Method types Http/1.0 Http/1.1 D GET 口GET,POST,HEAD g POST 口PUT 口HEAD o uploads file in entity o asks server to leave body to path specified requested object out of in URL field response D DELETE o deletes file specified in the URL field 2: Application Layer 26
2: Application Layer 26 Method types HTTP/1.0 GET POST HEAD asks server to leave requested object out of response HTTP/1.1 GET, POST, HEAD PUT uploads file in entity body to path specified in URL field DELETE deletes file specified in the URL field
Http response message status line (proToco status code Http/1.1 200ok status phrase) Connection close Date: Thu, 06 Aug 1998 12: 00: 15GMT header Server: Apache/1.3.0 (Unix) lines Last-Modified: Mon, 22 Jun 1998 Content-Length: 6821 Content-Type: text/html data, e.g data datadata data data requested HTML file 2: Application Layer 27
2: Application Layer 27 HTTP response message HTTP/1.1 200 OK Connection close Date: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …... Content-Length: 6821 Content-Type: text/html data data data data data ... status line (protocol status code status phrase) header lines data, e.g., requested HTML file
Http response status codes In first line in server->client response message a few sample codes: 200oK o request succeeded, requested object later in this message 301 Moved Permanently o requested ob ject moved new location specified later in this message location 400 Bad Request o request message not understood by server 404 Not Found o requested document not found on this server 505 httP Version Not Supported 2: Application Layer 28
2: Application Layer 28 HTTP response status codes 200 OK request succeeded, requested object later in this message 301 Moved Permanently requested object moved, new location specified later in this message (Location:) 400 Bad Request request message not understood by server 404 Not Found requested document not found on this server 505 HTTP Version Not Supported In first line in server->client response message. A few sample codes:
Trying out Http(cLienT side for yourself 1. Telnet to your favorite web server telnetwww.eurecom.fr80opensTcpconnectiontoport80 defaultHttpserverport)atwww.eurecom.fr Anything typed in sent toport80atwww.eurecom.fr 2. Type in a Get Http request Get /-Ross/index. html HttP/1.0 By typing this in(hit carriage return twice), you send this minimal (but complete) Get request to Http server 3.Lookatresponsemessagesentbyhttpserver 2: Application Layer 29
2: Application Layer 29 Trying out HTTP (client side) for yourself 1. Telnet to your favorite Web server: Opens TCP connection to port 80 (default HTTP server port) at www.eurecom.fr. Anything typed in sent to port 80 at www.eurecom.fr telnet www.eurecom.fr 80 2. Type in a GET HTTP request: GET /~ross/index.html HTTP/1.0 By typing this in (hit carriage return twice), you send this minimal (but complete) GET request to HTTP server 3. Look at response message sent by HTTP server!
User-server interaction: authorization Authorization: control access to client server server content 0 authorization credentials usualhttprequestmsg typically name, password 401: authorization req o stateless: client must present ww authen七 icate authorization in each request o authorization header line in usualhttprequestmsg each request Authorization <cred> if no authorization header usualhttpresponsemsg server refuses access sends www authenticate usualhttprequestmsg Authorization <cred> header line in response usualhttpresponsemsg time 2: Application Layer 30
2: Application Layer 30 User-server interaction: authorization Authorization : control access to server content authorization credentials: typically name, password stateless: client must present authorization in each request authorization: header line in each request if no authorization: header, server refuses access, sends WWW authenticate: header line in response client server usual http request msg 401: authorization req. WWW authenticate: usual http request msg + Authorization: <cred> usual http response msg usual http request msg + Authorization: <cred> usual http response msg time