Hypertext Transfer Protocol (HTTP) is the mechanism that websites and web services use to communicate with user agents such as browsers.
HTTP is a client-server protocol: HTTP requests are send by a user agent to the server, which will reply with a HTTP response. The server will typically be dealing with many, many user agents at once. HTTP requests and responses are plain text, typically sent over a TCP connection.
A Conversation in HTTP
When visiting this page in a browser, your HTTP request will look something like this:
GET /glossary/http HTTP/1.1 Host: www.hacksplaining.com User-Agent: Mozilla/5.0 AppleWebKit (KHTML, like Gecko) Chrome/47.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
The first line contains the HTTP method (“GET”), the path at which the request is directed (/glossary/http), and the version of HTTP being used. The next few lines contain HTTP headers: in this case they describe the site being contacted, the browser being used, and what content type is being expected by the browser.
HTTP requests can also contain a body, but since this is a GET request, the browser does not send one. (More on this later.)
The response from the server will look something like:
HTTP/1.1 200 OK Content-Length: 7253 Content-Type: text/html; charset=utf-8 Date: Sun, 06 Dec 2015 04:28:23 GMT
<head><title>Learn to Hack</title> ...and so on </code>
The first line confirms the version of HTTP being used, and contains the status code (“200”) and message (“OK”) indicating that the request was successfully filled. There are many potential status codes that the server can issue to indicate the next appropriate action for the browser.
HTTP responses also return headers – in this case, indicating the content type and length, and the date. The final part of the response contains the body. Here, the server returns HTML describing the web page.
There are nine HTTP methods (or “verbs”) – the most commonly occurring ones are:
||Retrieves a resource from the server.|
|GET requests will contain no body, so all information is contained in the URL. GET requests are expected to be side-effect free: in other words, they should not change anything on the server. GET requests are triggered by the user navigating a web-site.
||Creates a resource on the server.|
||Creates or updates a new resource on the server.|
||Deletes a resource on the server.|