How to work with HTTP requests and responses

Similar documents
Generating the Server Response: HTTP Response Headers

Applications & Application-Layer Protocols: The Web & HTTP

COSC 2206 Internet Tools. The HTTP Protocol

Lecture 3. HTTP v1.0 application layer protocol. into details. HTTP 1.0: RFC 1945, T. Berners-Lee HTTP 1.1: RFC 2068, 2616

World Wide Web, etc.

Lecture 7b: HTTP. Feb. 24, Internet and Intranet Protocols and Applications

The HTTP protocol. Fulvio Corno, Dario Bonino. 08/10/09 http 1

Internet Architecture. Web Programming - 2 (Ref: Chapter 2) IP Software. IP Addressing. TCP/IP Basics. Client Server Basics. URL and MIME Types HTTP

HTTP Reading: Section and COS 461: Computer Networks Spring 2013

Hypertext Transport Protocol

Session 8. Reading and Reference. en.wikipedia.org/wiki/list_of_http_headers. en.wikipedia.org/wiki/http_status_codes

Produced by. Mobile Application Development. Higher Diploma in Science in Computer Science. Eamonn de Leastar

HTTP Protocol and Server-Side Basics

Computer Networks. Wenzhong Li. Nanjing University

HTTP Security. CSC 482/582: Computer Security Slide #1

Web Programming 4) PHP and the Web

Web, HTTP and Web Caching

About the Tutorial. Audience. Prerequisites. Copyright & Disclaimer

Outline of Lecture 3 Protocols

WEB TECHNOLOGIES CHAPTER 1

World-Wide Web Protocols CS 571 Fall Kenneth L. Calvert All rights reserved

HyperText Transfer Protocol

Web Search An Application of Information Retrieval Theory

Web Architecture and Technologies

Session 9. Deployment Descriptor Http. Reading and Reference. en.wikipedia.org/wiki/http. en.wikipedia.org/wiki/list_of_http_headers

Outline Computer Networking. HTTP Basics (Review) How to Mark End of Message? (Review)

The MIME format. What is MIME?

CSCI-1680 WWW Rodrigo Fonseca

Application Level Protocols

Part III: Survey of Internet technologies

REST over HTTP. Ambient intelligence. Fulvio Corno. Politecnico di Torino, 2015/2016

HTTP Review. Carey Williamson Department of Computer Science University of Calgary

WakeSpace Digital Archive Policies

WWW: the http protocol

COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS. Web Access: HTTP Mehmet KORKMAZ

CS144: Content Encoding

Global Servers. The new masters

CSCI-1680 WWW Rodrigo Fonseca

Giving credit where credit is due

Notes beforehand... For more details: See the (online) presentation program.

Web Technology. COMP476 Networked Computer Systems. Hypertext and Hypermedia. Document Representation. Client-Server Paradigm.

Mac OS X Server Web Technologies Administration. For Version 10.3 or Later

REST. Lecture BigData Analytics. Julian M. Kunkel. University of Hamburg / German Climate Computing Center (DKRZ)

CNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies

Web History. Systemprogrammering 2006 Föreläsning 9 Web Services. Internet Hosts. Web History (cont) 1945: 1989: Topics 1990:

1.1 A Brief Intro to the Internet

3. WWW and HTTP. Fig.3.1 Architecture of WWW

CS 355. Computer Networking. Wei Lu, Ph.D., P.Eng.

Networking. Layered Model. DoD Model. Application Layer. ISO/OSI Model

CS 43: Computer Networks. Layering & HTTP September 7, 2018

CSE 333 Lecture HTTP

CS 5450 HTTP. Vitaly Shmatikov

1.1 A Brief Intro to the Internet

HTTP, circa HTTP protocol. GET /foo/bar.html HTTP/1.1. Sviluppo App Web 2015/ Intro 3/3/2016. Marco Tarini, Uninsubria 1

Lecture 7 Application Layer. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

CS631 - Advanced Programming in the UNIX Environment

Layered Model. DoD Model. ISO/OSI Model

AN4965 Application note

Networking and Internet

Hypertext Transport Protocol

CS144 Notes: Web Standards

Applications & Application-Layer Protocols: The Web & HTTP

Policies to Resolve Archived HTTP Redirection

CSE 333 Lecture HTTP

Assignment, part 2. Statement and concepts INFO-0010

WWW Document Technologies

HTTP TRAFFIC CONSISTS OF REQUESTS AND RESPONSES. All HTTP traffic can be

Scalable applications with HTTP

World Wide Web. Before WWW

1.1 A Brief Intro to the Internet

HTTP Server Application

Networking. INFO/CSE 100, Spring 2006 Fluency in Information Technology.

Lecture 6 Application Layer. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Parameterization in OpenSTA for load testing. Parameterization in OpenSTA Author: Ranjit Shewale

EE 122: HyperText Transfer Protocol (HTTP)

Review of Previous Lecture

CMSC 332 Computer Networking Web and FTP

1-1. Switching Networks (Fall 2010) EE 586 Communication and. September Lecture 10

Introduction to Ethical Hacking

Fluid Product Sheet - Low Level

The World Wide Web. Internet

Jeff Offutt SWE 642 Software Engineering for the World Wide Web

Introduc)on to Computer Networks

Servlet and JSP: A Beginner's Tutorial First Edition

Media Types. Web Architecture and Information Management [./] Spring 2009 INFO (CCN 42509) Contents. Erik Wilde, UC Berkeley School of

Lecture Overview. IN5290 Ethical Hacking. Lecture 4: Web hacking 1, Client side bypass, Tampering data, Brute-forcing

Web Programming Paper Solution (Chapter wise)

SAS/IntrNet 9.3. Overview. SAS Documentation

HTTP and HTML. We will use HTML as a frontend to our webapplications, therefore a basic knowledge of HTML is required, especially in forms.

Application Layer: The Web and HTTP Sec 2.2 Prof Lina Battestilli Fall 2017

Introduction to HTTP. Jonathan Sillito

CS 43: Computer Networks. HTTP September 10, 2018

RESTful Services. Distributed Enabling Platform

HTTP Request Handling

HTTP (HyperText Transfer Protocol)

HTTP Requests and Header Settings

REST Web Services Objektumorientált szoftvertervezés Object-oriented software design

Optimization :55:22 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Getting Some REST with webmachine. Kevin A. Smith

What to shove up your.htaccess

Transcription:

How a web server processes static web pages Chapter 18 How to work with HTTP requests and responses How a web server processes dynamic web pages Slide 1 Slide 2 The components of a servlet/jsp application The architecture for a servlet/jsp application Slide 3 Note: we split the green layer into presentation (servlets) and service layer (business rules implementation) Slide 4 Two popular web servers (application servers) Tomcat Is a servlet/jsp engine that includes a web server. Is free, open-source, and runs on all modern operating systems. Is a popular web server for Java web applications. GlassFish Is a complete Java EE application server. Is free, open-source, and runs on all modern operating systems. Provides more features than Tomcat. Requires more system resources than Tomcat. Other popular web servers WildFly (formerly JBoss) Jetty Oracle WebLogic IBM WebSphere CS636: We ll use tomcat (3rd Ed.), C1 Slide 5 (3rd Ed.), C1 Slide 6 1

An HTTP request GET http://www.murach.com/email/index.html HTTP/1.1 referer: http://www.murach.com/index.html connection: keep-alive user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) Chrome/33.0.1750.146 host: www.murach.com accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-encoding: gzip, deflate accept-language: en-us,en;q=0.5 cookie: emailcookie=joel@murach.com; firstcookie=joel More common command syntax: no server name in GET: GET /email/index.html HTTP/1.1 The server name is given in the host header, required in HTTP 1.1. The form with the server name in GET is also valid and is needed with proxy servers. An HTTP response HTTP/1.1 200 OK date: Sat, 17 Mar 2014 10:32:54 GMT server: Apache/2.2.3 (Unix) PHP/5.2.4 content-type: text/html content-length: 201 last-modified: Fri, 16 Aug 2013 12:52:09 GMT <!DOCTYPE html> <html> <head> <title>murach's Java Servlets and JSP</title> </head> <body> <h1>join our email list</h1> </body> </html> Slide 7 Slide 8 An introduction to HTTP Hypertext Transfer Protocol (HTTP) is the primary protocol that s used to transfer data between a browser and a server. The first line of an HTTP request is known as the request line. This line specifies the request method, the URL of the request, and the version of HTTP. After the first line of a request, the browser sends request headers that give information about the browser and its request. The first line of an HTTP response is known as the status line. This line specifies the HTTP version, a status code, and a brief description associated with the status code. After the first line of a response, the server sends response headers that give information about the response. Then, it sends the response entity, or response body. The body of a response is typically HTML, but it can also be other types of data. An introduction to MIME types The Multipurpose Internet Mail Extension (MIME) types provide standards for the various types of data transferred across the Internet. MIME types can be included in the accept header of a request or the content-type header of a response. Slide 9 Slide 10 Common HTTP request headers accept accept-charset accept-encoding accept-language authorization connection Specifies preferred order of MIME types the browser can accept. Specifies the character sets the browser can accept. Specifies the types of compression encoding the browser can accept. Specifies the standard language codes for the languages the browser prefers. Identifies authorization level for the browser. Indicates type of connection being used by the browser. Common HTTP request headers (continued) cookie host pragma referer user-agent Specifies any cookies previously sent by the current server. Specifies host and port of the machine that is originally addressed sent in the request. URL (was wrong) Value of no-cache indicates to browsers, proxy servers, and gateways that this document should not be cached. Indicates URL of the referring web page. Indicates type of browser. Slide 11 Slide 12 2

Internet media types AKA MIME types Originally called MIME types, a name still in use (MIME = Multipurpose Internet Mail Extension) Used to specify type of desired response for HTTP request (accept header) and type of response (content-type header) Syntax: type/subtype Most common: text/html for web pages International register at https://www.iana.org/assignments/media-types/media-types.xhtml (IANA = Internet Assigned Numbers Authority) Common MIME types Type/Subtype text/plain text/html text/css text/xml text/csv text/tab-separated-values image/gif image/jpeg image/png image/tiff image/x-xbitmap Plain text document HTML document HTML cascading style sheet XML document CSV (comma-separated values) document TSV (tab-separated values) document GIF image JPEG image PNG image TIFF image Windows bitmap image Slide 13 Slide 14 Common MIME types (continued) Type/Subtype application/atom-xml Atom feed application/rss-xml RSS feed application/pdf PDF file application/postscript PostScript file application/zip ZIP file application/gzip GZIP file application/octet-stream Binary data application/msword Microsoft Word document application/vnd.ms-excel Microsoft Excel spreadsheet Common MIME types (continued) Type/Subtype audio/x-midi MIDI sound file audio/mpeg MP3 sound file audio/vnd.wav WAV sound file video/mpeg MPEG video file video/x-flv Adobe Flash file Slide 15 Slide 16 Status code summary Number Type 100-199 Informational Request was received and is being processed. 200-299 Success Request was successful. 300-399 Redirection Further action must be taken to fulfill the request. 400-499 Client errors Client has made a request that contains an error. 500-599 Server errors Server has encountered an error. Status codes Number 200 OK Default status when the response is normal. 301 Moved Permanently Requested resource has been permanently moved. 302 Found Requested resource resides temporarily under a new URL. 400 Bad Request Request could not be understood by the server due to bad syntax. 401 Unauthorized Request requires authentication. Response must include a wwwauthenticate header. 403 Forbidden Access to requested resource has been denied. 302 is used in REDIRECTs (will cover later) Slide 17 Slide 18 3

Status codes (continued) Number 404 Not Found Server could not find requested URL. 405 Method Not Allowed Method specified in request line is not allowed for requested URL. 414 Request-URI Too Long Typically caused by trying to pass too much data in a GET request. Usually resolved by converting the GET request to a POST request. 500 Internal Server Error Server encountered an unexpected condition that prevented it from fulfilling the request. Common HTTP response headers cache-control content-disposition content-length content-type Controls when and how a browser caches a page. Can be used to specify the response includes an attached binary file. Specifies the length of the body of the response in bytes. This allows the browser to know when it s done reading the entire response and is necessary for the browser to use a persistent, keep-alive connection. Specifies the MIME type of the response document. Use the maintype/subtype format to specify the MIME type. Slide 19 Slide 20 Common HTTP response headers (continued) content-encoding expires last-modified location pragma refresh www-authenticate Specifies the type of encoding the response uses. Encoding a document with compression such as GZIP can enhance performance. Specifies the time the page should no longer be cached. Specifies the time when the document was last modified. Works with status codes in the 300s to specify the new location of the document. Turns off caching for older browsers when it is set to a value of no-cache. Specifies the number of seconds before the browser should ask for an updated page. Works with the 401 (Unauthorized) status code to specify the authentication type and realm. Slide 21 Values for the cache-control header public private no-cache no-store must-revalidate proxy-revalidate max-age=x s-max-age=x Can be cached in a public, shared cache. Can only be cached in a private, single-user cache. Should never be cached. Should never be cached or stored in a temporary location on the disk. Must be revalidated with the original server each time it is requested. Must be revalidated on the proxy server, not on the original server. Must be revalidated after x seconds for private caches. Must be revalidated after x seconds for shared caches. CS636: Don t worry about cache control: we ll live with default behavior Slide 22 Example of HTTP request/response cycles Old home page of cs636, at URL http://www.cs.umb.edu/cs636/f13/index.html index.html: <img src = rule10.gif > This is a relative URL, so rule10.gif is at /cs636/f13/rule10.gif in the server s filesystem. What are the HTTP request-response cycles needed to display this index.html page? Request-response cycles: first cycle Browser accesses URL http://www.cs.umb.edu/cs636/f13/index.html, using 2 steps: 1. Connects using TCP to host www.cs.umb.edu on Port: 80 (default port for HTTP) 2. Uses HTTP Command: GET /cs636/f13/index.html HTTP/1.1 over that TCP connection, followed by header lines, then blank line to end. Gets response: Status line: HTTP/1.0 200 OK. Response headers blank line after headers <Contents of index.html> Slide 23 Slide 24 4

Request-response cycles: second cycle Browser accesses URL: http://www.cs.umb.edu/cs636/f13/rule10.gif, using 2 steps: 1. Connects using TCP to host www.cs.umb.edu on Port: 80 (default port for HTTP) 2. Uses HTTP Command: GET /cs636/f13/rule10.gif HTTP/1.1 over that TCP connection, followed by header lines, then blank line to end. Gets response: Status line: HTTP/1.0 200 OK. Response headers blank line after headers <Contents of rule10.gif> Note that browser had to reconstitute the full URL from the relative URL it found in the HTML. The server doesn t remember any current directory information (it s stateless ). Communications Diagram User/browser User requests page Browser: parse HTML, issue second GET Browser : Fill in image Server Server: process GET / index.html Server: process GET / rule10.gif Slide 25 Slide 26 Communications Diagram: simple form handling User/browser User requests form page Server Server: process GET / form.html User: fill in form: Browser: put user input into params in POST request User: see response Server: process POST / /doit.jsp Get user input from params, do request, compose response Slide 27 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback