4. http
HTTP Protocol
The HTTP (HyperText Transfer Protocol) is the underlying transport protocol between clients and servers in web communication.
Client-Side vs Server-Side Code
Client-side code (HTML, JavaScript, CSS) is executed locally in the browser.
Server-side code (PHP, SQL) is processed on the server.
HTTP Request/Response Cycle
The HTTP request/response cycle involves communication between clients and servers, where requests are made by clients and responses are sent back by servers.
HTTP Requests and Responses
Direction of Communication:
Server to Client: Sends HTML, CSS, JavaScript, and additional content in HTTP responses.
Client to Server: Clients send requests including form data and other information.
Requests and responses are sent in plaintext under base HTTP, but modern implementations use TLS (Transport Layer Security) for encryption.
HTTP Headers
HTTP metadata includes headers, which are name/value pairs providing additional information about the data.
Both requests and responses feature headers:
Common Headers:
content-type: Alerts the recipient of the data format (e.g., text/html, text/javascript).
user-agent: Identifies the client browser.
server: Provides server information.
location: Redirects the client to a new URL.
referer: Indicates the page that linked to the current resource.
HTTP Status Codes
Every HTTP response includes a status code:
200: OK (successful response)
404: Not Found (common error)
Quick shorthand for HTTP status codes:
1xx: hold on
2xx: here you go
3xx: go away
4xx: client error
5xx: server error
HTTP Methods
Common HTTP methods:
GET: Retrieves specified resource.
POST: Sends data to server.
HEAD: Similar to GET, but without response content.
PUT: Uploads content to the server.
DELETE: Removes specified resource.
Forms
HTML Forms typically use GET or POST to send data:
Action attribute: URL where the form submits.
Method attribute: HTTP method used (GET or POST).
Sending Form Data in HTTP Requests
GET method: Data in the URL.
Example:
myform.html?input1=value1&input2=value2.
POST method: Data sent in the body of the request.
Example: Body contains
input1=value1&input2=value2.
When to Use GET vs POST
GET: Suitable for non-sensitive data; user sees the data in the URL.
POST: Used for sensitive data, large amounts of data, or when sending binary files.
Cookies in HTTP
Cookies store site-specific information:
Formats:
cookie-name=cookie-value, with additional parameters.Used for authentication and user tracking.
How Cookies Work
A server sets cookies using the
Set-Cookieheader.The client returns cookies in subsequent requests until they expire.
Types of Cookies
Session Cookies: Stored in memory, deleted when the browser closes.
Persistent Cookies: Stored on local drive until expiration.
Browsers have private modes that do not allow cookies to persist.
URL Encoding
Certain characters must be URL-encoded (e.g., space as
%20).
cURL Utility
cURL: Command-line tool for sending web requests and receiving responses.
Flags:
-d: Sends data as POST.
-F: Sends form content with multipart/form-data.
-I: HTTP HEAD request.
-A: Specifies user-agent.
-H: Sends HTTP headers.
Sending Data Across the Internet
In addition to web browser-server communication, HTTP is used for app-server and server-server communications.
Minification
Minification reduces code size for faster load times but decreases readability, often by shortening variable and function names.
JSON
JSON (JavaScript Object Notation): A lightweight format for data serialization, typically using content-type
application/json.
SOAP
SOAP: A protocol in XML format for exchanging structured information. Includes metadata and message body.
REST
REST (Representational State Transfer): An architectural style using HTTP for web services, typically with JSON. Leverages HTTP methods to manage resources.