HTTP protocol front-end common sense

This article shares with you some common sense issues about the front-end of the http protocol. Friends who are interested can take a look

http

Introduction: http transfers data based on tcp/ip communication

Notes

• http is no connection: every time The connection only processes one request. After the server processes the request and receives a response from the client, it disconnects;

• http media is independent: as long as the client and server know How to handle data types, any data can be transmitted using http;

• http stateless: Stateless means that the protocol has no memory ability for transaction processing;

Message structure

1.http client request includes: request line, request header, blank line and request data

2.http response: status line, message header, blank line, response body

http request method

• http1.0: get, post and head

• http1.1 adds five new request methods: delete, put, connect, tarce and options

Method	Description
get	Initiate a request to a specific resource
post	Submit data to the specified resource for data processing. The data is included in the request body. The post request may be used to create new resources and modify existing resources.
head	is similar to the get request, except that there is no Return body, used to obtain meta-information contained in the response message header
put	Upload the latest content to the specified resource
delete	Request the server to delete the specified resource
trace	Echo the request received by the server, mainly used for testing or diagnosis
connect	http1.1 is reserved for proxy servers that can change connections to pipelines
options	Returns the http method supported by the server for specific resources, which is used to send a '*' request to the server to test the functionality of the server

Introduction to the meaning of common header fields

Headers and methods work together to determine what the client and server can do

General header

Headers that can be used by both the client and the server

Header	Description
Connection	Allow The client and server specify options related to the request/response connection
Date	Provides a date and time stamp to indicate when the message was created
MIME-Version	Gives the MIME version sent to the end
Trailer	If the message transmission uses In chunked transfer encoding mode, you can use this header to list the set of headers located in the trailer part of the message
Transfer-Encoding	to tell the receiving end In order to ensure reliable transmission of the message, what encoding method is used for the message
Update	gives that the sender may want to "upgrade" to use a new version or protocol
Via	Display the intermediate nodes (agents, gateways) that the message passes through

Request header

Special to the request message, providing some additional information to the server, such as what kind of data type the client hopes to receive

Requested Informational Header

##Client-IpProvide the IP address of the machine running the clientFromProvide the email address of the client userHostGives the address and port number of the server receiving the requestRefererProvides the URL of the document containing the current request URLUA-colorProvide information about the display color of the client monitorUA-CPUgiven Client CPU type and manufacturerUA-DispProvides information about client display capabilities##UA -OSUA-PixelsUser-AgentAccept header

Header	Description
Provides the operating system and version running on the client machine
Provides the pixel information of the client display
Inform the server of the name of the application sending the request

HeaderAcceptAccept-CharsetAccept-EncodingAccept-LanguageTEConditional request header

Description
Tells the server which media types it can send
Tell the server which character sets can be sent
Tell Which encoding methods the server can send
Tell the server which languages ​​it can send
Tell the server which extended transfer encodings can be used

HeaderExpectIf -MatchIf-Modify-SinceIf-None-MatchIf-RangeIf-Unmodified- SinceRangeSecure request is subject to header

Description
Allows the client to list the server behavior required by the request
If the entity tag matches the document's current entity tag, get the document
unless The resource has been modified after a specified date, otherwise the request will be restricted
If the entity tag does not match the current entity of the document, Just get the document
Allow conditional request for a certain range of the document
Restrict this request unless the resource has not been modified after a specified date
If the server supports range requests, Request the specified range of resources

HeaderAuthorization Cookie##Cookie2Used to indicate the cookie version supported by the requesterProxy request header

Description
Contains the data provided by the client to the server in order to authenticate itself
The client uses it to send a token to the server--it is not a real security header, it does imply security functions

HeaderDescriptionMax-ForwardForwards the request to other proxies or gateways on the path to the server Maximum number of times - Used with the TARCE methodProxy-AuthorizationSame as the Authorization header, but this header is used when authenticating with the proxyProxy-ConnectionThe same as the Connection header, but this header is used when establishing a connection with the proxy

Response headers

The response message has its own set of headers to provide information to the client

Informative headers of the response

##Age(from initial creation) Response duration TimePublickList of request methods supported by the server for its resourceRetry-After If the resource is unavailable, try again at this date or timeServerName and version of the server application softwareTitleFor html documents, it is the title given by the source of the HTML document Wraning than in the reason phrase, which is more Detailed warning message

Header	Description

Negotiation header

##HeaderAccept-RangesVarySecurity response header

Description
For this resource, the data types acceptable to the server
The server checks other header lists, which may cause the response to change; that is to say, this is a header list, and the server will select the most appropriate resource version based on the contents of these headers and send it to the client

HeaderProxy-AuthenticateSet-CookieSet-Cookie2WWW-AuthenticateEntity header

Description
Challenge list from proxy to client
Not a true security header, but implicit security Function; you can set a security token on the client to mark the client through the server
Similar to Set-Cookie
Challenge list from server to client

Entity header is used for the header of the entity body part

Content header

##HeaderDescriptionContent-BaseThe base URL used when parsing relative URLs in the bodyContent-EncondingArbitrary encoding method performed on the subjectContent-LanguageThe most appropriate natural language to use when understanding the subjectContent-LengthThe length or size of the bodyContent-LocationThe location of the resource entityContent-MD5The MD5 checksum of the subjectContent-RangeThe range of resources represented by this entity in the entire resource Content-TypeThe object type of this topicEntity cache header

HeaderDescription##ETagEntity tag related to this entityThe entity is no longer valid, the date and time to get this entity again from the original sourceThe date and time this entity was last modifiedStatus

	Expires
	Last- Modified

The status code provides the client with a A quick way to understand the results of a transaction

100-199

: Informational status code

Status codeReason phrase##100 Continue indicates that the initial part of the client's request has been received, and the client is asked to continue. After sending this status code, the server must respond after receiving the request101Switching ProtocolsIndicates that the server is responding according to the client's Specify, switch the protocol to the protocol listed in the Update header

• 200-299: Success status code

When the client sends a request, these requests are usually successful.

Meaning

##

• 300-399: Redirect status code

Redirect status code or tell the client to use an alternative location. Access the resource they are interested in, or provide an alternative response instead of the resource's content. If the resource has been moved, a redirect status code and an optional Location header can be sent to inform the client that the resource has been moved and where it can be found now

Status Code	Reason Phrase	Meaning
200	OK	There is no problem with the request, the body part of the entity contains the requested resource
201	Created	Used to create an object request for the server (such as PUT). The entity part of the response should contain various URLs that reference the resources created. The Location header contains the most specific reference. The server must send In this state, the previously created object
202	Accepted	The request has been accepted, but the server has not performed any operations on it. There is no guarantee that the server will complete the request, it just means that when the request is accepted, it appears to be valid. The server SHOULD include a description of the status of the request in the body of the entity, and perhaps an estimate of when the request will complete (or include a pointer to where this information can be obtained)
203	Non-Authoritative Information	The information contained in the entity header does not come from the source server, but from a copy of the resource. This situation occurs if the intermediate node has a copy of the resource, but cannot or does not verify the metainformation (header) related to the resource it sends
204	No Content	The response message contains several headers and a status line, but there is no entity body. Mainly used to update the browser without converting it to a new document (such as refreshing an expression page)
205	Reset Content	Another code mainly for browsers. Responsible for telling the browser to clear all html tags in the current page
206	Partail Content	Successfully execute a part or range request. We will see later that the client can obtain part or range of documents through some special headers - this status code indicates that the range request is successful The response must include Content-Range, Date and ETag or Content-Location header

##300Multiple ChoicesThis status code will be returned when the client request is actually a URL pointing to multiple resources. For example, an HTML document on the server has Chinese and English versions. This code is returned with a column of options; this allows the user to select the one he wishes to use 301Moved Permanently in the request When the URL has been moved. The Loaction header of the response contains the URL where the resource is located 302Found is similar to 301; but the client should use the Location header to Get the temporary location resource from the URL. Future requests may use the old resource 303Set Ohter tells the client that another URL should be used to obtain the resource. The new URL resource is located in the Location header of the response message. Its main purpose is to allow the response to the POST request to direct the client to a certain resource.304Not ModifyThe client can pass all Contains request headers to make the request conditional. If the client sends a GET request and the resource has not changed recently, this status code can be used to indicate that the resource has not been modified. Responses with this status code should not contain the entity part 305Use Proxy is used to indicate that the resource must be accessed through a proxy. The location of the agent is given by Location. It is important to note that the client parses this response relative to a specific resource and cannot assume that all requests, or even all requests to the server holding the request, are made through this proxy. If the client mistakenly allows the proxy to intervene in a request, it may cause destructive behavior and become a security copper leakage problem306UnusedUnused307Temporary Redirect is similar to the 301 status code; but the client should use the URL given in the Location header to temporarily Locate resources. Future resources should use the old URL

• 400-499: Client error status code

Sometimes the client will send a message that the server cannot handle Something, such as a malformed request message, or most commonly a non-existent URL

Status code	Reason phrase	Meaning

##400Bad RequestUsed to tell the client that a wrong request was sent401Unauthorized is returned with the appropriate headers, in which the client is requested to authenticate itself before gaining access to the resource. Authentication402Payment RequiredStatus code not used403Forbidden is used to indicate that the request was rejected by the server. If the server explains why it is rejecting the request, it can include the body part of the entity describing it. But this status code is usually used when the server does not want to explain the reason. 404Not Found is used to explain that the server cannot find the requested URL. . Usually an entity is included so that the client application can show the user that the request sent contains all This status code is used when the requested URL does not support a method. The Allow header should be included in the response to tell the client which methods can be used for the requested resource406Not AcceptableClient The endpoint can specify parameters to indicate what types of entities it is willing to accept. This code is used when the server does not have a resource matching the URL accepted by the client. Usually the server will include some headers so that the client can figure out why the request cannot be satisfied 407Proxy Authentication RequiredSimilar to 401, but with For proxy servers that require authentication for resources408Request TimeoutThe server can return this status if the client request takes too long code and close the connection. The timeout often varies from server to server, but is usually long enough for all legitimate servers409Conflictfor Explanation The request may have caused some conflicts on the resource. The server can send this status code if it is worried about causing a conflict. The response should contain a body describing the conflict. 410Gone is similar to 404, except that the server once owned this resource. Mainly used for the maintenance of Web sites, so that server administrators can notify clients when resources are removed411Length RequiredUse when the server requires that the request message contains Content-length412Precondition FaliedThe client sends the request condition, and one of the Used when the condition fails. When the client includes the Expect header, it sends a conditional request413Request Entiny Too largeThe entity body sent by the client is larger than the server Use this status code when you are able or wish to handle a larger request 414Request Url Too LongRequest in the request sent by the client Use this status code when the URL is longer than the server can or wants to handle415Unsupported Media TypeThe server cannot understand or support When the client sends the content type of the entity, it uses this status code416Request Range Not SatisfiableThe request message is a certain type of requested resource. range, and this range is invalid or cannot be satisfied, the Expect request requested using this status code 417Expection Failed contains a This status code is used when the server is unable to meet the expectation. If the proxy or other intermediary program has definite evidence that the source server will generate a failure expectation for the request, it can send this status code

• 500-599: Server error status code

Sometimes the client sends a request and the server itself On error

Status code	Reason phrase	Meaning

##500Internal Server ErrorThis status code is used when the server encounters an error that prevents it from serving a request501Not InplementedWhen the client sends a request beyond the capabilities of the server, use this status code502 Bad GatewayThis status code is used when the server, acting as a proxy or gateway, receives a spurious response from the next link in the response chain503Service Unavailable is used to indicate that the server cannot serve the request now, but it can in the future. If the server knows when the resource will be available, it can include a Retry-after header in the response 504Gateway Timeout is similar to status code 408 , it's just that the response here comes from a gateway or proxy, and they timed out while waiting for another server to respond to their request505HTTP Version Not Supported Use this status code when the server receives a request that uses a protocol version that it is unable or unwilling to support. Some server applications choose not to support earlier versions of the protocol

Status code	Reason phrase	Meaning

Edit this page on github
blogger’s personal blog
Reference: http protocol[http authoritative guide]

Related recommendations:

Process of using http protocol

What is HTTP protocol

What is the difference between HTTP protocol and TCP protocol

The above is the detailed content of HTTP protocol front-end common sense. For more information, please follow other related articles on the PHP Chinese website!