2_ Comprehensive Notes on HTTP

HTTP

  • HTTP (HyperText Transfer Protocol) is the foundational protocol for communication on the World Wide Web.
  • It defines how messages are formatted and transmitted between web browsers (clients) and web servers.
    • Standard Port: HTTP typically runs on port 80
    • First Version: The first official version, HTTP/0.9, was introduced in 1991 and was very simple—it only supported GET requests and had no headers.
    • Latest Version: The latest standardized version is HTTP/3, which was finalized in 2022. It runs over QUIC instead of TCP for improved speed and reliability.

HTTPS

  • HTTPS (HyperText Transfer Protocol Secure) is the secure version of HTTP.
  • It ensures that communication between your web browser and a website is encrypted and secure using TLS (Transport Layer Security) or its predecessor, SSL (Secure Sockets Layer).
    • Standard Port: HTTPs typically runs on port 443
  • HTTPS is the default for conducting financial transactions on the web because it provides:
    • Encryption – Ensures that sensitive data (like credit card details, passwords, and banking info) is protected from hackers.
    • Authentication – Verifies that users are connecting to a legitimate financial institution, not a fraudulent site.
    • Data Integrity – Prevents tampering with transactions during transmission.

Application-Level Protocols

  • Application-level protocols are communication rules that operate at the application layer of the OSI model and the TCP/IP model.
  • These protocols define how applications (like web browsers, email clients, and messaging apps) communicate over a network.
  • Key Features of Application-Level Protocols
    • Operate at the highest level of the network stack.
    • Enable user applications to interact with the network.
    • Rely on lower-layer protocols (like TCP and UDP) for data transport.

Application-Level Protocols

  • Protocol Purpose Transport Protocol
    • HTTP/HTTPS Web browsing TCP (80/443)
    • FTP (File Transfer Protocol) File transfer TCP (21)
    • SMTP (Simple Mail Transfer Protocol) Sending emails TCP (25)
    • POP3/IMAP Receiving emails TCP (110/143)
    • DNS (Domain Name System) Resolving domain names UDP/TCP (53)
    • SSH (Secure Shell) Remote access TCP (22)
    • Telnet Remote login (insecure) TCP (23)
    • SNMP (Simple Network Management Protocol) Network monitoring UDP (161/162)

HTTP Method

  • GET: Retrieve data from a server
  • POST: Create a new resource
  • PUT: Update/replace an existing resource
  • PATCH: Partially update a resource
  • DELETE: Remove a resource
  • OPTIONS: Get supported methods for a resource
  • HEAD: Retrieve headers only (no body)

HTTP0.9

  • HTTP/0.9 was the first version of the Hypertext Transfer Protocol (HTTP), introduced in 1991.
  • It was a very simple protocol designed to serve HTML documents over the internet.
  • Key Features of HTTP/0.9:
    • Simple Request Format: Only the GET method was supported, and it did not include headers.
      • Example request: GET /index.html
    • Response Format: The server responded with raw HTML only—no headers, status codes, or metadata.
    • No MIME types: Only HTML documents could be transferred; images, stylesheets, or other media were not supported.
    • No persistent connections: Each request opened a new TCP connection, which was closed after sending the response.

HTTP1.0

  • HTTP/1.0, released in 1996, was the first official version of the Hypertext Transfer Protocol (HTTP) and introduced several key improvements over HTTP/0.9.
  • Key Features of HTTP/1.0:
    • Introduction of Headers: Unlike HTTP/0.9, HTTP/1.0 introduced headers to send metadata along with requests and responses.
    • Support for Multiple Methods
      • GET: Retrieve a resource.
      • POST: Submit data (e.g., form submission).
      • HEAD: Retrieve headers without the body.
    • MIME Types for Content: The Content-Type header allowed different types of content, such as images, text, or video.
    • Status Codes for Responses: Servers could now send status codes to indicate the result of a request.
      • Examples:
        • 200 OK – Request was successful.
        • 404 Not Found – Requested resource does not exist.
        • 500 Internal Server Error – Server encountered an issue.
    • Each Request Opened a New TCP Connection Limitation: HTTP/1.0 closed the TCP connection after each request, leading to slower performance.

HTTP1.1

  • HTTP/1.1, released in 1997, is an improved version of HTTP/1.0 that introduced several optimizations to enhance speed, efficiency, and reliability.
  • It became the most widely used HTTP version for nearly two decades before HTTP/2 gained popularity.
  • Key Features of HTTP/1.1:
    • Persistent Connections: HTTP/1.1 introduced persistent connections by default. This allowed multiple requests and responses to be sent over the same connection, reducing latency.
    • Chunked Transfer Encoding: Servers could send data in chunks instead of determining the full content length beforehand. Useful for streaming and dynamically generated content.
    • Host Header Requirement: HTTP/1.1 required the Host header, allowing multiple domains to be hosted on a single IP.
    • Pipelining (Limited Use) Clients could send multiple requests without waiting for responses, improving performance.
    • Additional HTTP Methods: Added more request methods beyond GET, POST, and HEAD:
      • PUT – Upload a resource.
      • DELETE – Remove a resource.
      • OPTIONS – Fetch available methods for a resource.
      • TRACE – Debugging tool for request tracing.
    • Better Caching Mechanisms: New headers like ETag, Cache-Control, and If-Modified-Since improved caching to reduce redundant downloads.

HTTP2.0

  • HTTP/2, released in 2015, is a major upgrade over HTTP/1.1, designed to improve speed, efficiency, and performance for modern web applications.
  • It solves many inefficiencies of HTTP/1.1 while remaining backward-compatible.
  • Key Features of HTTP/2.0:
    • Multiplexing (Parallel Requests Over a Single Connection): In HTTP/1.1, requests are processed one at a time (or require multiple connections). HTTP/2 allows multiple requests and responses to be sent in parallel over a single TCP connection, removing head-of-line blocking. This dramatically improves page load speed.
    • Binary Protocol (Instead of Text-Based): HTTP/1.1 is text-based, which makes it inefficient to parse. HTTP/2 uses a binary format, making it faster and less error-prone.
    • Header Compression (HPACK Algorithm) In HTTP/1.1, headers are sent repeatedly with each request (e.g., User-Agent, Cookies), causing unnecessary overhead. HTTP/2 compresses headers, reducing data transfer size.
    • Stream Prioritization Allows important resources (like CSS or JavaScript) to load before less critical elements. Improves perceived page load performance.
    • Server Push The server can proactively send resources (like stylesheets or scripts) before the client requests them.Reduces latency and improves performance.

HTTP3.0

  • HTTP/3 is the latest version of the HTTP protocol, officially released in 2022, and it represents a major shift in how web data is transmitted.
  • It builds on HTTP/2 but introduces a fundamental change in its transport layer by replacing TCP with QUIC (Quick UDP Internet Connections).
  • Key Features of HTTP/3:
    • Uses QUIC Instead of TCP
    • Multiplexing Without Head-of-Line Blocking
    • Built-in Encryption (TLS 1.3)
    • Stream Prioritization
  • Advantages of HTTP/3.0:
    • Faster Load Times – QUIC’s faster connection setup and multiplexing improve overall page load times.
    • More Reliable in Poor Networks – With QUIC’s handling of packet loss, HTTP/3 works better in unreliable network conditions.
    • Better Security – TLS 1.3 ensures data is always encrypted and more secure than before.
    • Improved Performance – HTTP/3's multiplexing without head-of-line blocking allows for more efficient use of network resources.

HTTP Code and Error Message

  • HTTP status codes are 3-digit codes that indicate the result of a server's attempt to process a request.
  • These codes are part of the HTTP response from the server to the client (browser, app, etc.) after a request is made.
  • The status codes are categorized into five groups based on their first digit:
    • 1xx - Informational: Indicates the request was received, and the process is continuing.
    • 2xx - Successful: The request was successfully received, understood, and accepted.
    • 3xx - Redirection: Further action is needed to fulfill the request.
    • 4xx - Client Errors: The request contains bad syntax or cannot be fulfilled by the server.
    • 5xx - Server Errors: The server failed to fulfill a valid request.
  • Status Code Meaning Type
    • 200 OK Success
    • 301 Moved Permanently Redirection
    • 302 Found Redirection
    • 400 Bad Request Client Error
    • 401 Unauthorized Client Error
    • 403 Forbidden Client Error
    • 404 Not Found Client Error
    • 500 Internal Server Error Server Error
    • 503 Service Unavailable Server Error
  • What Can You Do When Encountering These Errors?
    • 4xx Errors (Client-Side): Usually mean there is an issue with how you’re making the request. Double- check the URL, ensure you’re authenticated (for 401), or check permissions (for 403).
    • 5xx Errors (Server-Side): These typically mean the server is experiencing issues. You can try again later, or if you're the server administrator, you might need to investigate server logs.