$30 off During Our Annual Pro Sale. View Details »

Making the Most of HTTP In Your Apps (php|tek 2009)

Ben Ramsey
PRO
May 22, 2009
Programming
0
95

Making the Most of HTTP In Your Apps (php|tek 2009)

200, 404, 302. Is it a lock combination? A phone number? No, they're HTTP status codes! As we develop Web applications, we encounter these status codes and others, and often we make decisions about which ones to return without giving much thought to their meaning or context. It's time to take a deeper look at HTTP. Knowing the methods, headers, and status codes, what they mean, and how to use them can help you develop richer Internet applications. Join Ben Ramsey as he takes you on a journey through RFC 2616 to discover some of the gems of HTTP.

Ben Ramsey
PRO

May 22, 2009
Tweet

More Decks by Ben Ramsey

See All by Ben Ramsey
Internationalization & Localization With PHP (Longhorn PHP 2023)
ramsey
PRO
0
72
Let's Build a Composer Package (Longhorn PHP 2023)
ramsey
PRO
0
82
Put a UUID On It! (php[tek] 2023)
ramsey
PRO
0
110
Cool Tools for PHP Development (php[tek] 2023)
ramsey
PRO
0
140
Cool Tools for PHP Development (Nashville PHP April 2023)
ramsey
PRO
0
11
Cool Tools for PHP Development (MergePHP January 2022)
ramsey
PRO
1
400
Cool Tools for PHP Development (php[MiNDS] August 2021)
ramsey
PRO
0
60
Cool Tools for PHP Development (Essex Web July 2021)
ramsey
PRO
0
36
Cool Tools for PHP Development (PHPUGMRN June 2021)
ramsey
PRO
0
730

Other Decks in Programming

See All in Programming
Java 8 から 21 へのバージョンアップでどう変わる?:実アプリケーションで学ぶ実装のポイント / 20231111 Key Implementation Points from Java 8 to 21
mackey0225
6
520
Voicyの生放送リスナー画面で パフォーマンスチューニングした話
miyuki2203
0
100
エンジニアだけでスポンサーブースを出したら大変なことになった
zakky21
1
330
実践PubSubマイクロサービス / Implementation Pub Sub microservice
nrslib
3
940
MTDDC Meetup TOKYO 2023
chinen
1
190
バイナリビューアを使ってクラスファイルを読んでみよう! #jjug_ccc
yujisoftware
1
270
JavaScript なしで動作するモダンなコードの書き方
azukiazusa1
14
8.9k
壓力測試大冒險:解鎖應用程式的隱藏性能之謎
marcustung
0
140
Introducing Kotlin Multiplatform in an existing mobile app - Workshop Edition | DevFest Berlin 23
prof18
0
190
クソアプリを作ってみた💩 / kusojaku
uhooi
0
160
Input object ではじめる入力値検証/input-value-validation-using-input-object
sanfrecce_osaka
0
200
リーンスタートアップのリーンな品質の話
techouse
0
340

Featured

See All Featured
Mobile First: as difficult as doing things right
swwweet
214
8.3k
Build your cross-platform service in a week with App Engine
jlugia
223
17k
Designing for Performance
lara
601
66k
Testing 201, or: Great Expectations
jmmastey
26
6.1k
We Have a Design System, Now What?
morganepeng
41
6.4k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
13
5.9k
Agile that works and the tools we love
rasmusluckow
323
20k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
52
19k
Streamline your AJAX requests with AmplifyJS and jQuery
dougneiner
130
9.8k
Why Our Code Smells
bkeepers
PRO
329
56k
Producing Creativity
orderedlist
PRO
336
38k
Practical Orchestrator
shlominoach
179
9.4k

Transcript

  1. Making the Most of
    HTTP In Your Apps
    Ben Ramsey • php|tek • 22 May 2009

    View Slide

  2. Why HTTP?

    View Slide

  3. Because you are a
    Web developer.

    View Slide

  4. HTTP is the Web.

    View Slide

  5. That’s all I have to
    say about that.

    View Slide

  6. Some properties of
    HTTP...

    View Slide

  7. ❖ A client-server architecture
    ❖ Atomic
    ❖ Cacheable
    ❖ A uniform interface
    ❖ Layered
    ❖ Code on demand

    View Slide

  8. Now, what does
    that sound like?

    View Slide

  9. REST!

    View Slide

  10. And, that’s all I have
    to say about that,
    too.

    View Slide

  11. Our focus today...

    View Slide

  12. ❖ Methods
    ❖ Status Codes
    ❖ Playing with raw HTTP
    ❖ HTTP in PHP

    View Slide

  13. Defining safe &
    idempotent
    methods

    View Slide

  14. Safe methods
    ❖ GET & HEAD should not take action
    other than retrieval
    ❖ These are considered safe
    ❖ Allows agents to represent POST, PUT, &
    DELETE in a special way

    View Slide

  15. Idempotence
    ❖ Side-effects of N > 0 identical requests is
    the same as for a single request
    ❖ GET, HEAD, PUT and DELETE share this
    property
    ❖ OPTIONS and TRACE are inherently
    idempotent

    View Slide

  16. Methods

    View Slide

  17. ❖ Retrieval of information
    ❖ Transfers a representation of a resource
    from the server to the client
    ❖ Safe
    ❖ Idempotent
    GET

    View Slide

  18. HEAD
    ❖ Identical to GET, except...
    ❖ Returns only the headers, not the body
    ❖ Useful for getting details about a
    resource representation before retrieving
    the full representation
    ❖ Safe
    ❖ Idempotent

    View Slide

  19. POST
    ❖ The body content should be accepted as
    a new subordinate of the resource
    ❖ Append, annotate, paste after
    ❖ Not safe
    ❖ Non-idempotent

    View Slide

  20. PUT
    ❖ Opposite of GET
    ❖ Storage of information
    ❖ Transfers a representation of a resource
    from the client to the server
    ❖ Not safe
    ❖ Idempotent

    View Slide

  21. DELETE
    ❖ Requests that the resource identified be
    removed from public access
    ❖ Not safe
    ❖ Idempotent

    View Slide

  22. Other methods
    ❖ OPTIONS
    ❖ TRACE
    ❖ CONNECT

    View Slide

  23. Status codes

    View Slide

  24. ❖ Informational (1xx)
    ❖ Successful (2xx)
    ❖ Redirection (3xx)
    ❖ Client error (4xx)
    ❖ Server error (5xx)

    View Slide

  25. Informational (1xx)

    View Slide

  26. 100 Continue

    View Slide

  27. 1. Client sends a request without a body
    and includes the Expect: 100-continue
    header and all other headers
    2. Server determines whether it will accept
    the request and responds with 100
    Continue (or a 4xx code on error)
    3. Client sends the request again with the
    body and without the Expect header

    View Slide

  28. 1
    POST /content/videos HTTP/1.1
    Host: example.org
    Content-Type: video/mp4
    Content-Length: 115910000
    Authorization: Basic bWFkZTp5b3VfbG9vaw==
    Expect: 100-continue

    View Slide

  29. 2
    HTTP/1.1 413 Request Entity Too Large
    Date: Thu, 21 May 2009 23:05:15 GMT
    Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
    X-Powered-By: PHP/5.3.0RC2
    Content-Length: 0
    Connection: close
    Content-Type: text/html
    Failure state

    View Slide

  30. 2
    HTTP/1.1 100 Continue
    Date: Thu, 21 May 2009 23:05:15 GMT
    Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
    X-Powered-By: PHP/5.3.0RC2
    Content-Length: 0
    Content-Type: text/html
    Success state

    View Slide

  31. 3
    POST /content/videos HTTP/1.1
    Host: example.org
    Content-Type: video/mp4
    Content-Length: 115910000
    Authorization: Basic bWFkZTp5b3VfbG9vaw==
    {binary video data}

    View Slide

  32. 4
    HTTP/1.1 201 Created
    Date: Thu, 21 May 2009 23:05:34 GMT
    Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
    X-Powered-By: PHP/5.3.0RC2
    Content-Length: 119
    Content-Type: text/html
    Location: http://example.org/content/videos/1234
    Video uploaded! Go href="http://example.org/content/videos/
    1234">here to see it.

    View Slide

  33. Successful (2xx)

    View Slide

  34. 200 OK
    GET /content/videos/1234 HTTP/1.1
    Host: example.org
    HTTP/1.x 200 OK
    Date: Thu, 21 May 2009 23:08:35 GMT
    Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
    X-Powered-By: PHP/5.3.0RC2
    Content-Type: video/mp4
    Content-Length: 115910000
    {binary data}

    View Slide

  35. 201 Created
    1
    POST /content/videos HTTP/1.1
    Host: example.org
    Content-Type: video/mp4
    Content-Length: 115910000
    Authorization: Basic bWFkZTp5b3VfbG9vaw==
    {binary video data}

    View Slide

  36. 201 Created
    2
    HTTP/1.x 201 Created
    Date: Thu, 21 May 2009 23:05:34 GMT
    Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
    X-Powered-By: PHP/5.3.0RC2
    Content-Length: 119
    Content-Type: text/html
    Location: http://example.org/content/videos/1234
    Video uploaded! Go href="http://example.org/content/videos/
    1234">here to see it.

    View Slide

  37. 202 Accepted
    2
    HTTP/1.x 202 Accepted
    Date: Thu, 21 May 2009 23:05:34 GMT
    Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2
    X-Powered-By: PHP/5.3.0RC2
    Content-Length: 137
    Content-Type: text/html
    Location:
    http://example.org/content/videos/1234/status
    Video processing! Check href="http://example.org/content/videos/1234/
    status">here for the status.
    html>

    View Slide

  38. 204 No Content
    1
    DELETE /content/videos/1234 HTTP/1.1
    Host: example.org
    Authorization: Basic bWFkZTp5b3VfbG9vaw==

    View Slide

  39. 204 No Content
    2
    HTTP/1.x 204 No Content
    Date: Thu, 21 May 2009 23:28:34 GMT

    View Slide

  40. 205 Reset Content
    “The server has fulfilled the request and
    the user agent SHOULD reset the
    document view which caused the request
    to be sent. This response is primarily
    intended to allow input for actions to take
    place via user input, followed by a clearing
    of the form in which the input is given so
    that the user can easily initiate another
    input action.”

    View Slide

  41. 206 Partial Content
    ❖ Used when requests are made for
    ranges of bytes from a resource
    ❖ Determine whether a server supports
    range requests by checking for the
    Accept-Ranges header with HEAD

    View Slide

  42. 1
    HEAD /2390/2253727548_a413c88ab3_s.jpg
    HTTP/1.1
    Host: farm3.static.flickr.com

    View Slide

  43. 2
    HTTP/1.0 200 OK
    Date: Mon, 05 May 2008 00:33:14 GMT
    Server: Apache/2.0.52 (Red Hat)
    Accept-Ranges: bytes
    Content-Length: 3980
    Content-Type: image/jpeg

    View Slide

  44. 3
    GET /2390/2253727548_a413c88ab3_s.jpg HTTP/1.1
    Host: farm3.static.flickr.com
    Range: bytes=0-999

    View Slide

  45. 4
    HTTP/1.0 206 Partial Content
    Date: Mon, 05 May 2008 00:36:57 GMT
    Server: Apache/2.0.52 (Red Hat)
    Accept-Ranges: bytes
    Content-Length: 1000
    Content-Range: bytes 0-999/3980
    Content-Type: image/jpeg
    {binary data}

    View Slide

  46. Redirection (3xx)

    View Slide

  47. 303 See Other
    ❖ The response to your request can be
    found at another URL identified by the
    Location header
    ❖ The client should make a GET request
    on that URL
    ❖ The Location is not a substitute for this
    URL

    View Slide

  48. 307 Temporary
    Redirect
    ❖ The resource resides temporarily at the
    URL identified by the Location
    ❖ The Location may change, so don’t
    update your links
    ❖ If the request is not GET or HEAD, then
    you must allow the user to confirm the
    action

    View Slide

  49. 302 Found
    ❖ The resource has been found at another
    URL identified by the Location header
    ❖ The new URL might be temporary, so the
    client should continue to use this URL
    ❖ Redirections SHOULD be confirmed by
    the user (in practice, browsers don’t
    respect this)

    View Slide

  50. 301 Moved
    Permanently
    ❖ The resource has moved permanently to
    the URL indicated by the Location
    header
    ❖ You should update your links accordingly
    ❖ Great for forcing search engines, etc. to
    index the new URL instead of this one

    View Slide

  51. Client error (4xx)

    View Slide

  52. ❖ 400 Bad Request
    ❖ 401 Unauthorized / 403 Forbidden
    ❖ 404 Not Found
    ❖ 405 Method Not Allowed
    ❖ 410 Gone

    View Slide

  53. ❖ 411 Length Required
    ❖ 413 Request Entity Too Large
    ❖ 415 Unsupported Media Type
    ❖ 416 Requested Range Not Satisfiable

    View Slide

  54. Server error (5xx)

    View Slide

  55. ❖ 500 Internal Server Error
    ❖ 503 Service Unavailable

    View Slide

  56. Manipulating raw
    HTTP

    View Slide

  57. [bramsey@pippin ~] telnet phparch.com 80

    View Slide

  58. [bramsey@pippin ~] telnet phparch.com 80
    Trying 64.34.173.96...
    Connected to phparch.com.
    Escape character is '^]'.

    View Slide

  59. [bramsey@pippin ~] telnet phparch.com 80
    Trying 64.34.173.96...
    Connected to phparch.com.
    Escape character is '^]'.
    HEAD / HTTP/1.1
    Host: phparch.com

    View Slide

  60. [bramsey@pippin ~] telnet phparch.com 80
    Trying 64.34.173.96...
    Connected to phparch.com.
    Escape character is '^]'.
    HEAD / HTTP/1.1
    Host: phparch.com
    HTTP/1.1 200 OK
    Date: Thu, 21 May 2009 21:01:06 GMT
    Server: Apache/2.2.9 (Debian) PHP/5.2.5 mod_ssl/2.2.9
    OpenSSL/0.9.8g
    X-Powered-By: PHP/5.2.5
    Set-Cookie: PHPSESSID=eeeff50d3b6ae241c934a5c2671b0005;
    expires=Sun, 21 Jun 2009 21:01:07 GMT; path=/;
    domain=.phparch.com
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate,
    post-check=0, pre-check=0
    Pragma: no-cache
    Content-Type: text/html; charset=utf-8
    Connection closed by foreign host.

    View Slide

  61. Using HTTP in PHP

    View Slide

  62. ❖ header() function
    http://php.net/header
    ❖ Client URL library (cURL)
    http://php.net/curl
    ❖ Streams
    http://php.net/streams
    ❖ HTTP extension (pecl/http)
    http://php.net/http

    View Slide

  63. Questions?
    ❖ Slides posted at benramsey.com
    ❖ Rate this talk at joind.in/213
    ❖ Read the HTTP spec at
    tools.ietf.org/html/rfc2616
    ❖ My company is Schematic
    schematic.com

    View Slide