Making the Most of HTTP In Your Apps (php|tek 2009)

Embed

Start on current slide

Slide 1

Slide 1 text

Making the Most of HTTP In Your Apps Ben Ramsey • php|tek • 22 May 2009

Slide 2

Slide 2 text

Why HTTP?

Slide 3

Slide 3 text

Because you are a Web developer.

Slide 4

Slide 4 text

HTTP is the Web.

Slide 5

Slide 5 text

That’s all I have to say about that.

Slide 6

Slide 6 text

Some properties of HTTP...

Slide 7

Slide 7 text

❖ A client-server architecture ❖ Atomic ❖ Cacheable ❖ A uniform interface ❖ Layered ❖ Code on demand

Slide 8

Slide 8 text

Now, what does that sound like?

Slide 9

Slide 9 text

REST!

Slide 10

Slide 10 text

And, that’s all I have to say about that, too.

Slide 11

Slide 11 text

Our focus today...

Slide 12

Slide 12 text

❖ Methods ❖ Status Codes ❖ Playing with raw HTTP ❖ HTTP in PHP

Slide 13

Slide 13 text

Deﬁning safe & idempotent methods

Slide 14

Slide 14 text

Safe methods ❖ GET & HEAD should not take action other than retrieval ❖ These are considered safe ❖ Allows agents to represent POST, PUT, & DELETE in a special way

Slide 15

Slide 15 text

Idempotence ❖ Side-effects of N > 0 identical requests is the same as for a single request ❖ GET, HEAD, PUT and DELETE share this property ❖ OPTIONS and TRACE are inherently idempotent

Slide 16

Slide 16 text

Methods

Slide 17

Slide 17 text

❖ Retrieval of information ❖ Transfers a representation of a resource from the server to the client ❖ Safe ❖ Idempotent GET

Slide 18

Slide 18 text

HEAD ❖ Identical to GET, except... ❖ Returns only the headers, not the body ❖ Useful for getting details about a resource representation before retrieving the full representation ❖ Safe ❖ Idempotent

Slide 19

Slide 19 text

POST ❖ The body content should be accepted as a new subordinate of the resource ❖ Append, annotate, paste after ❖ Not safe ❖ Non-idempotent

Slide 20

Slide 20 text

PUT ❖ Opposite of GET ❖ Storage of information ❖ Transfers a representation of a resource from the client to the server ❖ Not safe ❖ Idempotent

Slide 21

Slide 21 text

DELETE ❖ Requests that the resource identiﬁed be removed from public access ❖ Not safe ❖ Idempotent

Slide 22

Slide 22 text

Other methods ❖ OPTIONS ❖ TRACE ❖ CONNECT

Slide 23

Slide 23 text

Status codes

Slide 24

Slide 24 text

❖ Informational (1xx) ❖ Successful (2xx) ❖ Redirection (3xx) ❖ Client error (4xx) ❖ Server error (5xx)

Slide 25

Slide 25 text

Informational (1xx)

Slide 26

Slide 26 text

100 Continue

Slide 27

Slide 27 text

1. Client sends a request without a body and includes the Expect: 100-continue header and all other headers 2. Server determines whether it will accept the request and responds with 100 Continue (or a 4xx code on error) 3. Client sends the request again with the body and without the Expect header

Slide 28

Slide 28 text

1 POST /content/videos HTTP/1.1 Host: example.org Content-Type: video/mp4 Content-Length: 115910000 Authorization: Basic bWFkZTp5b3VfbG9vaw== Expect: 100-continue

Slide 29

Slide 29 text

2 HTTP/1.1 413 Request Entity Too Large Date: Thu, 21 May 2009 23:05:15 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 0 Connection: close Content-Type: text/html Failure state

Slide 30

Slide 30 text

2 HTTP/1.1 100 Continue Date: Thu, 21 May 2009 23:05:15 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 0 Content-Type: text/html Success state

Slide 31

Slide 31 text

3 POST /content/videos HTTP/1.1 Host: example.org Content-Type: video/mp4 Content-Length: 115910000 Authorization: Basic bWFkZTp5b3VfbG9vaw== {binary video data}

Slide 32

Slide 32 text

4 HTTP/1.1 201 Created Date: Thu, 21 May 2009 23:05:34 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 119 Content-Type: text/html Location: http://example.org/content/videos/1234

Video uploaded! Go here to see it.

Slide 33

Slide 33 text

Successful (2xx)

Slide 34

Slide 34 text

200 OK GET /content/videos/1234 HTTP/1.1 Host: example.org HTTP/1.x 200 OK Date: Thu, 21 May 2009 23:08:35 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Type: video/mp4 Content-Length: 115910000 {binary data}

Slide 35

Slide 35 text

201 Created 1 POST /content/videos HTTP/1.1 Host: example.org Content-Type: video/mp4 Content-Length: 115910000 Authorization: Basic bWFkZTp5b3VfbG9vaw== {binary video data}

Slide 36

Slide 36 text

201 Created 2 HTTP/1.x 201 Created Date: Thu, 21 May 2009 23:05:34 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 119 Content-Type: text/html Location: http://example.org/content/videos/1234

Video uploaded! Go here to see it.

Slide 37

Slide 37 text

202 Accepted 2 HTTP/1.x 202 Accepted Date: Thu, 21 May 2009 23:05:34 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 137 Content-Type: text/html Location: http://example.org/content/videos/1234/status

Video processing! Check here for the status.

Slide 38

Slide 38 text

204 No Content 1 DELETE /content/videos/1234 HTTP/1.1 Host: example.org Authorization: Basic bWFkZTp5b3VfbG9vaw==

Slide 39

Slide 39 text

204 No Content 2 HTTP/1.x 204 No Content Date: Thu, 21 May 2009 23:28:34 GMT

Slide 40

Slide 40 text

205 Reset Content “The server has fulﬁlled the request and the user agent SHOULD reset the document view which caused the request to be sent. This response is primarily intended to allow input for actions to take place via user input, followed by a clearing of the form in which the input is given so that the user can easily initiate another input action.”

Slide 41

Slide 41 text

206 Partial Content ❖ Used when requests are made for ranges of bytes from a resource ❖ Determine whether a server supports range requests by checking for the Accept-Ranges header with HEAD

Slide 42

Slide 42 text

1 HEAD /2390/2253727548_a413c88ab3_s.jpg HTTP/1.1 Host: farm3.static.flickr.com

Slide 43

Slide 43 text

2 HTTP/1.0 200 OK Date: Mon, 05 May 2008 00:33:14 GMT Server: Apache/2.0.52 (Red Hat) Accept-Ranges: bytes Content-Length: 3980 Content-Type: image/jpeg

Slide 44

Slide 44 text

3 GET /2390/2253727548_a413c88ab3_s.jpg HTTP/1.1 Host: farm3.static.flickr.com Range: bytes=0-999

Slide 45

Slide 45 text

4 HTTP/1.0 206 Partial Content Date: Mon, 05 May 2008 00:36:57 GMT Server: Apache/2.0.52 (Red Hat) Accept-Ranges: bytes Content-Length: 1000 Content-Range: bytes 0-999/3980 Content-Type: image/jpeg {binary data}

Slide 46

Slide 46 text

Redirection (3xx)

Slide 47

Slide 47 text

303 See Other ❖ The response to your request can be found at another URL identiﬁed by the Location header ❖ The client should make a GET request on that URL ❖ The Location is not a substitute for this URL

Slide 48

Slide 48 text

307 Temporary Redirect ❖ The resource resides temporarily at the URL identiﬁed by the Location ❖ The Location may change, so don’t update your links ❖ If the request is not GET or HEAD, then you must allow the user to conﬁrm the action

Slide 49

Slide 49 text

302 Found ❖ The resource has been found at another URL identiﬁed by the Location header ❖ The new URL might be temporary, so the client should continue to use this URL ❖ Redirections SHOULD be conﬁrmed by the user (in practice, browsers don’t respect this)

Slide 50

Slide 50 text

301 Moved Permanently ❖ The resource has moved permanently to the URL indicated by the Location header ❖ You should update your links accordingly ❖ Great for forcing search engines, etc. to index the new URL instead of this one

Slide 51

Slide 51 text

Client error (4xx)

Slide 52

Slide 52 text

❖ 400 Bad Request ❖ 401 Unauthorized / 403 Forbidden ❖ 404 Not Found ❖ 405 Method Not Allowed ❖ 410 Gone

Slide 53

Slide 53 text

❖ 411 Length Required ❖ 413 Request Entity Too Large ❖ 415 Unsupported Media Type ❖ 416 Requested Range Not Satisﬁable

Slide 54

Slide 54 text

Server error (5xx)

Slide 55

Slide 55 text

❖ 500 Internal Server Error ❖ 503 Service Unavailable

Slide 56

Slide 56 text

Manipulating raw HTTP

Slide 57

Slide 57 text

[bramsey@pippin ~] telnet phparch.com 80

Slide 58

Slide 58 text

[bramsey@pippin ~] telnet phparch.com 80 Trying 64.34.173.96... Connected to phparch.com. Escape character is '^]'.

Slide 59

Slide 59 text

[bramsey@pippin ~] telnet phparch.com 80 Trying 64.34.173.96... Connected to phparch.com. Escape character is '^]'. HEAD / HTTP/1.1 Host: phparch.com

Slide 60

Slide 60 text

[bramsey@pippin ~] telnet phparch.com 80 Trying 64.34.173.96... Connected to phparch.com. Escape character is '^]'. HEAD / HTTP/1.1 Host: phparch.com HTTP/1.1 200 OK Date: Thu, 21 May 2009 21:01:06 GMT Server: Apache/2.2.9 (Debian) PHP/5.2.5 mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.5 Set-Cookie: PHPSESSID=eeeff50d3b6ae241c934a5c2671b0005; expires=Sun, 21 Jun 2009 21:01:07 GMT; path=/; domain=.phparch.com Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html; charset=utf-8 Connection closed by foreign host.

Slide 61

Slide 61 text

Using HTTP in PHP

Slide 62

Slide 62 text

❖ header() function http://php.net/header ❖ Client URL library (cURL) http://php.net/curl ❖ Streams http://php.net/streams ❖ HTTP extension (pecl/http) http://php.net/http

Slide 63

Slide 63 text

Questions? ❖ Slides posted at benramsey.com ❖ Rate this talk at joind.in/213 ❖ Read the HTTP spec at tools.ietf.org/html/rfc2616 ❖ My company is Schematic schematic.com