HTTP

 HTTP

2012 CCSP

B445ebf67c71d53b0b3bbe6d9bddd1c3?s=128

Andrew Liu

March 28, 2012
Tweet

Transcript

  1. HTTP Andrew Liu

  2. Hypertext Transfer Protocol

  3. Hypertext Transfer Protocol <a href=”https://www.facebook.com/mikechencom”>Prof. Mike</a>

  4. URL - Uniform Resource Locator https://www.facebook.com/prof.mike.chen

  5. URL - Uniform Resource Locator https://www.facebook.com/prof.mike.chen scheme name http https

    spdy
  6. URL - Uniform Resource Locator https://www.facebook.com/prof.mike.chen scheme name http https

    spdy authority
  7. URL - Uniform Resource Locator https://www.facebook.com/prof.mike.chen scheme name http https

    spdy authority path
  8. Mike

  9. Mike Hi Mike, How are you?

  10. Mike Hi Mike, How are you? #@!@#!#$#@$

  11. Mike

  12. Mike Hi Mike, How are you?

  13. Mike Hi Mike, How are you? Fine

  14. Mike Hi Mike, How are you? Fine english://mike/status

  15. www.facebook.com https://www.facebook.com/prof.mike.chen

  16. www.facebook.com GET /prof.mike.chen HTTP/1.1 https://www.facebook.com/prof.mike.chen

  17. www.facebook.com GET /prof.mike.chen HTTP/1.1 <html>.... https://www.facebook.com/prof.mike.chen

  18. Real case: request GET / HTTP/1.1 Host: www.facebook.com Connection: keep-alive

    Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.83 Safari/535.11 Accept: text/html,application/xhtml+xml,application/ xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: zh-TW,zh;q=0.8,en-US;q=0.6,en;q=0.4 Accept-Charset: UTF-8,*;q=0.5 Cookie: ....
  19. www.facebook.com GET / HTTP/1.1 <html>.... https://www.facebook.com/

  20. www.facebook.com GET / HTTP/1.1 <html>.... https://www.facebook.com/ How does it know

    I have logged in?
  21. HTTP is Stateless Server doesn’t know what the user did

    last time.
  22. www.facebook.com

  23. www.facebook.com Hi, I’m Mike.

  24. www.facebook.com Hi, I’m Mike. Ok, you’re Mike.

  25. www.facebook.com Hi, I’m Mike. Ok, you’re Mike. Everyone can be

    Mike now!
  26. www.facebook.com

  27. www.facebook.com Hi, I’m Mike. My password is “lab430”.

  28. www.facebook.com Hi, I’m Mike. My password is “lab430”. Ok, you’re

    Mike. Code: a3ad31
  29. www.facebook.com Hi, I’m Mike. My password is “lab430”. Ok, you’re

    Mike. Code: a3ad31 My code is a3ad31.
  30. www.facebook.com Hi, I’m Mike. My password is “lab430”. Ok, you’re

    Mike. Code: a3ad31 My code is a3ad31. Ok, you’re Mike.
  31. www.facebook.com Hi, I’m Mike. My password is “lab430”. Ok, you’re

    Mike. Code: a3ad31 Browser must remember the code! My code is a3ad31. Ok, you’re Mike.
  32. Cookie to Rescue

  33. Cookie to Rescue Key - value pair storage

  34. Cookie to Rescue Key - value pair storage Sent every

    time in HTTP request header Cookie: km_dbg=0; heroku_session_v=1; ...
  35. Real case: response HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store,

    must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT Pragma: no-cache X-Content-Type-Options: nosniff X-Frame-Options: DENY Set-Cookie: _e_1V7k_5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly Set-Cookie: L=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly Content-Encoding: gzip Content-Type: text/html; charset=utf-8 X-FB-Debug: XKkfgkQmkDwO4VsOafKYEhfDbYk9WN8ANLHRCrl/9eU= X-Cnection: close Transfer-Encoding: chunked Date: Tue, 27 Mar 2012 13:16:47 GMT
  36. HTTP Status Code

  37. HTTP Status Code 2XX Success 200 OK

  38. HTTP Status Code 2XX Success 200 OK 3XX Redirection 301

    Move Permanently 302 Found (a.k.a. Moved Temporarily) 304 Not Modified
  39. HTTP Status Code 2XX Success 200 OK 3XX Redirection 301

    Move Permanently 302 Found (a.k.a. Moved Temporarily) 304 Not Modified 4XX Client Error 400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found
  40. HTTP Status Code 2XX Success 200 OK 3XX Redirection 301

    Move Permanently 302 Found (a.k.a. Moved Temporarily) 304 Not Modified 4XX Client Error 400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found 5XX Server Error 500 Internal Server Error
  41. Advanced Topics

  42. mikechen.com

  43. mikechen.com http://mikechen.com/

  44. mikechen.com GET / HTTP/1.1 http://mikechen.com/

  45. mikechen.com GET / HTTP/1.1 <html>... http://mikechen.com/

  46. mikechen.com GET / HTTP/1.1 <html>... http://mikechen.com/

  47. mikechen.com

  48. mikechen.com http://mikechen.com/

  49. mikechen.com Modified? http://mikechen.com/

  50. mikechen.com Modified? No! http://mikechen.com/

  51. mikechen.com Modified? No! http://mikechen.com/

  52. HTTP Request Header

  53. HTTP Request Header Host Host: www.apple.com

  54. HTTP Request Header Host User-Agent Host: www.apple.com User-Agent: Mozilla/5.0 (Windows;

    U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
  55. HTTP Request Header Host User-Agent Accept-Language Host: www.apple.com User-Agent: Mozilla/5.0

    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)   Accept-Language: en-us,en;q=0.5
  56. HTTP Request Header Host User-Agent Accept-Language Accept-Encoding Host: www.apple.com User-Agent:

    Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)   Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate
  57. HTTP Request Header Host User-Agent Accept-Language Accept-Encoding If-Modified-Since Host: www.apple.com

    User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)   Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate If-Modified-Since: Sat, 28 Nov 2009 06:38:19 GMT
  58. HTTP Request Header Host User-Agent Accept-Language Accept-Encoding If-Modified-Since Referer Host:

    www.apple.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)   Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate If-Modified-Since: Sat, 28 Nov 2009 06:38:19 GMT Referer: www.google.com
  59. HTTP Response Header

  60. HTTP Response Header Cache-Control Cache-Control: max-age=3600, public

  61. HTTP Response Header Cache-Control Content-Encoding Cache-Control: max-age=3600, public Content-Encoding: gzip

  62. HTTP Response Header Cache-Control Content-Encoding Content-Type Cache-Control: max-age=3600, public Content-Encoding:

    gzip Content-Type: text/html; charset=UTF-8
  63. HTTP Response Header Cache-Control Content-Encoding Content-Type Content-Disposition Cache-Control: max-age=3600, public

    Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Content-Disposition: attachment; filename=”ccsp.pdf”
  64. HTTP Response Header Cache-Control Content-Encoding Content-Type Content-Disposition Content-Length Cache-Control: max-age=3600,

    public Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Content-Disposition: attachment; filename=”ccsp.pdf” Content-Length: 79324
  65. HTTP Response Header Cache-Control Content-Encoding Content-Type Content-Disposition Content-Length Location Cache-Control:

    max-age=3600, public Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Content-Disposition: attachment; filename=”ccsp.pdf” Content-Length: 79324 Location: http://ntumobile.org
  66. HTTP Verbs

  67. HTTP Verbs GET GET /books read

  68. HTTP Verbs GET POST GET /books read POST /books create

  69. HTTP Verbs GET POST PUT GET /books read POST /books

    create PUT /books/hunger-game update
  70. HTTP Verbs GET POST PUT DELETE GET /books read POST

    /books create PUT /books/hunger-game update DELETE /books/hunger-game delete
  71. None
  72. None
  73. <form method=”get” action=”/search”> <input type=”text” name=”q”> </form> or

  74. <form method=”get” action=”/search”> <input type=”text” name=”q”> </form> or GET /search?q=mike+chen

    HTTP/1.1 Host: www.google.com.tw User-Agent: Mozilla/4.0
  75. { :q => “mike chen” } <form method=”get” action=”/search”> <input

    type=”text” name=”q”> </form> or GET /search?q=mike+chen HTTP/1.1 Host: www.google.com.tw User-Agent: Mozilla/4.0
  76. None
  77. <form method=”post” action=”/login”> <input type=”text” name=”user”> <input type=”password” name=”password”> <input

    type=”submit” value=”Submit”> </form>
  78. <form method=”post” action=”/login”> <input type=”text” name=”user”> <input type=”password” name=”password”> <input

    type=”submit” value=”Submit”> </form> POST /login HTTP/1.1 Host: ccsp2012.org User-Agent: Mozilla/4.0 Content-Length: 25 Content-Type: application/x-www-form-urlencoded user=mike&password=lab430
  79. END