Upgrade to Pro — share decks privately, control downloads, hide ads and more …

HTTP (RubyMonsters Edition)

Konstantin Haase
February 09, 2015
Technology
5
770

HTTP (RubyMonsters Edition)

An introduction to HTTP

Konstantin Haase

February 09, 2015
Tweet

More Decks by Konstantin Haase

See All by Konstantin Haase
RubyConf Philippines 2017: Magenta is a Lie
rkh
0
170
How We Replaced Salary Negotiations with a Sinatra App
rkh
17
3.7k
GCRC 2015: Abstract Thoughts on Abstract Things
rkh
1
320
Frozen Rails: Magenta - The Art Of Abstraction
rkh
3
250
RedDotRubyConf 2014: Magenta is a Lie - and other tales of abstraction
rkh
0
590
Ancient City Ruby: Hack me, if you can!
rkh
2
360
Boston I/O: Continuous Integration
rkh
3
240
Steel City Ruby: Architecting Chaos
rkh
4
700
Distill: Death to Cookies
rkh
7
940

Other Decks in Technology

See All in Technology
ジョブキューシステムFireworqのアーキテクチャ設計と運用時のベストプラクティス
tarao
1
490
最先端の質問応答技術の研究開発と迅速な実用化ーStudio Ousiaでの取り組みー
ikuyamada
2
310
CloudFront + S3環境から Cloudflare R2 + Workers環境に移行した話
teckl
3
1.2k
How we build Ads Platform in Rust
mapbox_jp
1
190
実質無料で GraphQL Gateway を手に入れる / low-cost GraphQL Gateway
ywada526
0
220
データベース超入門(座学編)
nomu
0
230
ノーコードAI開発プラットフォーム「AIMINA」のシステム設計コンセプトと技術的チャレンジ
sbtechnight
PRO
0
290
いかにして文系新卒エンジニアが「大きな問い」を大事にするCTOになったのか
fujimura
2
430
権威DNSサービスへのDDoSと
ハイパフォーマンスなベンチマーカ / DNS Pseudo random subdomain attack and High performance Benchmarker
kazeburo
3
430
技育祭2023春 ちゅらデータ講演資料
foursue
1
310
「新卒エンジニアが1年間で顔を売るために取った行動100連発」/YAPC::Kyoto 2023 前日祭 ネコトーストラボ杯争奪東西対抗LTマッチ
arthur1
0
140
Grafana Lokiで始めるPodログ/k8s Events管理
nutslove
0
130

Featured

See All Featured
Facilitating Awesome Meetings
lara
34
4.7k
The Art of Programming - Codeland 2020
erikaheidi
36
11k
Reflections from 52 weeks, 52 projects
jeffersonlam
339
18k
GraphQLとの向き合い方2022年版
quramy
21
10k
The Language of Interfaces
destraynor
149
21k
Web development in the modern age
philhawksworth
197
9.6k
Keith and Marios Guide to Fast Websites
keithpitt
407
21k
How New CSS Is Changing Everything About Graphic Design on the Web
jensimmons
214
12k
How to Ace a Technical Interview
jacobian
270
22k
GraphQLの誤解/rethinking-graphql
sonatard
39
8k
Designing for Performance
lara
600
65k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
121
29k

Transcript

  1. HTTP
    { Hypertext Transfer Protocol }

    View Slide

  2. View Slide

  3. HTML
    HTTP

    View Slide

  4. View Slide

  5. View Slide

  6. https://speakerinnen.org/de/sign_up
    is translated to
    https://54.255.158.2:443/de/sign_up
    using the DNS protocol

    View Slide

  7. View Slide

  8. 4 Connect to the computer reachable under
    IP address 54.255.158.2
    4 Use an SSL/TLS encrypted TCP socket on
    port 443
    4 Speak HTTP
    4 Tell the server we know it as
    speakerinnen.org
    4 Access resource /de/sign_up

    View Slide

  9. Server listens on TCP port

    View Slide

  10. TCP socket
    4 Is opened when client connects to port
    4 Client and server can send each other
    messages

    View Slide

  11. Client starts speaking
    GET /de/sign_up HTTP/1.1
    Host: speakerinnen.org

    View Slide

  12. Server replies
    HTTP/1.1 200 OK
    Content-Type: text/html


    Speakerinnen*-Liste


    View Slide

  13. request vs response
    VERB path HTTP/1.1 HTTP/1.1 code description
    Header: Value Header: Value
    ... ...
    Body (if there is one) Body (if there is one)

    View Slide

  14. Resources
    4 identified by host and path
    4 allow multiple operations
    4 can have multiple representations
    speakerinnen.org/de/sign_up

    View Slide

  15. HTTP methods

    View Slide

  16. GET
    4 Request a resource in its current state.
    4 The standard operation.
    4 Request does not include a body.
    4 Request is safe (and idempotent).

    View Slide

  17. Safe? Idempotent?
    Resource state?
    What??

    View Slide

  18. Resource state
    4 Representations, headers and availability
    associated with a resource.
    4 /de/sign_up exists, is accessible, and has
    an HTML page with a form as its
    representation.

    View Slide

  19. Safe requests
    4 Safe requests do not change the state of
    a resource.
    4 HTTP client does not need to ask the user
    for permission to perform request.

    View Slide

  20. Idempotent requests
    4 The resource state will be the same after
    performing the request once or multiple
    times.
    4 HTTP client does not need to ask the user
    for permission to repeat the request.

    View Slide

  21. Non-idempotent requests
    4 Can't be sure about the resource state
    after multiple requests.
    4 HTTP client should always ask the user for
    confirmation.

    View Slide

  22. View Slide

  23. GET
    4 Request a resource in its current state.
    4 The standard operation.
    4 Request does not include a body.
    4 Request is safe (and idempotent).

    View Slide

  24. HEAD
    4 Same as GET, but there wont be a
    response body.
    4 Useful if you only care about the headers.
    4 Request is safe (and idempotent).

    View Slide

  25. POST
    4 "Do something dangerous."
    4 Default for requests that change
    something.
    4 Used for creating a new speakerinnen.
    4 Unsafe and non-idempotent.

    View Slide







  26. View Slide

  27. POST /de/profiles HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 49
    profile[email][email protected]&profile[password]=abc123

    View Slide

  28. PUT
    4 Writing a resource to a given path.
    4 Often used for uploads.
    4 Unsafe, but idempotent (yay).

    View Slide

  29. Other HTTP methods
    4 DELETE: Remove a resource, idempotent.
    4 OPTIONS: Learn about available methods
    and representations for a resource, safe.
    4 PATCH: Update a resource from a partial
    representation, non-idempotent.
    4 LINK and UNLINK: Create or destroy
    relations between resources, idempotent.

    View Slide

  30. View Slide

  31. Response Status
    4 1xx - informational
    4 2xx - success
    4 3xx - redirection
    4 4xx - client error
    4 5xx - server error

    View Slide

  32. If you don't know
    status xyz, treat it
    like x00.

    View Slide

  33. Examples
    4 303 See Other
    4 403 Forbidden
    4 404 File Not Found
    4 405 Method Not Allowed
    4 418 I'm a Teapot
    4 500 Internal Server Error

    View Slide

  34. Headers

    View Slide

  35. Common request headers
    4 Host: Domain name in URI.
    4 User-Agent: Client software used.
    4 Referer[sic]: Page user was on before.

    View Slide

  36. Safari on iPad
    User-Agent: Mozilla/5.0 (iPad; U; CPU OS
    3_2_1 like Mac OS X; en-us) AppleWebKit/
    531.21.10 (KHTML, like Gecko) Mobile/
    7B405

    View Slide

  37. View Slide

  38. Common response headers
    4 Server: Server software used.
    4 Last-Modified: The last time the resource
    state has changed.

    View Slide

  39. Representations

    View Slide

  40. The "file type" of the response
    or request body.

    View Slide

  41. We have seen two so far
    4 text/html
    4 application/x-www-form-urlencoded

    View Slide

  42. Other examples
    4 image/gif, image/png, image/jpeg
    4 text/plain, text/css, text/x-script.ruby
    4 application/javascript, application/
    json

    View Slide

  43. A resource can have
    multiple
    representations
    But we need to tell it which one we want

    View Slide

  44. We want a PNG image
    GET /resource HTTP/1.1
    Host: example.org
    Accept: image/png
    Server gives us PNG image
    HTTP/1.1 200 OK
    Content-Type: image/png
    [ png data ]

    View Slide

  45. We want a PNG image
    GET /resource HTTP/1.1
    Host: example.org
    Accept: image/png
    Resource doesn't have a PNG representation
    HTTP/1.1 406 Not Acceptable
    Content-Type: text/plain
    No PNG, sorry.

    View Slide

  46. We want any kind of image
    GET /resource HTTP/1.1
    Host: example.org
    Accept: image/*
    Server gives us PNG image
    HTTP/1.1 200 OK
    Content-Type: image/png
    [ png data ]

    View Slide

  47. We want a PNG or GIF image
    (but prefer PNG)
    GET /resource HTTP/1.1
    Host: example.org
    Accept: image/png; q=1.0,image/gif; q=0.5
    Server gives us PNG image
    HTTP/1.1 200 OK
    Content-Type: image/png
    [ png data ]

    View Slide

  48. The same works for language.
    GET /resource HTTP/1.1
    Host: example.org
    Accept-Language: en, de

    View Slide

  49. Cookies

    View Slide

  50. HTTP is stateless.
    Cookies are a way to attach state.

    View Slide

  51. HTTP/1.1 200 OK
    Set-Cookie: mycookie=foobar; HttpOnly
    Content-Type: text/plain
    Just gave you a cookie!

    View Slide

  52. GET /somepage HTTP/1.1
    Host: example.org
    Cookie: mycookie=foobar

    View Slide

  53. get '/' do
    name = session[:name]
    "Hello #{ name }!"
    end

    View Slide

  54. View Slide

  55. View Slide

  56. Thank You!

    View Slide