 
Introduction of Html/css/js
Knoldus Inc.
 
Introduction to PHP
Jussi Pohjolainen
 
Chapter 3 servlet & jsp
Jafar Nesargi
 
Css types internal, external and inline (1)
Webtech Learning
 
Hypertext transfer protocol (http)
Shimona Agarwal
 

Similar to HTTP request and response (20)

PDF
HTTP
Tricode (part of Dept)
 
PPTX
Web technology introduction to the web and its history
BKReddy3
 
PPTX
Hypertex transfer protocol
wanangwa234
 
PPTX
hhtp (3).pptx hyper text transfer protocol
abhinandpk2405
 
PPT
HTTPProtocol HTTPProtocol.pptHTTPProtocol.ppt
VietAnhNguyen337355
 
PPT
KMUTNB - Internet Programming 2/7
phuphax
 
PDF
Ch2 the application layer protocols_http_3
Syed Ariful Islam Emon
 
PPTX
Http_Protocol.pptx
Abshar Fatima
 
PPTX
Http
NITT, KAMK
 
PDF
Web Technologies Notes - TutorialsDuniya.pdf
Raghunathan52
 
PDF
Web Technologies Notes - TutorialsDuniya.pdf
Raghunathan52
 
ODP
PHP Training: Module 1
hussulinux
 
PPT
Webbasics
patinijava
 
PPTX
Www and http
SanthiNivas
 
DOCX
internet programming and java notes 5th sem mca
Renu Thakur
 
PPTX
www and http services
Jenica Salmorin
 
PPTX
Module 5.pptx HTTP protocol on optical and wireless communication
chandushivamurthy4
 
PPTX
Application layer
rohit nimbalkar
 
PPTX
HTTP
vaibhavrai1993
 
ODP
Starting With Php
Harit Kothari
 
HTTP
Tricode (part of Dept)
 
Web technology introduction to the web and its history
BKReddy3
 
Hypertex transfer protocol
wanangwa234
 
hhtp (3).pptx hyper text transfer protocol
abhinandpk2405
 
HTTPProtocol HTTPProtocol.pptHTTPProtocol.ppt
VietAnhNguyen337355
 
KMUTNB - Internet Programming 2/7
phuphax
 
Ch2 the application layer protocols_http_3
Syed Ariful Islam Emon
 
Http_Protocol.pptx
Abshar Fatima
 
Http
NITT, KAMK
 
Web Technologies Notes - TutorialsDuniya.pdf
Raghunathan52
 
Web Technologies Notes - TutorialsDuniya.pdf
Raghunathan52
 
PHP Training: Module 1
hussulinux
 
Webbasics
patinijava
 
Www and http
SanthiNivas
 
internet programming and java notes 5th sem mca
Renu Thakur
 
www and http services
Jenica Salmorin
 
Module 5.pptx HTTP protocol on optical and wireless communication
chandushivamurthy4
 
Application layer
rohit nimbalkar
 
HTTP
vaibhavrai1993
 
Starting With Php
Harit Kothari
 
Ad

Recently uploaded (20)

PDF
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
PDF
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
PDF
Newgen 2022-Forrester Newgen TEI_13 05 2022-The-Total-Economic-Impact-Newgen-...
darshakparmar
 
PDF
Blockchain Transactions Explained For Everyone
CIFDAQ
 
PDF
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
PDF
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
PDF
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
PDF
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
PDF
POV_ Why Enterprises Need to Find Value in ZERO.pdf
darshakparmar
 
PDF
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
PDF
Mastering Financial Management in Direct Selling
Epixel MLM Software
 
PDF
From Code to Challenge: Crafting Skill-Based Games That Engage and Reward
aiyshauae
 
PDF
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 
PDF
New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
PDF
NewMind AI - Journal 100 Insights After The 100th Issue
NewMind AI
 
PDF
Newgen Beyond Frankenstein_Build vs Buy_Digital_version.pdf
darshakparmar
 
PPTX
AUTOMATION AND ROBOTICS IN PHARMA INDUSTRY.pptx
sameeraaabegumm
 
PPTX
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 
PDF
Fl Studio 24.2.2 Build 4597 Crack for Windows Free Download 2025
faizk77g
 
PDF
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
Newgen 2022-Forrester Newgen TEI_13 05 2022-The-Total-Economic-Impact-Newgen-...
darshakparmar
 
Blockchain Transactions Explained For Everyone
CIFDAQ
 
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
POV_ Why Enterprises Need to Find Value in ZERO.pdf
darshakparmar
 
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
Mastering Financial Management in Direct Selling
Epixel MLM Software
 
From Code to Challenge: Crafting Skill-Based Games That Engage and Reward
aiyshauae
 
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 
New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
NewMind AI - Journal 100 Insights After The 100th Issue
NewMind AI
 
Newgen Beyond Frankenstein_Build vs Buy_Digital_version.pdf
darshakparmar
 
AUTOMATION AND ROBOTICS IN PHARMA INDUSTRY.pptx
sameeraaabegumm
 
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 
Fl Studio 24.2.2 Build 4597 Crack for Windows Free Download 2025
faizk77g
 
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
Ad

HTTP request and response

  • 2. HTTP Generic Message ● All of the communication between devices using the Hypertext Transfer Protocol takes place via HTTP messages. ● There are only two types of HTTP messages : requests and responses. ● HTTP messages are text-based and loosely based on RFC 822 and 2822 message standards, and MIME standards.
  • 3. HTTP Generic Message Format The HTTP generic message format is as follows: <start-line> <message-headers> <empty-line> [<message-body>] [<message-trailers>]
  • 4. HTTP Generic Message Format <start-line> The start line is a special text line that conveys the nature of the message. In a request, this line indicates the nature of the request, in the form of a method, as well as specifying a URI to indicate the resource that is the object of the request. Responses use the start line to indicate status information in reply to a request. <message-headers> There are many dozens of message headers defined in HTTP, which are organized into groups by function as we will soon see. Almost all of these are optional; the one exception is the Host header, which must be present in each request in HTTP/1.1. Headers may be sent in any order, and all follow the same header format used in e-mail messages: <header-name>: <header-value>
  • 5. HTTP Generic Message Format [<message-body>] The message body is optional, because it is only needed for certain types of messages. It may carry a set of information to be communicated between the client and server, such as a detailed error message in a response. More commonly, when present, it carries a file or other resource, which is formally called an entity in the HTTP standard. Entities are most often found in the body of a response message, since most client requests ask for a server to send a file or other resource. However, they can also be found in certain requests.
  • 6. HTTP Generic Message Format [<message-trailers>] HTTP/1.1 uses persistent connections by default, so messages are sent in a steady stream from client to server and server to client. This requires that some means be used to mark where one message ends and the next begins, which is usually accomplished in one of two ways. ● The first is using a special header that indicates the length of the message so the receiving device knows when the entire message has been received. ● The second is a method called “chunking”, where a message is broken into pieces for transmission and the length of each piece indicated in the message body. When chunking is done, a set of message trailers may follow the body of the message. Trailers are in fact the same as headers except for their position in the file, but may only be used for entity headers.
  • 7. Request Format HTTP requests use a message format that is based on the generic message format, but specific to the needs of requests. <request-line> <general-headers> <request-headers> <entity-headers> <empty-line> [<message-body>] [<message-trailers>]
  • 8. Request Format Request Line Format : <METHOD> <request-uri> <HTTP-VERSION> Example - GET /login HTTP/1.1 ● Method - The type of action that the client wants the server to take. ● Request URI - Uniform Resource Identifier ● HTTP Version - Tells the server what version of HTTP is the client using. Headers : ● General Headers ○ These refer mainly to the message itself, instead of it’s contents. ○ They are used to control its processing or provide the recipient with extra information. ● Request Headers ○ Contain information about the nature of the client’s request. They give client more control over how the request is to be handled. ○ Format, encodings etc. ● Entity Headers ○ They describe the entity contained in the body of the request, if any.
  • 9. Response Format HTTP responses use a message format that is based on the generic message format, but specific to the needs of responses. <status-line> <general-headers> <response-headers> <entity-headers> <empty-line> [<message-body>] [<message-trailers>]
  • 10. Response Format Status Line Format : <HTTP-VERSION> <status-code> <reason-phrase> Example - HTTP/1.0 200 OK ● HTTP Version - Tells the client what version of HTTP is the server using. ● Status Code - ○ A three-digit number that indicates the formal result that the server is communicating to the client. ○ Intended for the client HTTP implementation to process so the Headers : ● General Headers ○ These refer mainly to the message itself, instead of it’s contents. ● Response Headers ○ They provide additional data that expands upon the summary result information in the status line. ○ The server may also return extra result information in the body of the message, especially when an error occurs, ● Entity Headers ○ They describe the entity contained in the body of the response, if any.
  • 11. What’s in an HTTP Request? Raw Information GET /login HTTP/1.1 Host: 127.0.0.1:5000 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: en-US,en;q=0.8
  • 12. What’s in an HTTP Request? Source IP address, port and proxy ● Source IP address and Source port : In order to send the appropriate response back to your computer, the web server necessarily knows your computer's IP address and source port. ● Via and X-Forwarded-For: If the HTTP request includes the header "Via", or "X-Forwarded-For", then that's a strong indication that there is at least one proxy server somewhere along the line.
  • 13. What’s in an HTTP Request? Destination IP address, port, host and protocol ● Destination IP address tells us where the server is located. ● Port tells us which port is being used to contact the server. ● Host - Since many websites can be hosted on a single server, we need this to identify our website. ● Protocol - The HTTP protocol being used. Eg - HTTP/1.1
  • 14. What’s in an HTTP Request? ● Requested URI - This specifies which document is to be retrieved from the website. ● Request method and content - The type of action that the client wants the server to take. Eg - POST, GET. If POST was submitted as request method, then a form is submitted. The contents of this form would appear here.
  • 15. What’s in an HTTP Request? User Agent - The User-Agent header describes your web browser. Typically it contains the browser name and version, your Operating System and version , and possibly additional information. Eg - User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Accept Headers - These describe what sort of things the web browser can handle, and what it would prefer to be given if there's a choice. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: en-US,en;q=0.8
  • 16. What’s in an HTTP Request? Referer: The "referer" header tells the page which document referred the user to it - in essence, if you followed a link to get to this page, it is the URL of the page you came from to get here. Cookie: ● Every time a web server provides you with a response (a page, a graphic, etc), it can send your browser a "cookie". These cookies are small pieces of information which your browser stores, and then sends back to that same web server whenever you subsequently request a document. ● The "contents" of the cookie (the data it contains) can only be made up of whatever information the web server already knew anyway.
  • 17. What’s in an HTTP Request? Connection control Connection: keep-alive Keep-Alive: not present These headers are used to fine- tune the network traffic between you and the web server. They don't tell us much, except a little about the capabilities of your web browser. Cache control Pragma: not present Cache-Control: not present If-Modified-Since: not present These headers control cacheing of the document. By examining them the we can detect if you used your browser's "refresh" button to force the page to reload. For example, Mozilla (Netscape 6) sets "Cache-Control" to "max-age=0" when you use the "reload" button. MSIE 5.5 sets it to "no-cache" if you do a "hard" reload (while holding down the "control" key).
  • 18. What’s in an HTTP Request? Authorisation Username: If you have "logged in" to a web site, your username appears here. This only applies to web sites which use proper HTTP authentication - a "login" window pops up and you get three chances to enter your username and password, otherwise you see a page which says "Authentication Required" or similar. It doesn't apply to web sites where the "login" is a separate page. It's also possible to supply the username and password in the URL you tell your browser to visit - for example, http://user:[email protected]/. In that case, the username would appear here too.
  • 19. References ● RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1"