[CS] Computer Science Part4 Day-88


HTTP


HTTP/1.1, HTTP/2 are TCP-based, and HTTP/3 is a UDP-based.

HTTP Feature

  • client server architecture
  • 無状態、無接続
  • HTTP Message
  • Simple, Easy to expand
  • Client Server Architecture


    When a client sends a request to the server, the server sends a response to it.

    ステータスなし


    The server does not preserve the state of the client.
    Stateless can easily change the response server.
    Stateful protocol get communication problem when server change. However, Stateless protocol, client-server communication continues even if the server changes.
    That's reason why stateless protocol is easy to expand server.
    A simple service introduction screen can be designed as stateless. For services that require various functions, it is recommended to use cookies, sessions, and tokens to maintain state.

    接続なし


    If Client-Server keep the connection, the server cost continues to increase. So, through connectionlessness, HTTP only keeps the connection when it actual request, and closes the TCP/IP connection after giving back a response.
    However, when there is a lot of traffic and a large-scale service is operated, Connectionless is limits.
    It is inefficient to disconnect and reconnect repeatedly when many elements such as HTML, CSS, and Javascript need to be response.
    This problem can be solved with Persistent Connectionless.

    HTTP Header


    HTTP messages can be divided into header and body.
    HTTP Body contains data message and data.
    The part that carries data is called Payload.
    HTTP Header is used to contain additional information required for HTTP transmission.
  • Content-Type: expression data format
  • Content-Encoding: Expression data compression method
  • Content-Language: natural language of representation data
  • Content-Length: length of expression data
  • Header used in request


    From: User email information

  • Generally not used well.
  • Referer: Previous web page address

  • Previous web page address of the currently request page
  • Originally a referrer, but now used as a referer.
  • User-Agent: user's application information

  • Client's application information
  • Host: Requested host information(Domain)

  • Required header.
  • Used to specify host information when multiple domains are applied to one IP address
  • Origin: When sending a POST request to the server, the address that originated the request

  • A CORS error occurs if the sending address and the receiving address are different.
  • It is related to the Access-Control of the response header.
  • Authorization: Header used when sending an authentication token (JWT) to the server

  • Token type
  • Header used in response


    Server: information on the ORIGIN server processing the request

  • used in response
  • Server: Apache/2.2.22
    Server: nginx

    Date: date and time when the message occurred


    Date: Tue, 15 Nov 1994 08:12:31 GMT

    Location: Page redirection


  • When the response result is 3xx, if there is a Location option in the Header, it redirects to the location address.

  • 201(created): The Location value is the resource URI generated by the request.
  • Allow: Acceptable HTTP methods

  • 405
  • Allow: GET, HEAD, PUT

    Retry-After: Amount of time the user have to wait for the next request

  • 503(Service Unavailable): It can tell how long the service will be unavailable.
  • Retry-After:Fri,31 Dec 2020 23:59:59 GMT(日付マーク)

    content negotiation header

  • Accept: Passing the media type preferred by the client
  • Accept-Charset: Charset encoding preferred by the client
  • Accept-Encoding: Client preferred compression encoding
  • Accept-Language: Client's preferred natural language
    (Content negotiation header used in request.)
  • Accept-Language


    Client can request the language what they wants from the server.
    In general, if there is no setting, English is set as the default language.
    When the client sets Accept-Language KO, the server responds in Korean.
    If the language is not supported, it responds in the language stored in the server.
    Priority can be specified from 1 to 0.
    Accept-Language: ko-KR;q=0.9, en-US;q=0.8;

    HTTP Header - Cache


    A cache is a special storage space for temporary files that makes a device, browser, or app run faster and more efficiently.
    (it is temporary storage, the validity period is short.)

    Validationヘッダと条件要求(検証ヘッダと条件要求)


    The validation header uses Last-Modified to know the cache modification time. Check when the data was last modified and update the cache if there is a difference compared to the stored cache time.

    Proxy Cache


    Proxy means that a client can communicate between servers on a surrogate basis.
    (A server that performs a relay function is called a proxy server.)
    It has advantages such as traffic distribution.
    If the distance between the client and the main server is far, the data fetching speed is slow, but if you use a proxy server in the middle, you can get it at a fast speed.

    Cache-Control


  • Cache-Control: public
    The response is stored in a public cache.

  • Cache-Control: private
    The response is stored in a private cache.

  • Cache-Control: maxage
    Maxage that only applies to the proxy cache.

  • Age:60 (HTTP Header)
    The length of time the proxy cache stays after a response from the origin server

  • Cache-Control: no-cache
    You can cache the data. However, it should always be validated on the main server.

  • Cache-Control: no-store
    The data should not be stored as it contains sensitive information.

  • Cache-Control: must-revalidate
    When the cache is reused after expiration of the period, it must be verified by the main server.
  • If you want a clear cache invalidation response, you can use no-cache, no-store, or must-revalidate options.
    If the proxy cache server loses network connection with the main server, no-cache returns the previous data and responds with 200OK.
    However, when using must-revalidate. Proxy server always verified by the main server. If Proxy server cannot access to Main server, It will show 504 Gateway Timeout.
    Therefore, you must use must-revalidate. when make problems using old data.