Softpanorama

Home Switchboard Unix Administration Red Hat TCP/IP Networks Neoliberalism Toxic Managers
May the source be with you, but remember the KISS principle ;-)
Skepticism and critical thinking is not panacea, but can help to understand the world better

HTTP Protocol

News

See also

Recommended Links

Tutorials

Reference

 HTML Editors

Frontpage

Perl Wiki
Curl wget httping lftp -- an excellent, scriptable FTP/SFTP client Mirroring Tools Web servers Apache Webserver Perl CGI Scripting

HTML Beautifiers

HTTP Servers Log Analyses

SSI

Search and Replace

WWW Maintenance Perl Scripts

Html, DHML and style sheets

HTTP Return Codes

Logs
processing scripts
Web site monitoring Search Engines Perl HTML Processors and Converters WWW/html_prettyprinting.shtml Perl HTTP Logs Processing Scripts   Humor Etc

Early versions of the WWW developed a reputation as a versatile and convenient tool for accessing mission-critical data at the European Laboratory for Particle Physics (CERN).

Paradoxically the Web tools Tim Berners-Lee developed were the most successful and were widely regarded as the best way to access the CERN phone directory. Please note, that the first successful WWW application was not distribution of published papers it was a gateway to an existing and important application. Of course, the versatility of  WWW became clearer as the technology spread among high energy physics institutions and then to the outside world. But is it really an accident that the Web took off as a gateway to existing information system? I think this is not an accident and that's why WWW served as a launch pad for several scripting languages, including Perl, JavaScript, PHP and Python.

As Oleg Kiselyov noted in his Login - Speaking HTTP paper:

...HTTP is useful in its own right, for example, as a good file-distribution protocol with a number of important advantages over ftp. This article gives an example how to speak HTTP and get understood.

... By definition[1], HTTP is a request/response protocol that exchanges messages in a format similar to that used by Internet mail (MIME). An HTTP transaction is essentially a remote procedure call. It is usually a blocking call, although HTTP/1.1 provides for asynchronous and batch modes. HTTP allows intermediaries (caches, proxies) to cut into the response-reply chain.

An operation to execute remotely is expressed in HTTP as an application of a request method to a resource. Additional parameters, if needed, are communicated via request headers or a request body. The request body may be an arbitrary octet-stream. The HTTP/1.1 standard defines methods GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, and CONNECT. A particular server may accept many others. This extensibility is a rather notable feature of HTTP. The parties can use not only custom methods but custom request and reply headers as well. In addition, a client and a server may exchange meta-information via "name=value" attribute pairs of the standard "Content-Type:" header.

Most of the HTTP transactions performed every day are done behind the scenes by browsers, proxies, robots, and servers. Yet the protocol is so simple that one can easily speak it oneself. The only requirement is a language or tool that is able to manipulate text strings and establish TCP connections. Even a simple telnet application may do in a pinch, which is often useful for debugging. Server-side programming is less demanding: a servlet or a scriptlet does not need to bother with the network connectivity, authentication, access restrictions, SSL, and other similar chores. Server modules or FastCGI give a server-side programmer even more tools: load-balancing, persistence, database connectivity, etc. This article demonstrates how to use Perl scripts to speak and respond HTTP directly.

HTTP Headers

HTTP header fields are components of the message header of requests and responses in the Hypertext Transfer Protocol (HTTP). They define the operating parameters of an HTTP transaction.

The header fields are transmitted after the request or response line, the first line of a message. Header fields are colon-separated name-value pairs in clear-text string format, terminated by a carriage return (CR) and line feed (LF) character sequence. The end of the header fields is indicated by an empty field, resulting in the transmission of two consecutive CR-LF pairs. Long lines can be folded into multiple lines; continuation lines are indicated by presence of space (SP) or horizontal tab (HT) as first character on next line.[1] Few fields can also contain comments (i.e. in. User-Agent, Server, Via fields), which can be ignored by software.[2]

A core set of fields is standardized by the Internet Engineering Task Force (IETF) in RFC 2616 and other updates and extension documents (e.g., RFC 4229), and must be implemented by all HTTP-compliant protocol implementations. Additional field names and permissible values may be defined by each application.

The permanent registry of headers and repository of provisional registrations are maintained by the IANA.

Many field values may contain a quality (q) key-value pair, specifying a weight to use in content negotiation.[3]

There is no limits to size of each header field name or value, or number of headers in standard itself. However most servers, clients and proxy software impose some limits for practical and security reasons. For example Apache 2.3 server by default limits each header size to 8190 bytes, and there can be at most 100 headers in single request.[4]

Requests

Field name Description Example
Accept Content-Types that are acceptable Accept: text/plain
Accept-Charset Character sets that are acceptable Accept-Charset: utf-8
Accept-Encoding Acceptable encodings. See HTTP compression. Accept-Encoding: gzip, deflate
Accept-Language Acceptable languages for response Accept-Language: en-US
Accept-Datetime Acceptable version in time Accept-Datetime: Thu, 31 May 2007 20:35:00 GMT
Authorization Authentication credentials for HTTP authentication Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Cache-Control Used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain Cache-Control: no-cache
Connection What type of connection the user-agent would prefer Connection: keep-alive
Cookie an HTTP cookie previously sent by the server with Set-Cookie (below) Cookie: $Version=1; Skin=new;
Content-Length The length of the request body in octets (8-bit bytes) Content-Length: 348
Content-MD5 A Base64-encoded binary MD5 sum of the content of the request body Content-MD5: Q2hlY2sgSW50ZWdyaXR5IQ==
Content-Type The MIME type of the body of the request (used with POST and PUT requests) Content-Type: application/x-www-form-urlencoded
Date The date and time that the message was sent Date: Tue, 15 Nov 1994 08:12:31 GMT
Expect Indicates that particular server behaviors are required by the client Expect: 100-continue
From The email address of the user making the request From: user@example.com
Host The domain name of the server (for virtual hosting), and the TCP port number on which the server is listening. The port number may be omitted if the port is the standard port for the service requested.[5] Mandatory since HTTP/1.1. Although domain name are specified as case-insensitive,[6][7] it is not specified whether the contents of the Host field should be interpreted in a case-insensitive manner[8] and in practice some implementations of virtual hosting interpret the contents of the Host field in a case-sensitive manner.[citation needed] Host: en.wikipedia.org:80

Host: en.wikipedia.org

If-Match Only perform the action if the client supplied entity matches the same entity on the server. This is mainly for methods like PUT to only update a resource if it has not been modified since the user last updated it. If-Match: "737060cd8c284d8af7ad3082f209582d"
If-Modified-Since Allows a 304 Not Modified to be returned if content is unchanged If-Modified-Since: Sat, 29 Oct 1994 19:43:31 GMT
If-None-Match Allows a 304 Not Modified to be returned if content is unchanged, see HTTP ETag If-None-Match: "737060cd8c284d8af7ad3082f209582d"
If-Range If the entity is unchanged, send me the part(s) that I am missing; otherwise, send me the entire new entity If-Range: "737060cd8c284d8af7ad3082f209582d"
If-Unmodified-Since Only send the response if the entity has not been modified since a specific time. If-Unmodified-Since: Sat, 29 Oct 1994 19:43:31 GMT
Max-Forwards Limit the number of times the message can be forwarded through proxies or gateways. Max-Forwards: 10
Pragma Implementation-specific headers that may have various effects anywhere along the request-response chain. Pragma: no-cache
Proxy-Authorization Authorization credentials for connecting to a proxy. Proxy-Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Range Request only part of an entity. Bytes are numbered from 0. Range: bytes=500-999
Referer[sic] This is the address of the previous web page from which a link to the currently requested page was followed. (The word "referrer" is misspelled in the RFC as well as in most implementations.) Referer: http://en.wikipedia.org/wiki/Main_Page
TE The transfer encodings the user agent is willing to accept: the same values as for the response header Transfer-Encoding can be used, plus the "trailers" value (related to the "chunked" transfer method) to notify the server it expects to receive additional headers (the trailers) after the last, zero-sized, chunk. TE: trailers, deflate
Upgrade Ask the server to upgrade to another protocol. Upgrade: HTTP/2.0, SHTTP/1.3, IRC/6.9, RTA/x11
User-Agent The user agent string of the user agent User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0
Via Informs the server of proxies through which the request was sent. Via: 1.0 fred, 1.1 nowhere.com (Apache/1.1)
Warning A general warning about possible problems with the entity body. Warning: 199 Miscellaneous warning

Top Visited
Switchboard
Latest
Past week
Past month

NEWS CONTENTS

Old News ;-)

Reference


Etc

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D


Copyright 1996-2018 by Dr. Nikolai Bezroukov. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) in the author free time and without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info

Disclaimer:

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: January 09, 2020