HTTP Hypertext Transfer Protocol

2-May-20

HTTP messages

  HTTP is the language that web clients and web servers  use to talk to each other HTTP is largely “under the hood,” but a basic understanding can be helpful Each message, whether a request or a response, has three parts: 1. The request or the response line 2. A header section 3. The body of the message 2

What the client does, part I

 The client sends a message to the server at a particular port (80 is the default)  The first part of the message is the request line , containing:  A method (HTTP command) such as GET or POST  A document address, and  An HTTP version number 

Example:

 GET /index.html HTTP/1.0

3

Other methods

 Other methods beside    GET and POST are: HEAD : Like GET , but ask that

only

a header be returned PUT : Request to store the entity-body at the URI DELETE : Request removal of data at the URI     LINK : Request header information be associated with a document on the server UNLINK : Request to undo a LINK request OPTIONS : Request information about communications options on the server TRACE : Request that the entity-body be returned as received (used for debugging) 4

What the client does, part II

  The second part of a request is optional header information , such as:  What the client software is  What formats it can accept All information is in the form Name: Value  Example: User-Agent: Mozilla/2.02Gold (WinNT; I) Accept: image/gif, image/jpeg, */*  A

blank line

ends the header 5

Client request headers

     Accept:

type

/

subtype

,

type

/

subtype

, ...

 Specifies media types that the client prefers to accept Accept-Language: en, fr, de  Preferred language (For example: English, French, German) User-Agent:

string

 The browser or other client program sending the request From: [email protected]

 Email address of user of client program Cookie:

name

=

value

  Information about a cookie for that URL Multiple cookies can be separated by commas 6

What the client does, part III

 The third part of a request (after the blank line) is the entity-body , which contains optional data  The entity-body part is used mostly by POST requests  The entity-body part is always empty for a GET request 7

What the server does, part I

    The server response is also in three parts The first part is the status line, which tells:   The HTTP version A status code  A short description of what the status code means Example: HTTP/1.1 404 Not Found Status codes are in groups: 100-199 200-299 300-399 400-499 Informational The request was successful The request was redirected The request failed 500-599 A server error occurred 8

Common status codes

       200 OK  Everything worked, here’s the data 301 Moved Permanently  URI was moved, but here’s the new address for your records 302 Moved temporarily  URL temporarily out of service, keep the old one but use this one for now 400 Bad Request  There is a syntax error in your request 403 Forbidden  You can’t do this, and we won’t tell you why 404 Not Found  No such document 408 Request Time-out, 504 Gateway Time-out  Request took too long to fulfill for some reason 9

What the server does, part II

   All on one line The second part of the response is header information, ended by a blank line Example: Content-Length: 2532 Connection: Close Server: GWS/2.0

Date: Sun, 01 Dec 2002 21:24:50 GMT Content-Type: text/html Cache-control: private Set-Cookie: PREF=ID=05302a93093ec661:TM=1038777890:LM=1038777890:S= yNWNjraftUz299RH; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com

10

Viewing the response

    There is a header viewer at http://www.delorie.com/web/headers.html

(with nasty jittery advertisements) Example 2.3 ( GetResponses ) in the Gittleman book does the same thing Here’s an example (from GetResponses ): % java GetResponses http://www.cis.upenn.edu/~matuszek/cit597 2003/index.html

Status line: HTTP/1.1 200 OK Response headers: Date: Wed, 10 Sep 2003 00:26:53 GMT Server: Apache/1.3.26 (Unix) PHP/4.2.2 mod_perl/1.27

ETag: "1c1ad5-1654-3f5e2902” Accept-Ranges: bytes Content-Length: 5716 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html mod_ssl/2.8.10 OpenSSL/0.9.6e

Last-Modified: Tue, 09 Sep 2003 19:24:50 GMT 11

The GetResponses program, I

 Here’s just the skeleton of the program that provided the output on the last slide:  import java.net.*; import java.io.*; public class GetResponses { public static void main(String [ ] args) { try {

...interesting code goes here...

} catch(Exception e) { e.printStackTrace(); } } } 12

The GetResponses program, II

 Here’s the interesting part of the code:  } URL url = new URL(args[0]); URLConnection c = url.openConnection(); System.out.println("Status line: "); System.out.println('\t' + c.getHeaderField(0)); System.out.println("Response headers:"); String value = ""; int n = 1; while (true){ value = c.getHeaderField(n); if (value == null) break; System.out.println('\t' + c.getHeaderFieldKey(n++) ": " + value ); + 13

Server response headers

   Server: NCSA/1.3

 Name and version of the server Content-Type:

type

/

subtype

 Should be of a type and subtype specified by the client’s Accept header Set-Cookie:

name

=

value

;

options

 Requests the client to store a cookie with the given name and value 14

What the server does, part III

 The third part of a server response is the entity body  This is often an HTML page  But it can also be a jpeg, a gif, plain text, etc.--anything the browser (or other client) is prepared to accept 15

The tag

    The

string

content=

string

> of an HTML document tag may occur in the http-equiv and content in the HTTP header typically have the same kinds of values as This tag asks the client to

pretend

occurred in the header that the information actually    The information is

not really

in the header This tag is available because you have little direct control over what is in the header (unless you write your own server) As usual, not all browsers handle this information the same way Example: 16

Summary

      HTTP is a fairly straightforward protocol with a lot of possible kinds of predefined header information More kinds can be added, so long as client and server agree A request from the client consists of three parts: 1. A header line 2. A block of header information, ending with a blank line 3. The (optional) entity body, containing data A response from the server consists of the same three parts HTTP headers are “under the hood” information, not normally displayed to the user   As with most of the things covered in CIT597, We have covered only the fundamentals Much more detail can be found on the Web 17

The End

18