HTTP

 HTTP

2012 CCSP

B445ebf67c71d53b0b3bbe6d9bddd1c3?s=128

Andrew Liu

March 28, 2012
Tweet

Transcript

  1. 8.
  2. 11.
  3. 18.

    Real case: request GET / HTTP/1.1 Host: www.facebook.com Connection: keep-alive

    Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.83 Safari/535.11 Accept: text/html,application/xhtml+xml,application/ xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: zh-TW,zh;q=0.8,en-US;q=0.6,en;q=0.4 Accept-Charset: UTF-8,*;q=0.5 Cookie: ....
  4. 30.

    www.facebook.com Hi, I’m Mike. My password is “lab430”. Ok, you’re

    Mike. Code: a3ad31 My code is a3ad31. Ok, you’re Mike.
  5. 31.

    www.facebook.com Hi, I’m Mike. My password is “lab430”. Ok, you’re

    Mike. Code: a3ad31 Browser must remember the code! My code is a3ad31. Ok, you’re Mike.
  6. 34.

    Cookie to Rescue Key - value pair storage Sent every

    time in HTTP request header Cookie: km_dbg=0; heroku_session_v=1; ...
  7. 35.

    Real case: response HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store,

    must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT Pragma: no-cache X-Content-Type-Options: nosniff X-Frame-Options: DENY Set-Cookie: _e_1V7k_5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly Set-Cookie: L=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly Content-Encoding: gzip Content-Type: text/html; charset=utf-8 X-FB-Debug: XKkfgkQmkDwO4VsOafKYEhfDbYk9WN8ANLHRCrl/9eU= X-Cnection: close Transfer-Encoding: chunked Date: Tue, 27 Mar 2012 13:16:47 GMT
  8. 38.

    HTTP Status Code 2XX Success 200 OK 3XX Redirection 301

    Move Permanently 302 Found (a.k.a. Moved Temporarily) 304 Not Modified
  9. 39.

    HTTP Status Code 2XX Success 200 OK 3XX Redirection 301

    Move Permanently 302 Found (a.k.a. Moved Temporarily) 304 Not Modified 4XX Client Error 400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found
  10. 40.

    HTTP Status Code 2XX Success 200 OK 3XX Redirection 301

    Move Permanently 302 Found (a.k.a. Moved Temporarily) 304 Not Modified 4XX Client Error 400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found 5XX Server Error 500 Internal Server Error
  11. 54.

    HTTP Request Header Host User-Agent Host: www.apple.com User-Agent: Mozilla/5.0 (Windows;

    U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
  12. 55.

    HTTP Request Header Host User-Agent Accept-Language Host: www.apple.com User-Agent: Mozilla/5.0

    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)   Accept-Language: en-us,en;q=0.5
  13. 56.

    HTTP Request Header Host User-Agent Accept-Language Accept-Encoding Host: www.apple.com User-Agent:

    Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)   Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate
  14. 57.

    HTTP Request Header Host User-Agent Accept-Language Accept-Encoding If-Modified-Since Host: www.apple.com

    User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)   Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate If-Modified-Since: Sat, 28 Nov 2009 06:38:19 GMT
  15. 58.

    HTTP Request Header Host User-Agent Accept-Language Accept-Encoding If-Modified-Since Referer Host:

    www.apple.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)   Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate If-Modified-Since: Sat, 28 Nov 2009 06:38:19 GMT Referer: www.google.com
  16. 63.

    HTTP Response Header Cache-Control Content-Encoding Content-Type Content-Disposition Cache-Control: max-age=3600, public

    Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Content-Disposition: attachment; filename=”ccsp.pdf”
  17. 64.

    HTTP Response Header Cache-Control Content-Encoding Content-Type Content-Disposition Content-Length Cache-Control: max-age=3600,

    public Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Content-Disposition: attachment; filename=”ccsp.pdf” Content-Length: 79324
  18. 65.

    HTTP Response Header Cache-Control Content-Encoding Content-Type Content-Disposition Content-Length Location Cache-Control:

    max-age=3600, public Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Content-Disposition: attachment; filename=”ccsp.pdf” Content-Length: 79324 Location: http://ntumobile.org
  19. 69.

    HTTP Verbs GET POST PUT GET /books read POST /books

    create PUT /books/hunger-game update
  20. 70.

    HTTP Verbs GET POST PUT DELETE GET /books read POST

    /books create PUT /books/hunger-game update DELETE /books/hunger-game delete
  21. 71.
  22. 72.
  23. 75.

    { :q => “mike chen” } <form method=”get” action=”/search”> <input

    type=”text” name=”q”> </form> or GET /search?q=mike+chen HTTP/1.1 Host: www.google.com.tw User-Agent: Mozilla/4.0
  24. 76.
  25. 78.

    <form method=”post” action=”/login”> <input type=”text” name=”user”> <input type=”password” name=”password”> <input

    type=”submit” value=”Submit”> </form> POST /login HTTP/1.1 Host: ccsp2012.org User-Agent: Mozilla/4.0 Content-Length: 25 Content-Type: application/x-www-form-urlencoded user=mike&password=lab430
  26. 79.

    END