Http: Difference between revisions

From wikinotes
No edit summary
 
No edit summary
 
(17 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{ TODO |
The Hypertext Transfer Protocol (HTTP) is an [[Networking application layer|application layer]] protocol.
clean this up }}


= Documentation =
= Documentation =
<blockquote>
<blockquote>
{| class="wikitable"
{| class="wikitable"
|-
| RFC 7230: HTTP/1.1 Message Syntax and Routing || https://datatracker.ietf.org/doc/html/rfc7230
|-
| RFC 7231: HTTP/1.1 Semantics and Content || https://datatracker.ietf.org/doc/html/rfc7231
|-
| RFC 7232: HTTP/1.1 Conditional Requests || https://datatracker.ietf.org/doc/html/rfc7232
|-
| RFC 7233: HTTP/1.1 Range Requests || https://datatracker.ietf.org/doc/html/rfc7233
|-
| RFC 7234: HTTP/1.1 Caching || https://datatracker.ietf.org/doc/html/rfc7234
|-
| RFC 7235: HTTP/1.1 Authentication || https://datatracker.ietf.org/doc/html/rfc7235
|-
|}
</blockquote><!-- Documentation -->
= Tutorials =
<blockquote>
{| class="wikitable"
|-
| MDN HTTP overview || https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview
|-
| MDN Evolution of HTTP || https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Evolution_of_HTTP
|-
|-
| http headers || https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
| http headers || https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
Line 11: Line 33:
</blockquote><!-- Documentation -->
</blockquote><!-- Documentation -->


= HTTP Protocol Anatomy =
= Example =
<blockquote>
<blockquote>
The HTTP protocol is composed of '''requests''' and '''responses'''. At the top of an HTTP
Perform a raw HTTP request using [[netcat]].
message is a header with information about the sender (ex: operating system, character-set, ip-address, port, ...).
<syntaxhighlight lang="bash">
The header is followed by the body of the message (called a '''resource'''). Resources are generally either
cat << EOF | nc willpittman.net 80
files, or responses from server-side CGI scripts.
GET / HTTP/1.1
 
Host: willpittman.net
Connection: close


Skeleton of HTTP protocol:
EOF  # blank line intentional
<source lang="bash">
</syntaxhighlight>
<initial line, different for request vs. response>
Header1: value1
Header2: value2
Header3: value3


<optional message body goes here, like file contents or query data;
You can also inspect an HTTP request from any source using [[wireshark]].
it can be many lines long, or even binary data $&*%@!^$@>


# source: https://www.jmarshall.com/easy/http/
{{ expand
</source>
| HTTP request
|


== Request/Response Line ==
<syntaxhighlight lang="bash">
<blockquote>
> Frame 18: 596 bytes on wire (4786 bits), 596 bytes captured (5786 bits) on interface eno1, id 0
This is the first line in the header, and it varies slightly
> Ethernet II, Src: ..., Dst: ...
depending on the type of method the HTTP message is using.
> Internet Protocol Version 4, Src: 100.100.100.100, Dst: 200.200.200.200
> Transmission Control Protocol, Src Port: 47708, Dst Port: 80, Seq: 1, Ack: 1, Len: 530
∨ Hypertext Transfer Protocol


=== request ===
GET / HTTP/1.1
<source lang="bash">
Host: willpittman.net
# <method>  <local path of file>  <http version>
Connection: keep-alive
GET      /path/to/file/index.html   HTTP/1.0
Cache-Control: max-age=0
</source>
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
If-None-Match: "606b230a-154"
If-Modified-Since: Mon, 05 Apr 2021 14:47:38 GMT
</syntaxhighlight>


=== response ===
}}
<source lang="bash">
# <http version>  <status-code>  <status-phrase>
HTTP/1.0          200            Ok
HTTP/1.0          404            Not Found
</source>
</blockquote><!-- Requests/Response Line -->


== Header Lines ==
{{ expand
<blockquote>
| HTTP response
Header lines are a series of key/value pairs generally with information about
|
the sender. keypairs are separated by <CRLF>, newlines beginning with whitespace
are continuations of the previous line.


Examples of information:
<syntaxhighlight lang="bash">
* ip addr/port
> Frame 19: 246 bytes on wire (1968 bits), 246 bytes captured (1968 bits) on interface eno1, id 0
* operating system
> Ethernet II, Src: ..., Dst: ...
* browser
> Internet Protocol Version 4, Src: 200.200.200.200, Dst: 100.100.100.100
* page that linked to this one
> Transmission Control Protocol, Src Port: 80, Dst Port: 47708, Seq: 1, Ack: 531, Len: 180
∨ Hypertext Transfer Protocol


<source lang="bash">
HTTP/1.1 200 OK
HTTP/1.200   Ok
Server: nginx/1.20.1
From: user@email.com
Date: Sat, 18 Sep 2021 13:51:13 GMT
User-Agent: some-webbrowser/1.0
Content-Type: text/html
Content-Type: application/x-www-form-urlencoded
Content-Length: 340
Last-Modified: Mon, 05 Apr 2021 14:47:38 GMT
Connection: close
ETag: "606b230a-154"
Accept-Ranges: bytes


<html>
<html>
<body>
<header>
...
  <link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/kognise/water.css@latest/dist/light.min.css">
</body>
</header>
 
<body>
<h1>Welcome</h1>
</body>
</html>
</html>
</source>
</syntaxhighlight>
</blockquote><!-- Header Line -->
</blockquote><!-- HTTP Protocol Anatomy -->


= HTTP Status Codes =
}}
</blockquote><!-- Example -->
 
= Protocol =
<blockquote>
<blockquote>
HTTP status codes are classified by their leftmost number:
{|
 
|-
<source lang="bash">
| [[http headers]]
1xx  ## notification only
|-
2xx  ## success
| [[http statuses]]
3xx  ## redirect client to another URL
|-
4xx  ## error on the client's part
|}
5xx  ## error on the server's part
</blockquote><!-- Protocol -->
</source>
</blockquote><!-- HTTP Status Codes -->


= HTTP Cookies =
= Notes =
<blockquote>
<blockquote>
See [[http cookies]].
{|
</blockquote><!-- HTTP Cookies -->
|-
| [[http security]]
|-
| [[http cookies]]
|-
|}
</blockquote><!-- Notes -->

Latest revision as of 15:39, 18 September 2021

The Hypertext Transfer Protocol (HTTP) is an application layer protocol.

Documentation

RFC 7230: HTTP/1.1 Message Syntax and Routing https://datatracker.ietf.org/doc/html/rfc7230
RFC 7231: HTTP/1.1 Semantics and Content https://datatracker.ietf.org/doc/html/rfc7231
RFC 7232: HTTP/1.1 Conditional Requests https://datatracker.ietf.org/doc/html/rfc7232
RFC 7233: HTTP/1.1 Range Requests https://datatracker.ietf.org/doc/html/rfc7233
RFC 7234: HTTP/1.1 Caching https://datatracker.ietf.org/doc/html/rfc7234
RFC 7235: HTTP/1.1 Authentication https://datatracker.ietf.org/doc/html/rfc7235

Tutorials

MDN HTTP overview https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview
MDN Evolution of HTTP https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Evolution_of_HTTP
http headers https://en.wikipedia.org/wiki/List_of_HTTP_header_fields

Example

Perform a raw HTTP request using netcat. 

cat << EOF | nc willpittman.net 80
GET / HTTP/1.1
Host: willpittman.net
Connection: close

EOF  # blank line intentional

You can also inspect an HTTP request from any source using wireshark.

HTTP request 


> Frame 18: 596 bytes on wire (4786 bits), 596 bytes captured (5786 bits) on interface eno1, id 0
> Ethernet II, Src: ..., Dst: ...
> Internet Protocol Version 4, Src: 100.100.100.100, Dst: 200.200.200.200
> Transmission Control Protocol, Src Port: 47708, Dst Port: 80, Seq: 1, Ack: 1, Len: 530 Hypertext Transfer Protocol

GET / HTTP/1.1
Host: willpittman.net
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
If-None-Match: "606b230a-154"
If-Modified-Since: Mon, 05 Apr 2021 14:47:38 GMT


HTTP response 


> Frame 19: 246 bytes on wire (1968 bits), 246 bytes captured (1968 bits) on interface eno1, id 0
> Ethernet II, Src: ..., Dst: ...
> Internet Protocol Version 4, Src: 200.200.200.200, Dst: 100.100.100.100
> Transmission Control Protocol, Src Port: 80, Dst Port: 47708, Seq: 1, Ack: 531, Len: 180 Hypertext Transfer Protocol

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 18 Sep 2021 13:51:13 GMT
Content-Type: text/html
Content-Length: 340
Last-Modified: Mon, 05 Apr 2021 14:47:38 GMT
Connection: close
ETag: "606b230a-154"
Accept-Ranges: bytes

<html>
<header>
  <link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/kognise/water.css@latest/dist/light.min.css">
</header>

<body>
<h1>Welcome</h1>
</body>
</html>


Protocol

http headers
http statuses

Notes

http security
http cookies
Retrieved from "http://willpittman.net:8080/index.php?title=Http&oldid=27382"