HyperText Transfer Protocol, better known by the abbreviation HTTP, is a client-server protocol developed for the World Wide Web. HTTPS (with S for secured) is a variant of HTTP secured through the use of SSL or TLS protocols.
HTTP is a protocol of the application layer. It can run on any reliable connection, in fact it uses TCP as a transport layer. An HTTP server then uses the default port 80 (443 for HTTPS).
HTTP clients are the most famous web browsers that allows a user to access a server containing the data. There are also systems to automatically retrieve the contents of a site such as website-mirroring software or website crawlers.
These clients connect to HTTP servers such as Apache HTTP Server, Lighttpd, Nginx or Internet Information Services.
In the HTTP protocol, a method is a command specifying a query type, that is to say, it asks the server to perform an action. In general the action concerns a resource identified by the URL that follows the method name.
In the following illustration against a GET request is sent to retrieve the home page of www.setthings.com website:
GET / HTTP/1.1
There are many methods, the most common being GET, HEAD and POST:
- GET: This is the most common method to request a resource. A GET request has no effect on the resource, it should be possible to repeat the request without effect.
- HEAD: This method only requires information on the resource, without asking the resource itself.
- POST: This method is used to transmit data for processing to a resource (usually from an HTML form). The supplied URI is the URI of a resource that will apply the data sent. The result may be the creation of new resources or the modification of existing resources. Due to the poor implementation of the HTTP methods (for Ajax) by some browsers (and the HTML standard that only supports GET and POST methods for forms), this method is often used instead of the PUT request, which should be used to update resources.
- OPTIONS: This method provides communication options of a resource or server in general.
- CONNECT: This method allows a proxy as a communication tunnel.
- TRACE: This method asks the server to return what he has received, in order to test and diagnose the connection.
- PUT: This method can replace or add a resource on the server. The supplied URI is that of the resource in question.
- PATCH: This method, unlike PUT, allows a partial modification of a resource.
- DELETE: This method allows to remove a resource from the server.
These last three methods generally require privileged access.
Some servers allow othe methods to manage their resource (eg WebDAV).
From client to server
The connection between the client and the server is not always direct, there may be intermediate machines for relay:
- A proxy can modify responses and requests it receives and can manage a cache of requested resources.
- A gateway is an intermediate modifying the protocol used.
- A tunnel transmits the requests and responses without any modification or caching.
HTTP allows the identification of the visitor by a name and a password. There are two identification modes: Basic and Digest (RFC 2617). The first mode transmits the password in clear, and shouldn’t therefore be used with HTTPS. The second mode allows identification without transmitting the password in clear. Identification is however often done by a superior application layer to HTTP.
List of HTTP servers
- C: Apache, Zeus Web Server, nginx, lighttpd, Cherokee, Hiawatha Webserver
- ASP/ASP.Net (C #, VB.net): IIS
- Java: Tomcat, Jetty, GlassFish, JBoss, JOnAS, Vert.x
- Python: Zope
- Pike Caudium
- Ruby: WEBrick, Mongrel, Thin
- Erlang: Yaws
Translated from Wikipedia