HTTP Messages - PowerPoint PPT Presentation

1 / 57
About This Presentation
Title:

HTTP Messages

Description:

... request may have to travel through firewalls, proxies, gateways, ... Trailer List the set of headers that are in the. trailer of a message encoded with the ... – PowerPoint PPT presentation

Number of Views:104
Avg rating:3.0/5.0
Slides: 58
Provided by: csie6
Category:
Tags: http | messages

less

Transcript and Presenter's Notes

Title: HTTP Messages


1
HTTP Messages
  • Herng-Yow Chen

2
Outline
  • The Flow of Messages
  • The Parts of a Message
  • The various methods that request message support
  • The various status codes that are returned with
    response message
  • What the various headers do

3
Messages Commute Inbound to the Origin Server
Inbound(to server)
GET /index.html http/1.0
proxy1
proxy2
proxy3
client
HTTP/1.0 200 ok Content-type text/html
server
Outbound(to user agent)
4
All messages flow downstream
Request(flowing downstream)
proxy1
client
proxy2
proxy3
No messages ever go upstream
server
proxy3
proxy2
proxy1
Response(flowing downstream)
client
5
The Parts of a Message
client
server
6
Request Message Syntax
  • ltmethodgt ltrequest-URLgt ltversiongt
  • ltheadersgt
  • ltentity-bodygt

7
Response Message Syntax
  • ltversiongt ltstatusgt ltreason-phrasegt
  • ltheadersgt
  • ltentity-bodygt
  • Note that version numbers are not treated as
    fractional numbers. That is, HTTP/1.22 is higher
    version than HTTP/1.3.

8
Message Syntax
HTTP request message contains The command and the
URI
GET /pics/hychen.jpg HTTP/1.0 Host
www.csie.ncnu.edu.tw
Internet
HTTP/1.0 200 OK Content-type
image/jpeg Content-length 12345
www.csie.ncnu.edu.tw
HTTP response message contains The result of the
transaction
9
Message Syntax
(b)Response message
(a)Request message
HTTP/1.0 200 ok
GET /test/hi-here.txt HTTP/1.1
Start line
Content-type text/plain Content-length 19
Accept text/ Host www.csie.ncnu.edu.tw
Headers
Hi! Im a message!
Body
10
Common HTTP method
  • Method Message body?
  • GET No
  • HEAD No
  • POST Yes
  • PUT Yes
  • TRACE No
  • OPTIONS No
  • DELETE NO

11
Status code
  • Overall range Define range Category
  • 100-199 100-101 informational
  • 200-299 200-206 successful
  • 300-399 300-305 redirection
  • 400-499 400-415 client error
  • 500-599 500-505 server error
  • Common status codes
  • 200 OK
  • 401 Unauthorized
  • 404 Not found

12
Headers
  • HTTP head field add additional information to
    request and response messages. They are basically
    just lists of name/value pairs.
  • HTTP specification defines several header fields.
    Applications also are free to invent their own
    home-brewed headers.
  • Each HTTP has a simple syntaxa name, followed
    by a colon (), followed by optional whitespace,
    followed by field value, followed by CRLF.

13
Header classification
  • General headers
  • Can appear in both request and response message
  • Request headers
  • Provide more information about the request
  • Response headers
  • Provide more information about the response
  • Entity headers
  • Describe body size and contents, or the resource
    itself
  • Extension headers
  • New headers that are not defined in the
    specification

14
Common header examples
  • Header example
  • Date Tue, 3 Oct 1997 021603 GMT
  • Content-length 15040
  • Content-type image/gif
  • Accept image/gif, image/jpeg, text/html
  • Header continuation lines
  • Long header lines can be made more readable by
    breaking them into multiple lines, preceding each
    extra line with at least one space or tab
    character. For example,
  • Server Test Server Version 1.0

15
Entity bodies
  • The third part of an HTTP message is the optional
    entity body. Entity bodies are the payload of the
    HTTP messages.
  • HTTP message can carry many kinds of digital
    data images, video, HTML documents, software
    applications, credit card transactions,
    electronic mail, and so on.

16
Version 0.9 Messages
The request contained merely the method and the
request URL, and the response contained only
the entity. No version number, no status code,
no headers were included.
GET /pics/hychen.jpg
No version number
www.csie.ncnu.edu.tw
www.csie.ncnu.edu.tw
17
Methods
  • Note that not all methods are implemented by
    every server.
  • To be compliant with HTTP/1.1, a server need
    implement only the GET and HEAD methods for its
    resources.
  • Even when servers do implement all of these
    common methods (listed in the slide 10), some
    methods such as DELETE and PUT most likely have
    restricted use. The restrictions generally are
    set up in the servers configuration, so they are
    vary from site to site and from server to server.

18
GET
The most common method. It usually is used to
ask a server to send a resource.
Request message
GET /hychen/index.html HTTP/1.1 Host
www.csie.ncnu.edu.tw Accept
Response message
HTTP/1.1 200 ok Content-Type text/html Content-Le
ngth 617 lthtmlgt ltHEADgtltTITLEgtHome Pagelt/TITLEgt
www.csie.ncnu.edu.tw
19
HEAD
It behaves exactly like the GET method, but
the server returns only the headers in the
response.
Request message
HEAD /hychen/index.html HTTP/1.1 Host
www.csie.ncnu.edu.tw Accept
Response message
HTTP/1.1 200 ok Content-Type text/html Content-Le
ngth 617
www.csie.ncnu.edu.tw
No entity body
20
HEAD
  • No entity body is ever returned. This allows a
    client to inspect the headers for a resource
    without having to actually get the resource.
    Using the header, you can
  • Find out about a resource (e.g., determine its
    type) without getting it.
  • See if an object exists, by looking at the status
    code of the response.
  • Test if the resource has been modified, by
    looking at the headers.

21
PUT
The PUT method writes documents to a server, in
the inverse of the way that GET reads documents
from the server.
Request message
PUT /product-list.txt HTTP/1.1 Host
www.csie.ncnu.edu.tw Content-type
text/plain Updated product list coming soon!
www.csie.ncnu.edu.tw
Server updates/creates resource
/product-list.txt and writes it to its disk.
Response message
HTTP/1.1 201 Created Location Http//www.csie.ncn
u.edu.tw/product-list.txt Content-Type
text/plain Content-Length 47 Http//www.csie.ncn
u.edu.tw/product-list.txt
22
PUT
  • Some publishing systems (e.g. frontpage,
    dreamwaver) let you create web pages in a local
    computer and install them directly on a web
    server via PUT method.
  • The semantics of the PUT method are for the
    server to take the body of the request and either
    use it to create a new document named by the
    requested URL, or, if that URL already exists,
    use the body to replace it.
  • Because PUT allows you to change content, many
    web servers require you to log in with a password
    fore you can perform a PUT.

23
POST
  • PUT is used to deposit data into a resource on
    the server (e.g., a file). In comparison, the
    POST method was designed to send input data to
    the server.
  • In practice, it is used to support HTML forms.
    The data from a filled-in from typically is sent
    to a server gateway program to process it.

24
POST
Browser sticks data in entity body of message
Request message
POST /check.cgi HTTP/1.1 Host www.csie.ncnu.edu.t
w Content-Type text/plain Content-Length
18 itembandsaw 2647
YES!
www.csie.ncnu.edu.tw
CGI program
Response message
itembandsaw 2647
HTTP/1.1 200 OK Content-type text/plain Context-l
enght 37 The bandsaw model 2647 is in stock!
Inventory check
Inventory list
25
TRACE
  • When a client makes a request, that request may
    have to travel through firewalls, proxies,
    gateways, or other applications. Each of these
    has the opportunity to modify the original HTTP
    request.
  • The TRACE method allows clients to see how its
    request looks when it finally makes it to the
    server.
  • The TRACE method is used primarily for
    diagnostics i.e., verifying that requests are
    going through the request/response chain as
    intended.

26
TRACE
TRACE /product-list.txt HTTP/1.1 Host
www.csie.ncnu.edu.tw Accept Via1.1
proxy.ncnu.edu.tw
Request message
TRACE /product-list.txt HTTP/1.1 Accept Host
www.csie.ncnu.edu.tw
Proxy
www.csie.ncnu.edu.tw
Response message
HTTP/1.1 200 OK Content-type text/plain Content-l
ength 96 Via1.1 proxy.ncnu.edu.tw TRACE
/product-list.txt HTTP/1.1 Host
www.csie.ncnu.edu.tw Accept Via 1.1
proxy.ncnu.edu.tw
HTTP/1.1 200 OK Content-type text/plain Content-l
ength 96 TRACE /product-list.txt HTTP/1.1 Host
www.csie.ncnu.edu.tw Accept Via 1.1
proxy.ncnu.edu.tw
27
OPTIONS
  • The OPTIONS method asks the server tell us about
    the various supported capabilities of the web
    server.
  • Some servers may support particular operations on
    on particular kinds of objects.

28
OPTIONS
Since the request is for options on all
resources, the server just returns the methods it
supports for its resources.
Request message
OPTIONS HTTP/1.1 Host www.csie.ncnu.edu.tw Acc
ept
Response message
www.csie.ncnu.edu.tw
HTTP/1.1 200 OK Allow GET, POST, PUT,
OPTIONS Context-length 0
29
DELETE
  • The DELETE method asks the server to delete the
    resource specified by the requested URL.
  • However, the client application is not guaranteed
    that the delete is carried out. This is because
    the HTTP specification allows the server to
    override the request without telling the client.

30
DELETE
Request message
File product-list.txt removed from servers disk
DELETE /product-list.txt HTTP/1.1 Host
www.csie.ncnu.edu.tw
www.csie.ncnu.edu.tw
Response message
HTTP/1.1 200 OK Content-Type text/plain Content-L
ength 54 I have your delete request, will take
time to process.
31
Extension Methods
  • HTTP was designed to be field-extensible, so new
    features wouldnt cause older software to fail.
  • Extension Method are method that are not defined
    in HTTP/1.1 specification. They provide
    developers with a means of extending the
    capabilities of the HTTP services their servers
    implement on the resources that the servers
    manage.

32
WebDAV HTTP extension
  • Method Description
  • LOCK Allows a user to lock a resource
    for example, you could lock a
    resource while you are editing it
  • MKCOL Allows a user to create a resource
  • COPY Facilitates copying resources on a server
  • MOVE Moves a resource on a server

33
Status Codes
  • 100-199 Informational Status Code
  • Status Code Reason Phrase
  • 100 Continue
  • 101 Switching Protocols

34
200-299 success status code
  • Status Code Reason Phrase
  • 200 OK
  • 201 Created
  • 202 Accepted
  • 203 Not-Authoritative Information
  • 204 Not Content
  • 205 Reset Content
  • 206 Partial Content

35
300-399 Redirection Status Code
  • Status code Reason Phrase
  • 300 Multiple Choices
  • 301 Moved Permanently
  • 302 Found
  • 303 See other
  • 304 Not Modified
  • 305 Use Proxy
  • 306 (Unused)
  • 307 Temporary Redirect

36
300-399Redirection Status Codes
Request message
Get /pet-products.txt HTTP/1.1 Host
www.csie.ncnu.edu.tw Accept
Response message
HTTP/1.1 301 OK Location http//english.csie.ncnu
.edu.tw Content-length 56 Content-type
text/plain Please go to our partner
site, English.csie.ncnu.edu.tw
www.csie.ncnu.edu.tw
Request message
Get / HTTP/1.1 Host english.csie.ncnu.edu.tw Acce
pt
Response message
english.csie.ncnu.edu.tw
HTTP/1.1 200 OK Content-type text/html Content-le
ngth 3307
37
300-399Redirection Status Codes (cont.)
Request message
Get /m_faculty.html HTTP/1.1 Host
www.csie.ncnu.edu.tw Accept If-Modified-Since
Wed, Sept. 3 2003 021600 GMT
Response message
Client has previously requested copy
of http//www.csie.ncnu.edu.tw/m_faculty.html
www.csie.ncnu.edu.tw
HTTP/1.1 304 Not Modified
Has not changed
Browswe displays local copy, since the original
has not changed since we last requested it
38
400-499 Client Errors Status Codes
  • Status Code Reason Phrase
  • 400 Bad Request
  • 401 Unauthorized
  • 402 Payment Requested
  • 403 Forbidden
  • 404 Not Found
  • 405 Method Not Allowed
  • 406 Not Acceptable
  • 407 Proxy Authentication Required
  • 408 Request Timeout
  • 409 Conflict

39
400-499 Client Errors Status Codes
  • Status Code Reason Phrase
  • 410 Gone
  • 411 Length Required
  • 412 Precondition Failed
  • 413 Request Entity Too Large
  • 414 Request URI Too Long
  • 415 Unsupported Media Type
  • 416 Requested Range Not Satisfiable
  • 417 Expectation Failed

40
500-599 Server Error
  • Status Code Reason Phrase
  • 500 Internal Server Error
  • 501 Not Implemented
  • 502 Bad Gateway
  • 503 Service Unavailable
  • 504 Gateway Timeout
  • 505 HTTP Version Not Supported

41
Headers
  • General headers
  • E.g., Date Tue, 3 Oct 2003 021600 GMT
  • Request headers
  • E.g., Accept /
  • Response headers
  • E.g., Server Apache/1.3
  • Entity headers
  • E.g., Content-Type text/html charsetiso-latin-1
  • Extension headers

42
General Headers
  • Header Description
  • Connection Allow clients and servers to
    specify options about the request/response
    connection
  • Date
  • MIME-Version
  • Trailer List the set of headers that are in
    the trailer of a message encoded with
    the chunked transfer encoding
  • Transfer-Encoding
  • Upgrade
  • Via

43
General caching headers
  • Header Description
  • Cache-Control Used to pass caching directions
    along with the message
  • Progma Another way to pass direction along
    the message, though not specific caching

44
General caching headers
  • Header Description
  • Cache-Control Used to pass caching directions
    along with the message
  • Progma Another way to pass direction along
    the message, though not specific caching

45
Request Headers
  • Header Description
  • Client-IP
  • From
  • Host
  • Referer
  • UA-Color
  • UA-CPU
  • UA-Disp
  • UA-OS
  • UA-Pixels
  • User-Agent

46
Accept Headers
  • Header Description
  • Accept what media types
  • Accept-Charset
  • Accept-Encoding
  • Accept-Language
  • TE what extension transfer codings are
    okay to use

47
Request Headers
  • Header Description
  • Client-IP
  • From
  • Host
  • Referer
  • UA-Color
  • UA-CPU
  • UA-Disp
  • UA-OS
  • UA-Pixels
  • User-Agent

48
Accept Headers
  • Header Description
  • Accept what media types
  • Accept-Charset
  • Accept-Encoding
  • Accept-Language
  • TE what extension transfer codings are
    okay to use

49
Conditional requester headers
  • Header Description
  • Expect
  • If-Match
  • If-Modified-Since
  • If-None-Match
  • If-Range
  • If-Unmodified-Since
  • Range

50
Request security headers
  • Header Description
  • Authorization
  • Cookie
  • Cookie2

51
Proxy request headers
  • Header Description
  • Max-Forwards
  • Proxy-Authorization
  • Proxy-Connection

52
Response headers
  • Header Description
  • Age
  • Public
  • Retry-After
  • Server
  • Title
  • Warning

53
Negotiation headers
  • Header Description
  • Accept-Ranges
  • Vary

54
Response security headers
  • Header Description
  • Proxy-Authenticate
  • Set-Cookie
  • Set-Cookie2
  • WWW-Authenticate

55
Entity Headers
  • Header Description
  • Content-Base
  • Content-Encoding
  • Content-Language
  • Content-Length
  • Content-Location
  • Content-MD5
  • Content-Range
  • Content-Type

56
Entity caching headers
  • Header Description
  • ETag
  • Expires
  • Last-Modified

57
HTTP protocol information
  • http//www.w3.org/Protocols/
  • The W3C architecture page for HTTP.
  • http//www.ietf.org/rfc/rfc2621.txt
  • RFC 2616, Hypertext Transfer Protocol-
    HTTP/1.1, is the official specification for
    HTTP/1.1, the current version of the HTTP
    protocol.
Write a Comment
User Comments (0)
About PowerShow.com