HTTP Protocols

The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative,
hypermedia information systems. This is the foundation for data communication for the World Wide
Web (i.e. internet) since 1990.

The default port is TCP 80

Basic Features

HTTP is connectionless: The HTTP client, i.e., a browser initiates an HTTP request and after a
request is made, the client waits for the response. The server processes the request and sends a
response back after which client disconnect the connection. So client and server knows about each
other during current request and response only. Further requests are made on new connection like
client and server are new to each other.

HTTP is media independent: It means, any type of data can be sent by HTTP as long as both
the client and the server know how to handle the data content. It is required for the client as well as the
server to specify the content type using appropriate MIME-type.

-HTTP is stateless: As mentioned above, HTTP is connectionless and it is a direct result of HTTP
being a stateless protocol. The server and client are aware of each other only during a current request.
Afterwards, both of them forget about each other. Due to this nature of the protocol, neither the client
nor the browser can retain information between different requests across the web pages.

Difference HTTP1.0 , HTTP 1.1 & HTTP 2.0 and ES7 standard
Request multiplexing
HTTP/2 can send multiple requests for data in parallel over a single TCP connection. This is the most
advanced feature of the HTTP/2 protocol because it allows you to download web files asynchronously
from one server. Most modern browsers limit TCP connections to one server.

HTTP/2 Server Push

This capability allows the server to send additional cacheable information to the client that isn’t
requested but is anticipated in future requests. For example, if the client requests for the resource X and
it is understood that the resource Y is referenced with the requested file, the server can choose to push
Y along with X instead of waiting for an appropriate client request.
 Methods (GET, POST, HEAD, PUT, DELETE
GET

The GET method is used to retrieve information from the given server using a given URI. Requests using
GET should only retrieve data and should have no other effect on the data.

HEAD

Same as GET, but transfers the status line and header section only.

POST

A POST request is used to send data to the server, for example, customer information, file upload, etc.
using HTML forms.

PUT

Replaces all current representations of the target resource with the uploaded content.

DELETE

Removes all current representations of the target resource given by a URI.

HTTP sessions
HTTP sessions is an industry standard feature that allows Web servers to maintain user identity and to
store user-specific data during multiple request/response interactions between a client application and
a Web application. HTTP sessions preserves:

*Information about the session itself (session identifier, creation time, time last accessed, etc.)

*Contextual information about the user (client login state, for example, plus whatever else the Web
application needs to save)

Status-Code

The Status-Code element in a server response, is a 3-digit integer where the first digit of the Status-Code
defines the class of response and the last two digits do not have any categorization role. There are 5
values for the first digit:

Code and Description

1 1xx: Informational

It means the request has been received and the process is continuing.
2 2xx: Success

It means the action was successfully received, understood, and accepted.

3 3xx: Redirection

It means further action must be taken in order to complete the request.

4 4xx: Client Error

It means the request contains incorrect syntax or cannot be fulfilled.

5 5xx: Server Error

It means the server failed to fulfill an apparently valid request.

HTTP persistent

HTTP persistent connection, also called HTTP keep-alive, or HTTP connection reuse, is the idea of using a
single TCP connection to send and receive multiple HTTP requests/responses, as opposed to opening a
new connection for every single request/response pair. The newer HTTP/2 protocol uses the same idea
and takes it further to allow multiple concurrent requests/responses to be multiplexed over a single
connection.

HTTPS

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol
(HTTP). It is used for secure communication over a computer network, and is widely used on the
Internet.[1][2] In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS)
or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS,[3]
or HTTP over SSL.

The principal motivations for HTTPS are authentication of the accessed website, and protection of the
privacy and integrity of the exchanged data while in transit.

Difference between HTTP AND HTTPS:-

HTTPS URLs begin with "https://" and use port 443 by default, whereas, HTTP URLs begin with "http://"
and use port 80 by default.
HTTP is not encrypted and thus is vulnerable to man-in-the-middle and eavesdropping attacks, which
can let attackers gain access to website accounts and sensitive information, and modify webpages to
inject malware or advertisements. HTTPS is designed to withstand such attacks and is considered secure
against them

Web servers: IIS, Apache server

1. Apache is free while IIS is packaged with Windows.

2. IIS only runs on Windows while Apache can run on almost any OS including UNIX, Apple’s OS X, and on
most Linux Distributions.

3. ASPX runs only in IIS.

4. IIS has a dedicated staff to answer most problems while support for Apache comes from the
community itself.

5. IIS is optimized for Windows because they are from the same company.