Upgrade to Pro — share decks privately, control downloads, hide ads and more …

HTTP

 HTTP

2012 CCSP

Andrew Liu

March 28, 2012
Tweet

More Decks by Andrew Liu

Other Decks in Programming

Transcript

  1. HTTP
    Andrew Liu

    View Slide

  2. Hypertext Transfer Protocol

    View Slide

  3. Hypertext Transfer Protocol
    Prof. Mike

    View Slide

  4. URL - Uniform Resource Locator
    https://www.facebook.com/prof.mike.chen

    View Slide

  5. URL - Uniform Resource Locator
    https://www.facebook.com/prof.mike.chen
    scheme name
    http
    https
    spdy

    View Slide

  6. URL - Uniform Resource Locator
    https://www.facebook.com/prof.mike.chen
    scheme name
    http
    https
    spdy
    authority

    View Slide

  7. URL - Uniform Resource Locator
    https://www.facebook.com/prof.mike.chen
    scheme name
    http
    https
    spdy
    authority path

    View Slide

  8. Mike

    View Slide

  9. Mike
    Hi Mike, How are you?

    View Slide

  10. Mike
    Hi Mike, How are you?
    #@[email protected]#!#$#@$

    View Slide

  11. Mike

    View Slide

  12. Mike
    Hi Mike, How are you?

    View Slide

  13. Mike
    Hi Mike, How are you?
    Fine

    View Slide

  14. Mike
    Hi Mike, How are you?
    Fine
    english://mike/status

    View Slide

  15. www.facebook.com
    https://www.facebook.com/prof.mike.chen

    View Slide

  16. www.facebook.com
    GET /prof.mike.chen HTTP/1.1
    https://www.facebook.com/prof.mike.chen

    View Slide

  17. www.facebook.com
    GET /prof.mike.chen HTTP/1.1
    ....
    https://www.facebook.com/prof.mike.chen

    View Slide

  18. Real case: request
    GET / HTTP/1.1
    Host: www.facebook.com
    Connection: keep-alive
    Cache-Control: max-age=0
    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8)
    AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.83
    Safari/535.11
    Accept: text/html,application/xhtml+xml,application/
    xml;q=0.9,*/*;q=0.8
    Accept-Encoding: gzip,deflate,sdch
    Accept-Language: zh-TW,zh;q=0.8,en-US;q=0.6,en;q=0.4
    Accept-Charset: UTF-8,*;q=0.5
    Cookie: ....

    View Slide

  19. www.facebook.com
    GET / HTTP/1.1
    ....
    https://www.facebook.com/

    View Slide

  20. www.facebook.com
    GET / HTTP/1.1
    ....
    https://www.facebook.com/
    How does it know I have logged in?

    View Slide

  21. HTTP is Stateless
    Server doesn’t know what the user did last time.

    View Slide

  22. www.facebook.com

    View Slide

  23. www.facebook.com
    Hi, I’m Mike.

    View Slide

  24. www.facebook.com
    Hi, I’m Mike.
    Ok, you’re Mike.

    View Slide

  25. www.facebook.com
    Hi, I’m Mike.
    Ok, you’re Mike.
    Everyone can be Mike now!

    View Slide

  26. www.facebook.com

    View Slide

  27. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.

    View Slide

  28. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.
    Ok, you’re Mike. Code: a3ad31

    View Slide

  29. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.
    Ok, you’re Mike. Code: a3ad31
    My code is a3ad31.

    View Slide

  30. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.
    Ok, you’re Mike. Code: a3ad31
    My code is a3ad31.
    Ok, you’re Mike.

    View Slide

  31. www.facebook.com
    Hi, I’m Mike. My password is “lab430”.
    Ok, you’re Mike. Code: a3ad31
    Browser must remember the code!
    My code is a3ad31.
    Ok, you’re Mike.

    View Slide

  32. Cookie to Rescue

    View Slide

  33. Cookie to Rescue
    Key - value pair storage

    View Slide

  34. Cookie to Rescue
    Key - value pair storage
    Sent every time in HTTP request header
    Cookie: km_dbg=0; heroku_session_v=1; ...

    View Slide

  35. Real case: response
    HTTP/1.1 200 OK
    Cache-Control: private, no-cache, no-store, must-revalidate
    Expires: Sat, 01 Jan 2000 00:00:00 GMT
    Pragma: no-cache
    X-Content-Type-Options: nosniff
    X-Frame-Options: DENY
    Set-Cookie: _e_1V7k_5=deleted; expires=Thu, 01-Jan-1970
    00:00:01 GMT; path=/; domain=.facebook.com; httponly
    Set-Cookie: L=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT;
    path=/; domain=.facebook.com; httponly
    Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01
    GMT; path=/; domain=.facebook.com; httponly
    Content-Encoding: gzip
    Content-Type: text/html; charset=utf-8
    X-FB-Debug: XKkfgkQmkDwO4VsOafKYEhfDbYk9WN8ANLHRCrl/9eU=
    X-Cnection: close
    Transfer-Encoding: chunked
    Date: Tue, 27 Mar 2012 13:16:47 GMT

    View Slide

  36. HTTP Status Code

    View Slide

  37. HTTP Status Code
    2XX Success
    200 OK

    View Slide

  38. HTTP Status Code
    2XX Success
    200 OK
    3XX Redirection
    301 Move Permanently
    302 Found (a.k.a. Moved
    Temporarily)
    304 Not Modified

    View Slide

  39. HTTP Status Code
    2XX Success
    200 OK
    3XX Redirection
    301 Move Permanently
    302 Found (a.k.a. Moved
    Temporarily)
    304 Not Modified
    4XX Client Error
    400 Bad Request
    401 Unauthorized
    403 Forbidden
    404 Not Found

    View Slide

  40. HTTP Status Code
    2XX Success
    200 OK
    3XX Redirection
    301 Move Permanently
    302 Found (a.k.a. Moved
    Temporarily)
    304 Not Modified
    4XX Client Error
    400 Bad Request
    401 Unauthorized
    403 Forbidden
    404 Not Found
    5XX Server Error
    500 Internal Server Error

    View Slide

  41. Advanced Topics

    View Slide

  42. mikechen.com

    View Slide

  43. mikechen.com
    http://mikechen.com/

    View Slide

  44. mikechen.com
    GET / HTTP/1.1
    http://mikechen.com/

    View Slide

  45. mikechen.com
    GET / HTTP/1.1
    ...
    http://mikechen.com/

    View Slide

  46. mikechen.com
    GET / HTTP/1.1
    ...
    http://mikechen.com/

    View Slide

  47. mikechen.com

    View Slide

  48. mikechen.com
    http://mikechen.com/

    View Slide

  49. mikechen.com
    Modified?
    http://mikechen.com/

    View Slide

  50. mikechen.com
    Modified?
    No!
    http://mikechen.com/

    View Slide

  51. mikechen.com
    Modified?
    No!
    http://mikechen.com/

    View Slide

  52. HTTP Request Header

    View Slide

  53. HTTP Request Header
    Host Host: www.apple.com

    View Slide

  54. HTTP Request Header
    Host
    User-Agent
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  

    View Slide

  55. HTTP Request Header
    Host
    User-Agent
    Accept-Language
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
    Accept-Language: en-us,en;q=0.5

    View Slide

  56. HTTP Request Header
    Host
    User-Agent
    Accept-Language
    Accept-Encoding
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip,deflate

    View Slide

  57. HTTP Request Header
    Host
    User-Agent
    Accept-Language
    Accept-Encoding
    If-Modified-Since
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip,deflate
    If-Modified-Since: Sat, 28 Nov 2009 06:38:19 GMT

    View Slide

  58. HTTP Request Header
    Host
    User-Agent
    Accept-Language
    Accept-Encoding
    If-Modified-Since
    Referer
    Host: www.apple.com
    User-Agent: Mozilla/5.0
    (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
    Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)  
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip,deflate
    If-Modified-Since: Sat, 28 Nov 2009 06:38:19 GMT
    Referer: www.google.com

    View Slide

  59. HTTP Response Header

    View Slide

  60. HTTP Response Header
    Cache-Control Cache-Control: max-age=3600, public

    View Slide

  61. HTTP Response Header
    Cache-Control
    Content-Encoding
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip

    View Slide

  62. HTTP Response Header
    Cache-Control
    Content-Encoding
    Content-Type
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip
    Content-Type: text/html; charset=UTF-8

    View Slide

  63. HTTP Response Header
    Cache-Control
    Content-Encoding
    Content-Type
    Content-Disposition
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip
    Content-Type: text/html; charset=UTF-8
    Content-Disposition: attachment;
    filename=”ccsp.pdf”

    View Slide

  64. HTTP Response Header
    Cache-Control
    Content-Encoding
    Content-Type
    Content-Disposition
    Content-Length
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip
    Content-Type: text/html; charset=UTF-8
    Content-Disposition: attachment;
    filename=”ccsp.pdf”
    Content-Length: 79324

    View Slide

  65. HTTP Response Header
    Cache-Control
    Content-Encoding
    Content-Type
    Content-Disposition
    Content-Length
    Location
    Cache-Control: max-age=3600, public
    Content-Encoding: gzip
    Content-Type: text/html; charset=UTF-8
    Content-Disposition: attachment;
    filename=”ccsp.pdf”
    Content-Length: 79324
    Location: http://ntumobile.org

    View Slide

  66. HTTP Verbs

    View Slide

  67. HTTP Verbs
    GET GET /books
    read

    View Slide

  68. HTTP Verbs
    GET
    POST
    GET /books
    read
    POST /books
    create

    View Slide

  69. HTTP Verbs
    GET
    POST
    PUT
    GET /books
    read
    POST /books
    create
    PUT /books/hunger-game
    update

    View Slide

  70. HTTP Verbs
    GET
    POST
    PUT
    DELETE
    GET /books
    read
    POST /books
    create
    PUT /books/hunger-game
    update
    DELETE /books/hunger-game
    delete

    View Slide

  71. View Slide

  72. View Slide




  73. or

    View Slide




  74. or
    GET /search?q=mike+chen HTTP/1.1
    Host: www.google.com.tw
    User-Agent: Mozilla/4.0

    View Slide

  75. { :q => “mike chen” }



    or
    GET /search?q=mike+chen HTTP/1.1
    Host: www.google.com.tw
    User-Agent: Mozilla/4.0

    View Slide

  76. View Slide






  77. View Slide






  78. POST /login HTTP/1.1
    Host: ccsp2012.org
    User-Agent: Mozilla/4.0
    Content-Length: 25
    Content-Type: application/x-www-form-urlencoded
    user=mike&password=lab430

    View Slide

  79. END

    View Slide