Upgrade to Pro — share decks privately, control downloads, hide ads and more …

HTTP

 HTTP

2012 CCSP

Andrew Liu

March 28, 2012
Tweet

More Decks by Andrew Liu

Other Decks in Programming

Transcript

  1. HTTP
    Andrew Liu

    View full-size slide

  2. Hypertext Transfer Protocol

    View full-size slide

  3. Hypertext Transfer Protocol
    Prof. Mike

    View full-size slide

  4. URL - Uniform Resource Locator
    https://www.facebook.com/prof.mike.chen

    View full-size slide

  5. URL - Uniform Resource Locator
    https://www.facebook.com/prof.mike.chen
    scheme name
    http
    https
    spdy

    View full-size slide

  6. URL - Uniform Resource Locator
    https://www.facebook.com/prof.mike.chen
    scheme name
    http
    https
    spdy
    authority

    View full-size slide

  7. URL - Uniform Resource Locator
    https://www.facebook.com/prof.mike.chen
    scheme name
    http
    https
    spdy
    authority path

    View full-size slide

  8. Mike
    Hi Mike, How are you?

    View full-size slide

  9. Mike
    Hi Mike, How are you?
    #@!@#!#$#@$

    View full-size slide

  10. Mike
    Hi Mike, How are you?

    View full-size slide

  11. Mike
    Hi Mike, How are you?
    Fine

    View full-size slide

  12. Mike
    Hi Mike, How are you?
    Fine
    english://mike/status

    View full-size slide

  13. www.facebook.com
    https://www.facebook.com/prof.mike.chen

    View full-size slide

  14. www.facebook.com
    GET /prof.mike.chen HTTP/1.1
    https://www.facebook.com/prof.mike.chen

    View full-size slide

  15. www.facebook.com
    GET /prof.mike.chen HTTP/1.1
    ....
    https://www.facebook.com/prof.mike.chen

    View full-size slide

  16. Real case: request
    GET / HTTP/1.1
    Host: www.facebook.com
    Connection: keep-alive
    Cache-Control: max-age=0
    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8)
    AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.83
    Safari/535.11
    Accept: text/html,application/xhtml+xml,application/
    xml;q=0.9,*/*;q=0.8
    Accept-Encoding: gzip,deflate,sdch
    Accept-Language: zh-TW,zh;q=0.8,en-US;q=0.6,en;q=0.4
    Accept-Charset: UTF-8,*;q=0.5
    Cookie: ....

    View full-size slide

  17. www.facebook.com
    GET / HTTP/1.1
    ....
    https://www.facebook.com/

    View full-size slide

  18. www.facebook.com
    GET / HTTP/1.1
    ....
    https://www.facebook.com/
    How does it know I have logged in?

    View full-size slide

  19. HTTP is Stateless
    Server doesn’t know what the user did last time.

    View full-size slide

  20. www.facebook.com

    View full-size slide

  21. www.facebook.com
    Hi, I’m Mike.

    View full-size slide

  22. www.facebook.com
    Hi, I’m Mike.
    Ok, you’re Mike.

    View full-size slide

  23. www.facebook.com
    Hi, I’m Mike.
    Ok, you’re Mike.
    Everyone can be Mike now!

    View full-size slide

  24. www.facebook.com

    View full-size slide

  25. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.

    View full-size slide

  26. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.
    Ok, you’re Mike. Code: a3ad31

    View full-size slide

  27. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.
    Ok, you’re Mike. Code: a3ad31
    My code is a3ad31.

    View full-size slide

  28. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.
    Ok, you’re Mike. Code: a3ad31
    My code is a3ad31.
    Ok, you’re Mike.

    View full-size slide

  29. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.
    Ok, you’re Mike. Code: a3ad31
    Browser must remember the code!
    My code is a3ad31.
    Ok, you’re Mike.

    View full-size slide

  30. Cookie to Rescue

    View full-size slide

  31. Cookie to Rescue
    Key - value pair storage

    View full-size slide

  32. Cookie to Rescue
    Key - value pair storage
    Sent every time in HTTP request header
    Cookie: km_dbg=0; heroku_session_v=1; ...

    View full-size slide

  33. Real case: response
    HTTP/1.1 200 OK
    Cache-Control: private, no-cache, no-store, must-revalidate
    Expires: Sat, 01 Jan 2000 00:00:00 GMT
    Pragma: no-cache
    X-Content-Type-Options: nosniff
    X-Frame-Options: DENY
    Set-Cookie: _e_1V7k_5=deleted; expires=Thu, 01-Jan-1970
    00:00:01 GMT; path=/; domain=.facebook.com; httponly
    Set-Cookie: L=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT;
    path=/; domain=.facebook.com; httponly
    Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01
    GMT; path=/; domain=.facebook.com; httponly
    Content-Encoding: gzip
    Content-Type: text/html; charset=utf-8
    X-FB-Debug: XKkfgkQmkDwO4VsOafKYEhfDbYk9WN8ANLHRCrl/9eU=
    X-Cnection: close
    Transfer-Encoding: chunked
    Date: Tue, 27 Mar 2012 13:16:47 GMT

    View full-size slide

  34. HTTP Status Code

    View full-size slide

  35. HTTP Status Code
    2XX Success
    200 OK

    View full-size slide

  36. HTTP Status Code
    2XX Success
    200 OK
    3XX Redirection
    301 Move Permanently
    302 Found (a.k.a. Moved
    Temporarily)
    304 Not Modified

    View full-size slide

  37. HTTP Status Code
    2XX Success
    200 OK
    3XX Redirection
    301 Move Permanently
    302 Found (a.k.a. Moved
    Temporarily)
    304 Not Modified
    4XX Client Error
    400 Bad Request
    401 Unauthorized
    403 Forbidden
    404 Not Found

    View full-size slide

  38. HTTP Status Code
    2XX Success
    200 OK
    3XX Redirection
    301 Move Permanently
    302 Found (a.k.a. Moved
    Temporarily)
    304 Not Modified
    4XX Client Error
    400 Bad Request
    401 Unauthorized
    403 Forbidden
    404 Not Found
    5XX Server Error
    500 Internal Server Error

    View full-size slide

  39. Advanced Topics

    View full-size slide

  40. mikechen.com

    View full-size slide

  41. mikechen.com
    http://mikechen.com/

    View full-size slide

  42. mikechen.com
    GET / HTTP/1.1
    http://mikechen.com/

    View full-size slide

  43. mikechen.com
    GET / HTTP/1.1
    ...
    http://mikechen.com/

    View full-size slide

  44. mikechen.com
    GET / HTTP/1.1
    ...
    http://mikechen.com/

    View full-size slide

  45. mikechen.com

    View full-size slide

  46. mikechen.com
    http://mikechen.com/

    View full-size slide

  47. mikechen.com
    Modified?
    http://mikechen.com/

    View full-size slide

  48. mikechen.com
    Modified?
    No!
    http://mikechen.com/

    View full-size slide

  49. mikechen.com
    Modified?
    No!
    http://mikechen.com/

    View full-size slide

  50. HTTP Request Header

    View full-size slide

  51. HTTP Request Header
    Host Host: www.apple.com

    View full-size slide

  52. HTTP Request Header
    Host
    User-Agent
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  

    View full-size slide

  53. HTTP Request Header
    Host
    User-Agent
    Accept-Language
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
    Accept-Language: en-us,en;q=0.5

    View full-size slide

  54. HTTP Request Header
    Host
    User-Agent
    Accept-Language
    Accept-Encoding
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip,deflate

    View full-size slide

  55. HTTP Request Header
    Host
    User-Agent
    Accept-Language
    Accept-Encoding
    If-Modified-Since
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip,deflate
    If-Modified-Since: Sat, 28 Nov 2009 06:38:19 GMT

    View full-size slide

  56. HTTP Request Header
    Host
    User-Agent
    Accept-Language
    Accept-Encoding
    If-Modified-Since
    Referer
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip,deflate
    If-Modified-Since: Sat, 28 Nov 2009 06:38:19 GMT
    Referer: www.google.com

    View full-size slide

  57. HTTP Response Header

    View full-size slide

  58. HTTP Response Header
    Cache-Control Cache-Control: max-age=3600, public

    View full-size slide

  59. HTTP Response Header
    Cache-Control
    Content-Encoding
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip

    View full-size slide

  60. HTTP Response Header
    Cache-Control
    Content-Encoding
    Content-Type
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip
    Content-Type: text/html; charset=UTF-8

    View full-size slide

  61. HTTP Response Header
    Cache-Control
    Content-Encoding
    Content-Type
    Content-Disposition
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip
    Content-Type: text/html; charset=UTF-8
    Content-Disposition: attachment;
    filename=”ccsp.pdf”

    View full-size slide

  62. HTTP Response Header
    Cache-Control
    Content-Encoding
    Content-Type
    Content-Disposition
    Content-Length
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip
    Content-Type: text/html; charset=UTF-8
    Content-Disposition: attachment;
    filename=”ccsp.pdf”
    Content-Length: 79324

    View full-size slide

  63. HTTP Response Header
    Cache-Control
    Content-Encoding
    Content-Type
    Content-Disposition
    Content-Length
    Location
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip
    Content-Type: text/html; charset=UTF-8
    Content-Disposition: attachment;
    filename=”ccsp.pdf”
    Content-Length: 79324
    Location: http://ntumobile.org

    View full-size slide

  64. HTTP Verbs
    GET GET /books
    read

    View full-size slide

  65. HTTP Verbs
    GET
    POST
    GET /books
    read
    POST /books
    create

    View full-size slide

  66. HTTP Verbs
    GET
    POST
    PUT
    GET /books
    read
    POST /books
    create
    PUT /books/hunger-game
    update

    View full-size slide

  67. HTTP Verbs
    GET
    POST
    PUT
    DELETE
    GET /books
    read
    POST /books
    create
    PUT /books/hunger-game
    update
    DELETE /books/hunger-game
    delete

    View full-size slide




  68. or
    GET /search?q=mike+chen HTTP/1.1
    Host: www.google.com.tw
    User-Agent: Mozilla/4.0

    View full-size slide

  69. { :q => “mike chen” }



    or
    GET /search?q=mike+chen HTTP/1.1
    Host: www.google.com.tw
    User-Agent: Mozilla/4.0

    View full-size slide






  70. POST /login HTTP/1.1
    Host: ccsp2012.org
    User-Agent: Mozilla/4.0
    Content-Length: 25
    Content-Type: application/x-www-form-urlencoded
    user=mike&password=lab430

    View full-size slide