Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Making the Most of HTTP In Your Apps (Dutch PHP 2009)

Making the Most of HTTP In Your Apps (Dutch PHP 2009)

200, 404, 302. Is it a lock combination? A phone number? No, they're HTTP status codes! As we develop Web applications, we encounter these status codes and others, and often we make decisions about which ones to return without giving much thought to their meaning or context. It's time to take a deeper look at HTTP. Knowing the methods, headers, and status codes, what they mean, and how to use them can help you develop richer Internet applications. Join Ben Ramsey as he takes you on a journey through RFC 2616 to discover some of the gems of HTTP.

0c217b9a7dd0aa31ed40bd0f453727e1?s=128

Ben Ramsey
PRO

June 13, 2009
Tweet

Transcript

  1. Making the Most of HTTP In Your Apps Ben Ramsey

    • Dutch PHP Conference
 13 June 2009
  2. Why HTTP?

  3. Because you are a Web developer.

  4. HTTP is the Web.

  5. That’s all I have to say about that.

  6. Some properties of HTTP...

  7. ❖ A client-server architecture ❖ Atomic ❖ Cacheable ❖ A

    uniform interface ❖ Layered ❖ Code on demand
  8. Now, what does that sound like?

  9. REST!

  10. And, that’s all I have to say about that, too.

  11. Our focus today...

  12. ❖ Methods ❖ Status Codes ❖ Playing with raw HTTP

    ❖ HTTP in PHP
  13. Defining safe & idempotent methods

  14. Safe methods ❖ GET & HEAD should not take action

    other than retrieval ❖ These are considered safe ❖ Allows agents to represent POST, PUT, & DELETE in a special way
  15. Idempotence ❖ Side-effects of N > 0 identical requests is

    the same as for a single request ❖ GET, HEAD, PUT and DELETE share this property ❖ OPTIONS and TRACE are inherently idempotent
  16. Methods

  17. ❖ Retrieval of information ❖ Transfers a representation of a

    resource from the server to the client ❖ Safe ❖ Idempotent GET
  18. HEAD ❖ Identical to GET, except... ❖ Returns only the

    headers, not the body ❖ Useful for getting details about a resource representation before retrieving the full representation ❖ Safe ❖ Idempotent
  19. POST ❖ The body content should be accepted as a

    new subordinate of the resource ❖ Append, annotate, paste after ❖ Not safe ❖ Non-idempotent
  20. PUT ❖ Opposite of GET ❖ Storage of information ❖

    Transfers a representation of a resource from the client to the server ❖ Not safe ❖ Idempotent
  21. DELETE ❖ Requests that the resource identified be removed from

    public access ❖ Not safe ❖ Idempotent
  22. Other methods ❖ OPTIONS ❖ TRACE ❖ CONNECT

  23. Status codes

  24. ❖ Informational (1xx) ❖ Successful (2xx) ❖ Redirection (3xx) ❖

    Client error (4xx) ❖ Server error (5xx)
  25. Informational (1xx)

  26. 100 Continue

  27. 1.Client sends a request without a body and includes the

    Expect: 100-continue header and all other headers 2.Server determines whether it will accept the request and responds with 100 Continue (or a 4xx code on error) 3.Client sends the request again with the body and without the Expect header
  28. 1 POST /content/videos HTTP/1.1 Host: example.org Content-Type: video/mp4 Content-Length: 115910000

    Authorization: Basic bWFkZTp5b3VfbG9vaw== Expect: 100-continue
  29. 2 HTTP/1.1 413 Request Entity Too Large Date: Thu, 21

    May 2009 23:05:15 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 0 Connection: close Content-Type: text/html Failure state
  30. 2 HTTP/1.1 100 Continue Date: Thu, 21 May 2009 23:05:15

    GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 0 Content-Type: text/html Success state
  31. 3 POST /content/videos HTTP/1.1 Host: example.org Content-Type: video/mp4 Content-Length: 115910000

    Authorization: Basic bWFkZTp5b3VfbG9vaw== {binary video data}
  32. 4 HTTP/1.1 201 Created Date: Thu, 21 May 2009 23:05:34

    GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 119 Content-Type: text/html Location: http://example.org/content/videos/1234 <html><body><p>Video uploaded! Go <a href="http://example.org/content/videos/ 1234">here</a> to see it.</p></body></html>
  33. Successful (2xx)

  34. 200 OK GET /content/videos/1234 HTTP/1.1 Host: example.org HTTP/1.x 200 OK

    Date: Thu, 21 May 2009 23:08:35 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Type: video/mp4 Content-Length: 115910000 {binary data}
  35. 201 Created 1 POST /content/videos HTTP/1.1 Host: example.org Content-Type: video/mp4

    Content-Length: 115910000 Authorization: Basic bWFkZTp5b3VfbG9vaw== {binary video data}
  36. 201 Created 2 HTTP/1.x 201 Created Date: Thu, 21 May

    2009 23:05:34 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 120 Content-Type: text/html Location: http://example.org/content/videos/1234 <html><body><p>Video uploaded! Go <a href="http://example.org/content/videos/ 1234">here</a> to see it.</p></body></html>
  37. 202 Accepted 2 HTTP/1.x 202 Accepted Date: Thu, 21 May

    2009 23:05:34 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Content-Length: 137 Content-Type: text/html Location: http://example.org/content/videos/1234/status <html><body><p>Video processing! Check <a href="http://example.org/content/videos/1234/ status">here</a> for the status.</p></body></ html>
  38. 204 No Content 1 DELETE /content/videos/1234 HTTP/1.1 Host: example.org Authorization:

    Basic bWFkZTp5b3VfbG9vaw==
  39. 204 No Content 2 HTTP/1.x 204 No Content Date: Thu,

    21 May 2009 23:28:34 GMT
  40. 205 Reset Content “The server has fulfilled the request and

    the user agent SHOULD reset the document view which caused the request to be sent. This response is primarily intended to allow input for actions to take place via user input, followed by a clearing of the form in which the input is given so that the user can easily initiate another input action.”
  41. 206 Partial Content ❖ Used when requests are made for

    ranges of bytes from a resource ❖ Determine whether a server supports range requests by checking for the Accept-Ranges header with HEAD
  42. 1 HEAD /2390/2253727548_a413c88ab3_s.jpg HTTP/1.1 Host: farm3.static.flickr.com

  43. 2 HTTP/1.0 200 OK Date: Mon, 05 May 2008 00:33:14

    GMT Server: Apache/2.0.52 (Red Hat) Accept-Ranges: bytes Content-Length: 3980 Content-Type: image/jpeg
  44. 3 GET /2390/2253727548_a413c88ab3_s.jpg HTTP/1.1 Host: farm3.static.flickr.com Range: bytes=0-999

  45. 4 HTTP/1.0 206 Partial Content Date: Mon, 05 May 2008

    00:36:57 GMT Server: Apache/2.0.52 (Red Hat) Accept-Ranges: bytes Content-Length: 1000 Content-Range: bytes 0-999/3980 Content-Type: image/jpeg {binary data}
  46. Redirection (3xx)

  47. 303 See Other ❖ The response to your request can

    be found at another URL identified by the Location header ❖ The client should make a GET request on that URL ❖ The Location is not a substitute for this URL
  48. 307 Temporary Redirect ❖ The resource resides temporarily at the

    URL identified by the Location ❖ The Location may change, so don’t update your links ❖ If the request is not GET or HEAD, then you must allow the user to confirm the action
  49. 302 Found ❖ The resource has been found at another

    URL identified by the Location header ❖ The new URL might be temporary, so the client should continue to use this URL ❖ Redirections SHOULD be confirmed by the user (in practice, browsers don’t
  50. 301 Moved Permanently ❖ The resource has moved permanently to

    the URL indicated by the Location header ❖ You should update your links accordingly ❖ Great for forcing search engines, etc. to index the new URL instead of this one
  51. Client error (4xx)

  52. ❖ 400 Bad Request ❖ 401 Unauthorized / 403 Forbidden

    ❖ 404 Not Found ❖ 405 Method Not Allowed ❖ 410 Gone
  53. ❖ 411 Length Required ❖ 413 Request Entity Too Large

    ❖ 415 Unsupported Media Type ❖ 416 Requested Range Not Satisfiable
  54. Server error (5xx)

  55. ❖ 500 Internal Server Error ❖ 503 Service Unavailable

  56. Manipulating raw HTTP

  57. [bramsey@pippin ~] telnet phparch.com 80

  58. [bramsey@pippin ~] telnet phparch.com 80 Trying 64.34.173.96... Connected to phparch.com.

    Escape character is '^]'.
  59. [bramsey@pippin ~] telnet phparch.com 80 Trying 64.34.173.96... Connected to phparch.com.

    Escape character is '^]'. HEAD / HTTP/1.1 Host: phparch.com
  60. [bramsey@pippin ~] telnet phparch.com 80 Trying 64.34.173.96... Connected to phparch.com.

    Escape character is '^]'. HEAD / HTTP/1.1 Host: phparch.com HTTP/1.1 200 OK Date: Thu, 21 May 2009 21:01:06 GMT Server: Apache/2.2.9 (Debian) PHP/5.2.5 mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.5 Set-Cookie: PHPSESSID=eeeff50d3b6ae241c934a5c2671b0005; expires=Sun, 21 Jun 2009 21:01:07 GMT; path=/; domain=.phparch.com Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html; charset=utf-8 Connection closed by foreign host.
  61. Using HTTP in PHP

  62. ❖ header() function
 http://php.net/header ❖ Client URL library (cURL)
 http://php.net/curl

    ❖ Streams
 http://php.net/streams ❖ HTTP extension (pecl/http)
 http://php.net/http
  63. header() example

  64. <?php header('HTTP/1.x 201 Created'); header('Content-Type: application/xml'); header('Location: http://example.org/content/videos/1234'); echo $htmlBody;

    ?>
  65. HTTP/1.1 201 Created Date: Fri, 12 Jun 2009 13:53:38 GMT

    Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2 X-Powered-By: PHP/5.3.0RC2 Location: http://example.org/content/videos/1234 Content-Length: 120 Content-Type: text/html <html><body><p>Video uploaded! Go <a href="http://example.org/content/videos/ 1234">here</a> to see it.</p></body></html>
  66. cURL example

  67. // Send a DM to a Twitter friend $dm =

    array( 'user' => 'ramsey', 'text' => 'Hi! I\'m using your curl code!'); $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, "http://twitter.com/direct_messages/new.json"); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $dm); curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($curl, CURLOPT_USERPWD, "{$username}:{$password}"); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); // Suppress the Expect: 100-continue header that // cURL tries to send curl_setopt($curl, CURLOPT_HTTPHEADER, array('Expect:')); $response = curl_exec($curl); curl_close($curl);
  68. {"text":"Hi! I'm using your curl code!","sender": {"notifications":false,"profile_text_color":"333333","profile_image_url":"http:\/\/ s3.amazonaws.com\/twitter_production\/profile_images\/66941217\/ phpc_normal.png","description":"PHPC is

    a gathering place for the PHP community. It is about community and friendship.","profile_background_image_url":"http:\/\/s3.amazonaws.com\/ twitter_production\/profile_background_images\/3561102\/ php2.png","utc_offset":-18000,"time_zone":"Eastern Time (US & Canada)","created_at":"Tue Dec 09 18:05:32 +0000 2008","profile_link_color":"333366","screen_name":"phpc","profile_background_tile":false,"follow ers_count":2163,"profile_background_color":"000000","url":"http:\/\/phpcommunity.org \/","name":"PHP Community","friends_count":2146,"protected":false,"statuses_count": 213,"profile_sidebar_fill_color":"d4d5e8","profile_sidebar_border_color":"333333","following":fa lse,"favourites_count":0,"location":"#phpc on Freenode IRC","id": 17997273,"verified_profile":false},"created_at":"Fri Jun 12 14:08:34 +0000 2009","sender_id": 17997273,"sender_screen_name":"phpc","recipient_screen_name":"ramsey","recipient_id": 7794552,"id":170497722,"recipient": {"notifications":false,"profile_text_color":"000000","profile_image_url":"http:\/\/ s3.amazonaws.com\/twitter_production\/profile_images\/81619004\/bramsey- square_normal.png","description":"Dad, Software Architect, PHP, XML, web services, beer drinker, libertarian","profile_background_image_url":"http:\/\/static.twitter.com\/images\/themes\/ theme1\/bg.gif","utc_offset":-18000,"time_zone":"Eastern Time (US & Canada)","created_at":"Sun Jul 29 02:44:40 +0000 2007","profile_link_color":"0066CC","screen_name":"ramsey","profile_background_tile":false,"foll owers_count":817,"profile_background_color":"666666","url":"http:\/\/benramsey.com \/","name":"Ben Ramsey","friends_count":187,"protected":false,"statuses_count": 5062,"profile_sidebar_fill_color":"99ff66","profile_sidebar_border_color":"33cc00","following": 0,"favourites_count":23,"location":"Atlanta, GA, US","id":7794552,"verified_profile":false}}
  69. Questions? ❖ My website is benramsey.com ❖ Rate this talk

    at joind.in/576 ❖ Read the HTTP spec at
 tools.ietf.org/html/rfc2616 ❖ My company is Schematic
 schematic.com
  70. Making the Most of HTTP In Your Apps Copyright ©

    Ben Ramsey. Some rights reserved. This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License. For uses not covered under this license, please contact the author.