1 / 57

HTTP Messages

HTTP Messages. Herng-Yow Chen. Outline. The Flow of Messages The Parts of a Message The various methods that request message support The various status codes that are returned with response message What the various headers do. Messages Commute Inbound to the Origin Server.

Download Presentation

HTTP Messages

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. HTTP Messages Herng-Yow Chen

  2. Outline • The Flow of Messages • The Parts of a Message • The various methods that request message support • The various status codes that are returned with response message • What the various headers do

  3. Messages Commute Inbound to the Origin Server Inbound(to server) GET /index.html http/1.0 proxy1 proxy2 proxy3 client HTTP/1.0 200 ok Content-type: text/html … server Outbound(to user agent)

  4. All messages flow downstream Request(flowing downstream) proxy1 client proxy2 proxy3 No messages ever go upstream server proxy3 proxy2 proxy1 Response(flowing downstream) client

  5. The Parts of a Message Start line HTTP/1.0 200 ok Content-type: text/plain Content-length: 19 Headers Hi I’m a message Body client server

  6. Request Message Syntax <method> <request-URL> <version> <headers> <entity-body>

  7. Response Message Syntax <version> <status> <reason-phrase> <headers> <entity-body> • Note that version numbers are not treated as fractional numbers. That is, HTTP/1.22 is higher version than HTTP/1.3.

  8. Message Syntax client HTTP request message contains The command and the URI GET /pics/hychen.jpg HTTP/1.0 Host: www.csie.ncnu.edu.tw Internet HTTP/1.0 200 OK Content-type: image/jpeg Content-length: 12345 www.csie.ncnu.edu.tw HTTP response message contains The result of the transaction

  9. Message Syntax (b)Response message (a)Request message HTTP/1.0 200 ok GET /test/hi-here.txt HTTP/1.1 Start line Content-type: text/plain Content-length: 19 Accept: text/* Host: www.csie.ncnu.edu.tw Headers Hi! I’m a message! Body

  10. Common HTTP method • Method Message body? • GET No • HEAD No • POST Yes • PUT Yes • TRACE No • OPTIONS No • DELETE NO

  11. Status code • Overall range Define range Category 100-199 100-101 informational 200-299 200-206 successful 300-399 300-305 redirection 400-499 400-415 client error 500-599 500-505 server error • Common status codes • 200 OK • 401 Unauthorized • 404 Not found

  12. Headers • HTTP head field add additional information to request and response messages. They are basically just lists of name/value pairs. • HTTP specification defines several header fields. Applications also are free to invent their own home-brewed headers. • Each HTTP has a simple syntax:a name, followed by a colon (:), followed by optional whitespace, followed by field value, followed by CRLF.

  13. Header classification • General headers • Can appear in both request and response message • Request headers • Provide more information about the request • Response headers • Provide more information about the response • Entity headers • Describe body size and contents, or the resource itself • Extension headers • New headers that are not defined in the specification

  14. Common header examples • Header example • Date: Tue, 3 Oct 1997 02:16:03 GMT • Content-length: 15040 • Content-type: image/gif • Accept: image/gif, image/jpeg, text/html • Header continuation lines • Long header lines can be made more readable by breaking them into multiple lines, preceding each extra line with at least one space or tab character. For example, • Server: Test Server Version 1.0

  15. Entity bodies • The third part of an HTTP message is the optional entity body. Entity bodies are the payload of the HTTP messages. • HTTP message can carry many kinds of digital data: images, video, HTML documents, software applications, credit card transactions, electronic mail, and so on.

  16. Version 0.9 Messages client client * The request contained merely the method and the request URL, and * the response contained only the entity. * No version number, no status code, no headers were included. GET /pics/hychen.jpg No version number www.csie.ncnu.edu.tw www.csie.ncnu.edu.tw

  17. Methods • Note that not all methods are implemented by every server. • To be compliant with HTTP/1.1, a server need implement only the GET and HEAD methods for its resources. • Even when servers do implement all of these common methods (listed in the slide 10), some methods such as DELETE and PUT most likely have restricted use. The restrictions generally are set up in the server’s configuration, so they are vary from site to site and from server to server.

  18. GET client * The most common method. It usually is used to ask a server to send a resource. Request message GET /~hychen/index.html HTTP/1.1 Host: www.csie.ncnu.edu.tw Accept: * Response message HTTP/1.1 200 ok Content-Type: text/html Content-Length: 617 <html> <HEAD><TITLE>Home Page</TITLE> … www.csie.ncnu.edu.tw

  19. HEAD client * It behaves exactly like the GET method, but the server returns only the headers in the response. Request message HEAD /~hychen/index.html HTTP/1.1 Host: www.csie.ncnu.edu.tw Accept: * Response message HTTP/1.1 200 ok Content-Type: text/html Content-Length: 617 www.csie.ncnu.edu.tw No entity body

  20. HEAD • No entity body is ever returned. This allows a client to inspect the headers for a resource without having to actually get the resource. Using the header, you can • Find out about a resource (e.g., determine its type) without getting it. • See if an object exists, by looking at the status code of the response. • Test if the resource has been modified, by looking at the headers.

  21. PUT client The PUT method writes documents to a server, in the inverse of the way that GET reads documents from the server. Request message PUT /product-list.txt HTTP/1.1 Host: www.csie.ncnu.edu.tw Content-type: text/plain Updated product list coming soon! www.csie.ncnu.edu.tw Server updates/creates resource ”/product-list.txt” and writes it to its disk. Response message HTTP/1.1 201 Created Location: Http://www.csie.ncnu.edu.tw/product-list.txt Content-Type: text/plain Content-Length: 47 Http://www.csie.ncnu.edu.tw/product-list.txt

  22. PUT • Some publishing systems (e.g. frontpage, dreamwaver) let you create web pages in a local computer and install them directly on a web server via PUT method. • The semantics of the PUT method are for the server to take the body of the request and either use it to create a new document named by the requested URL, or, if that URL already exists, use the body to replace it. • Because PUT allows you to change content, many web servers require you to log in with a password fore you can perform a PUT.

  23. POST • PUT is used to deposit data into a resource on the server (e.g., a file). In comparison, the POST method was designed to send input data to the server. • In practice, it is used to support HTML forms. The data from a filled-in from typically is sent to a server gateway program to process it.

  24. POST client Browser sticks data in entity body of message Request message POST /check.cgi HTTP/1.1 Host: www.csie.ncnu.edu.tw Content-Type: text/plain Content-Length: 18 item=bandsaw 2647 YES! www.csie.ncnu.edu.tw CGI program Response message item=bandsaw 2647 HTTP/1.1 200 OK Content-type: text/plain Context-lenght: 37 The bandsaw model 2647 is in stock! Inventory check Inventory list

  25. TRACE • When a client makes a request, that request may have to travel through firewalls, proxies, gateways, or other applications. Each of these has the opportunity to modify the original HTTP request. • The TRACE method allows clients to see how its request looks when it finally makes it to the server. • The TRACE method is used primarily for diagnostics; i.e., verifying that requests are going through the request/response chain as intended.

  26. TRACE client TRACE /product-list.txt HTTP/1.1 Host : www.csie.ncnu.edu.tw Accept:* Via:1.1 proxy.ncnu.edu.tw Request message TRACE /product-list.txt HTTP/1.1 Accept:* Host : www.csie.ncnu.edu.tw Proxy www.csie.ncnu.edu.tw Response message HTTP/1.1 200 OK Content-type: text/plain Content-length: 96 Via:1.1 proxy.ncnu.edu.tw TRACE /product-list.txt HTTP/1.1 Host: www.csie.ncnu.edu.tw Accept: * Via: 1.1 proxy.ncnu.edu.tw HTTP/1.1 200 OK Content-type: text/plain Content-length: 96 TRACE /product-list.txt HTTP/1.1 Host: www.csie.ncnu.edu.tw Accept: * Via: 1.1 proxy.ncnu.edu.tw

  27. OPTIONS • The OPTIONS method asks the server tell us about the various supported capabilities of the web server. • Some servers may support particular operations on on particular kinds of objects.

  28. OPTIONS client Since the request is for options on all resources, the server just returns the methods it supports for its resources. Request message OPTIONS * HTTP/1.1 Host : www.csie.ncnu.edu.tw Accept : * Response message www.csie.ncnu.edu.tw HTTP/1.1 200 OK Allow: GET, POST, PUT, OPTIONS Context-length: 0

  29. DELETE • The DELETE method asks the server to delete the resource specified by the requested URL. • However, the client application is not guaranteed that the delete is carried out. This is because the HTTP specification allows the server to override the request without telling the client.

  30. DELETE client Request message File ”product-list.txt” removed from server’s disk DELETE /product-list.txt HTTP/1.1 Host : www.csie.ncnu.edu.tw www.csie.ncnu.edu.tw Response message HTTP/1.1 200 OK Content-Type: text/plain Content-Length: 54 I have your delete request, will take time to process.

  31. Extension Methods • HTTP was designed to be field-extensible, so new features wouldn’t cause older software to fail. • Extension Method are method that are not defined in HTTP/1.1 specification. They provide developers with a means of extending the capabilities of the HTTP services their servers implement on the resources that the servers manage.

  32. WebDAV HTTP extension • Method Description LOCK Allows a user to “lock” a resource– for example, you could lock a resource while you are editing it MKCOL Allows a user to create a resource COPY Facilitates copying resources on a server MOVE Moves a resource on a server

  33. Status Codes • 100-199: Informational Status Code • Status Code Reason Phrase 100 Continue 101 Switching Protocols

  34. 200-299: success status code • Status Code Reason Phrase 200 OK 201 Created 202 Accepted 203 Not-Authoritative Information 204 Not Content 205 Reset Content 206 Partial Content

  35. 300-399: Redirection Status Code • Status code Reason Phrase 300 Multiple Choices 301 Moved Permanently 302 Found 303 See other 304 Not Modified 305 Use Proxy 306 (Unused) 307 Temporary Redirect

  36. 300-399:Redirection Status Codes client client Request message Get /pet-products.txt HTTP/1.1 Host: www.csie.ncnu.edu.tw Accept: * Response message HTTP/1.1 301 OK Location: http://english.csie.ncnu.edu.tw Content-length: 56 Content-type: text/plain Please go to our partner site, English.csie.ncnu.edu.tw www.csie.ncnu.edu.tw Request message Get / HTTP/1.1 Host: english.csie.ncnu.edu.tw Accept: * Response message english.csie.ncnu.edu.tw HTTP/1.1 200 OK Content-type: text/html Content-length: 3307 …

  37. 300-399:Redirection Status Codes (cont.) client client Request message Get /m_faculty.html HTTP/1.1 Host: www.csie.ncnu.edu.tw Accept: * If-Modified-Since: Wed, Sept. 3 2003 02:16:00 GMT Response message Client has previously requested copy of: http://www.csie.ncnu.edu.tw/m_faculty.html www.csie.ncnu.edu.tw HTTP/1.1 304 Not Modified … Has not changed Browswe displays local copy, since the original has not changed since we last requested it

  38. 400-499: Client Errors Status Codes • Status Code Reason Phrase 400 Bad Request 401 Unauthorized 402 Payment Requested 403 Forbidden 404 Not Found 405 Method Not Allowed 406 Not Acceptable 407 Proxy Authentication Required 408 Request Timeout 409 Conflict

  39. 400-499: Client Errors Status Codes • Status Code Reason Phrase 410 Gone 411 Length Required 412 Precondition Failed 413 Request Entity Too Large 414 Request URI Too Long 415 Unsupported Media Type 416 Requested Range Not Satisfiable 417 Expectation Failed

  40. 500-599: Server Error • Status Code Reason Phrase 500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 505 HTTP Version Not Supported

  41. Headers • General headers • E.g., Date: Tue, 3 Oct 2003 02:16:00 GMT • Request headers • E.g., Accept: */* • Response headers • E.g., Server: Apache/1.3 • Entity headers • E.g., Content-Type: text/html; charset=iso-latin-1 • Extension headers

  42. General Headers Header Description • Connection Allow clients and servers to specify options about the request/response connection • Date • MIME-Version • Trailer List the set of headers that are in the trailer of a message encoded with the chunked transfer encoding • Transfer-Encoding • Upgrade • Via

  43. General caching headers Header Description • Cache-Control Used to pass caching directions along with the message • ProgmaAnother way to pass direction along the message, though not specific caching

  44. General caching headers Header Description • Cache-Control Used to pass caching directions along with the message • ProgmaAnother way to pass direction along the message, though not specific caching

  45. Request Headers Header Description • Client-IP • From • Host • Referer • UA-Color • UA-CPU • UA-Disp • UA-OS • UA-Pixels • User-Agent

  46. Accept Headers Header Description • Accept what media types • Accept-Charset • Accept-Encoding • Accept-Language • TE what extension transfer codings are okay to use

  47. Request Headers Header Description • Client-IP • From • Host • Referer • UA-Color • UA-CPU • UA-Disp • UA-OS • UA-Pixels • User-Agent

  48. Accept Headers Header Description • Accept what media types • Accept-Charset • Accept-Encoding • Accept-Language • TE what extension transfer codings are okay to use

  49. Conditional requester headers Header Description • Expect • If-Match • If-Modified-Since • If-None-Match • If-Range • If-Unmodified-Since • Range

  50. Request security headers Header Description • Authorization • Cookie • Cookie2

More Related