Hypertext Transfer Protocol

The Hypertext Transfer Protocol (HTTP) is a protocol (a set of rules that describe how information is exchanged on a network) that allows a web browser and a web server to talk to each other using the ISO Latin1 alphabet, which is ASCII with extensions for European languages. See The Original HTTP as defined in 1991.

HTTP is based on a request/response model. The client connects to the server and sends a request to the server. The request contains the following: request method, URI, and protocol version. The client then sends some header information. The server's response includes the return of the protocol version, status code, followed by a message that contains server information, and the requested data. The connection is then closed.

Requests

A request from a client to a server includes the following information:

Request method
Request header
Request data

HTTP Request Header: The information, in the form of a text record, that a user’s browser sends to a Web server containing the details of what the browser wants and will accept back from the server. The request header also contains the type, version and capabilities of the browser that is making the request so that server returns compatible data. Upon receipt of the request header, the server will return an HTTP response header to the client that is attached to the file(s) being sent

Request method

A client can request information using a number of methods. The commonly used methods include the following:

GET--Requests the specified document.
HEAD--Requests only the header information for the document.
POST--Requests that the server accept the specified document as an executable and pass it some information.
PUT--Replaces the contents of a server's document with data from the client.

Request header (see http://www.w3.org/Protocols/HTTP/HTRQ_Headers.html)

The client can send header fields to the server. Most are optional. Some commonly used request headers are shown below.

Request header	Description
Accept	The file type the client will accept.
Authorization	Used if the client wants to authenticate itself with a server; information such as the user name and password are included.
User-agent	The name and version of the client software.
Referer	The URL of the last document the user was looking at.

Request data

If the client has made a POST request, it can send data after the request header and a blank line. If the client sends a GET or HEAD request, there is no data to send; the client waits for the server's response.

Responses

The server's response includes the following:

Status code
Response header
Response data

HTTP Response Header: The information, in the form of a text record, that a Web server sends back to a client’s browser in response to receiving an HTTP request. The response header contains the date, size and type of file that the server is sending back to the client and also data about the server itself. The header is attached to the files being sent back to the client

Status code

When a client makes a request, one item the server sends back is a status code, which are three-digit numeric codes divided into four categories.

Status codes in the 200-299 range indicate a successful transaction.
Status codes in the 300-399 range are returned when the URL can't be retrieved because the requested document has moved.
Status codes in the 400-499 range indicate the client has erred.
Status codes of 500 and higher indicate that the server can't perform the request, or an error has occurred.

Some common status codes include the following:

200 -- OK; successful transmission. This is not an error.

302 -- Found. Redirection to a new URL.The original URL has moved. This is not an error; most browsers will get the new page.

304 -- Use a local copy. If a browser already has a page in its cache, and the page is requested again, some browsers (such as Netscape Navigator) relay to the web server the "last-modified" timestamp on the browser's cached copy. If the copy on the server is not newer than the browser's copy, the server returns a 304 code instead of returning the page, reducing unnecessary network traffic. This is not an error.

401 -- Unauthorized. The user requested a document but didn't provide a valid username or password.

403 -- Forbidden. Access to this URL is forbidden.

404 -- Not found. The document requested isn't on the server. This code can also be sent if the server has been told to protect the document by telling unauthorized people that it doesn't exist.

500 -- Server error. A server-related error occurred. The server administrator should check the server's error log to see what happened.

Response header (see http://www.w3.org/Protocols/HTTP/Object_Headers.html)

The response header contains information about the server and information about the document that will follow. Common response headers are shown below.

Response header	Description
Server	The name and version of the web server.
Date	The current date (in Greenwich Mean Time).
Last-modified	The date when the document was last modified.
Expires	The date when the document expires.
Content-length	The length of the data that follows (in bytes).
Content-type	The MIME type of the following data.
WWW-authenticate	Used during authentication and includes information that tells the client software what is necessary for authentication (such as user name and password).

Response data

The server sends a blank line after the last header field. The server then sends the document data. If the client requested only header information, the server closes the connection.