The browser will format and display the document according to its media type e. The first line of the response message i. In the request, "GET" is misspelled as "get". The server returns an error " Method Not Implemented". The response header " Allow " tells the client the methods allowed.
The server returns an error " Not Found". The server returns an error " Bad Request". Note: The latest Apache 2. You could request for the TCP connection to be maintained, so as to send another request using the same TCP connection, to improve on the network efficiency , via an optional request header " Connection: Keep-Alive ". The server includes a " Connection: Keep-Alive " response header to inform the client that he can send another request using this connection, before the keep-alive timeout.
The following GET request tried to access a protected resource. The server returns an error " Forbidden". That is, the same physical server could house several virtual hosts, with different hostnames e. You can use a request header " Connection: Close " to ask the server to close the TCP connection once the response is delivered. If " Host " header is missing, the server returns an error " Bad Request". In all the previous examples, the server returns the entire document if the request can be fulfilled i.
You may use additional request header to issue a "conditional request". For example, to ask for the document based on the last-modified date so as to decide whether to use the local cache copy , or to ask for a portion of the document or range instead of the entire document useful for downloading large documents.
This section describes some of the commonly-used request headers. The syntax of header name is words with initial-cap joined using dash - , e. Multiple DNS names e. The following headers can be used for content negotiation by the client to ask the server to deliver the preferred type of the document in terms of the media type, e. JPEG vs. GIF, or language used e. English vs. French if the server maintain multiple versions for the same document.
Accept: mime-type-1 , mime-type-2 , If the server has multiple versions of the document requested e. This process is called content-type negotiation. Accept-Language: language-1 , language-2 , If the server has multiple versions of the requested document e. This process is called language negotiation. Accept-Charset: Charset-1 , Charset-2 , Accept-Encoding: encoding-method-1 , encoding-method-2 , If the server has encoded or compressed version of the document requested, it can return an encoded version supported by the client.
The server can also choose to encode the document before returning to the client to reduce the transmission time. The server must set the response header " Content-Encoding " to inform the client that the returned document is encoded. The common encoding methods are " x-gzip. Connection: Close Keep-Alive - The client can use this header to tell the server whether to close the connection after this request, or to keep the connection alive for another request.
Referer: referer-URL - The client can use this header to indicate the referrer of this request. If you click a link from web page 1 to visit web page 2, web page 1 is the referrer for request to web page 2. All major browsers set this header, which can be used to track where the request comes from for web advertising, or content customization. Nonetheless, this header is not reliable and can be easily spoofed. Note that Referrer is misspelled as "Referer" unfortunately, you have to follow too.
User-Agent: browser-type - Identify the type of browser used to make the request. Server can use this information to return different document depending on the type of browsers. Cache-Control: no-cache Instead, it uses " Pragma: no-cache ". This header will be described in later chapter on authentication. This header will be discussed in later chapter on state management. If-Modified-Since: date - Tell the server to send the page only if it has been modified after the specific date.
Suppose that a directory called " testdir " is present in the document base directory " htdocs ". The following trace was captured using telnet.
A connection is established with the proxy server, and a GET request issued. Absolute request-URI is used in the request line. However, the server returns only the response header without the response body, which contains the actual document. Notice that the response consists of the header only without the body, which contains the actual document. In many Internet applications, such as e-commerce and search engine, the clients are required to submit additional information to the server e.
Based on the data submitted, the server takes an appropriate action and produces a customized response. Once they fill in the requested data and hit the submit button, the browser packs the form data and submits them to the server, using either a GET request or a POST request.
Each field has a name and can take on a specified value. This is known as a query string. It will send the query string to the server as part of the request. Special characters are not allowed inside the query string. POST method overcomes these drawbacks. If POST request method is used, the query string will be sent in the body of the request message, where the amount is not limited. The request headers Content-Type and Content-Length are used to notify the server the type and the length of the query string.
POST method will be discussed later. Suppose the user enters "Peter Lee" as the username, "" as password; and clicks the submit button. The following GET request is:. Note that although the password that you enter does not show on the screen, it is shown clearly in the address box of the browser. You should never use send your password without proper encryption.
POST request method is used to "post" additional data up to the server e. Request headers Content-Type and Content-Length is necessary in the POST request to inform the server the media type and the length of the request body. Suppose the user enters "Peter Lee" as username and "" as password, and clicks the submit button, the following POST request would be generated by the browser:.
As mentioned in the previous section, POST request has the following advantage compared with the GET request in sending the query string:. Hence, sending password using a POST request is absolutely not secure.
When the user clicks the submit button, the browser send the form data and the content of the selected file s.
The original local file name could be supplied as a " filename " parameter, or in the " Content-Disposition: form-data " header. Servlet 3. Read " Uploading Files in Servlet 3. This is often used to make a connection through a proxy. It then parses this file, making additional requests corresponding to execution scripts, layout information CSS to display, and sub-resources contained within the page usually images and videos. The Web browser then combines these resources to present the complete document, the Web page.
Scripts executed by the browser can fetch more resources in later phases and the browser updates the Web page accordingly. A Web page is a hypertext document. This means some parts of the displayed content are links, which can be activated usually by a click of the mouse to fetch a new Web page, allowing the user to direct their user-agent and navigate through the Web.
On the opposite side of the communication channel is the server, which serves the document as requested by the client. A server appears as only a single machine virtually; but it may actually be a collection of servers sharing the load load balancing , or a complex piece of software interrogating other computers like cache, a DB server, or e-commerce servers , totally or partially generating the document on demand. A server is not necessarily a single machine, but several server software instances can be hosted on the same machine.
Due to the layered structure of the Web stack, most of these operate at the transport, network or physical levels, becoming transparent at the HTTP layer and potentially having a significant impact on performance. Those operating at the application layers are generally called proxies. These can be transparent, forwarding on the requests they receive without altering them in any way, or non-transparent, in which case they will change the request in some way before passing it along to the server.
Proxies may perform numerous functions:. HTTP messages can be read and understood by humans, providing easier testing for developers, and reduced complexity for newcomers. New functionality can even be introduced by a simple agreement between a client and a server about a new header's semantics. HTTP is stateless: there is no link between two requests being successively carried out on the same connection.
This immediately has the prospect of being problematic for users attempting to interact with certain pages coherently, for example, using e-commerce shopping baskets. A connection is controlled at the transport layer, and therefore fundamentally out of scope for HTTP. HTTP doesn't require the underlying transport protocol to be connection-based; it only requires it to be reliable , or not lose messages at minimum, presenting an error in such cases.
This is less efficient than sharing a single TCP connection when multiple requests are sent in close succession. Experiments are in progress to design a better transport protocol more suited to HTTP. This extensible nature of HTTP has, over time, allowed for more control and functionality of the Web.
Cache and authentication methods were functions handled early in HTTP history. The ability to relax the origin constraint , by contrast, was only added in the s. When a client wants to communicate with a server, either the final server or an intermediate proxy, it performs the following steps:. If HTTP pipelining is activated, several requests can be sent without waiting for the first response to be fully received. As we try to make as much progress on HTTP as possible it is very important that we can stay focused - even on open mailing lists!
The IETF is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual.
The following list are working groups of more distant nature relative to HTTP.
0コメント