Saturday, January 10, 2015

Http session

Every user is able to access only their session. The session can be stored on the server, or on the client. If it’s on the client, it will be stored by the browser, most likely in cookies and if it is stored on the server, the session ids are created and managed by the server. So if there are a million users connected to the server, there will also be a million session ids for those users on the server.

1 – You send a http request to the server asking for the drafts page. Along with this http request you send your session id to tell the server “hey, it’s me from before, give me my drafts page now”. The session id is usually sent in cookies, but it can also be sent in GET or POST parameters, whatever the technique the session id just needs to be sent to the server.

2 – The server receives your request. Before it gives you your drafts page, it checks your session id, looks it up in its session datastore, it finds 5, your session id, so it makes the data in entry 5 available to the code engine (php, java, ruby…).

3 -The server then executes the code corresponding to your request “give me the drafts page”.

4 – The code starts by getting your user id from the session made available by the server earlier, then it uses it to ask the database “give me the drafts of the user who has this user id”.

5 – Finally when the code got your drafts from the database, it creates an html page, puts your drafts in it, and hands it to the server.

6 – The server sends you your drafts page, along with your session id.



http://machinesaredigging.com/2013/10/29/how-does-a-web-session-work/
Posted by at No comments:

Response Message Examples

Now let's put it all together to form an HTTP response for a request to fetch hello.htm page from the web server running on tutorialspoint.com

HTTP/1.1 200 OK
Date: Mon, 27 Jul 2009 12:28:53 GMT
Server: Apache/2.2.14 (Win32)
Last-Modified: Wed, 22 Jul 2009 19:15:56 GMT
Content-Length: 88
Content-Type: text/html
Connection: Closed

<html>
<body>
<h1>Hello, World!</h1>
</body>
</html>
Following is an example of HTTP response message showing error condition when web server could not find requested page:

HTTP/1.1 404 Not Found
Date: Sun, 18 Oct 2012 10:36:20 GMT
Server: Apache/2.2.14 (Win32)
Content-Length: 230
Connection: Closed
Content-Type: text/html; charset=iso-8859-1
 
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head>
   <title>404 Not Found</title>
</head>
<body>
   <h1>Not Found</h1>
   <p>The requested URL /t.html was not found on this server.</p>
</body>
</html>
Following is an example of HTTP response message showing error condition when web server encountered a wrong HTTP version in given HTTP request:

HTTP/1.1 400 Bad Request
Date: Sun, 18 Oct 2012 10:36:20 GMT
Server: Apache/2.2.14 (Win32)
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Connection: Closed
 
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head>
   <title>400 Bad Request</title>
</head>
<body>
   <h1>Bad Request</h1>
   <p>Your browser sent a request that this server could not understand.<p>
   <p>The request line contained invalid characters following the protocol string.<p>
</body>
</html>
Posted by at No comments:

HTTP - Requests

An HTTP client sends an HTTP request to a server in the form of a request message which includes following format:

 - A Request-line
 - Zero or more header (General|Request|Entity) fields followed by CRLF
 - An empty line (i.e., a line with nothing preceding the CRLF) indicating the end of the header fields
 - Optionally a message-body

Message Request-Line
The Request-Line begins with a method token, followed by the Request-URI and the protocol version, and ending with CRLF. The elements are separated by space SP characters.
Request-Line   = Method SP Request-URI SP HTTP-Version CRLF

Request Method
The request Method indicates the method to be performed on the resource identified by the given Request-URI.
GET
The GET method is used to retrieve information from the given server using a given URI. Requests using GET should only retrieve data and should have no other effect on the data.
HEAD
Same as GET, but only transfer the status line and header section.
POST
A POST request is used to send data to the server, for example customer information, file upload etc using HTML forms.
PUT
Replace all current representations of the target resource with the uploaded content.
DELETE
Remove all current representations of the target resource given by URI.
CONNECT
Establish a tunnel to the server identified by a given URI.
OPTIONS
Describe the communication options for the target resource.
TRACE
Perform a message loop-back test along the path to the target resource.

Request-URI

 Request Header Fields
The request-header fields allow the client to pass additional information about the request, and about the client itself, to the server. These fields act as request modifiers and there are following important Request-header fields available which can be used based on requirement.

Request Message Examples

Now let's put it all together to form an HTTP request to fetch hello.htm page from the web server running on tutorialspoint.com

GET /hello.htm HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows NT)
Host: www.tutorialspoint.com
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Here we are not sending any request data to the server because we are fetching a plan HTML page from the server. Connection is a general-header used here and rest of the headers are request headers. Following is one more example where we send form data to the server using request message body:

POST /cgi-bin/process.cgi HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows NT)
Host: www.tutorialspoint.com
Content-Type: application/x-www-form-urlencoded
Content-Length: length
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

licenseID=string&content=string&/paramsXML=string
Here given URL /cgi-bin/process.cgi will be used to process the passed data and accordingly a response will be retuned. Here content-type tells the server that passed data is simple web form data and length will be actual length of the data put in the message body. Following example shows how you can pass plan XML to your web server:

POST /cgi-bin/process.cgi HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows NT)
Host: www.tutorialspoint.com
Content-Type: text/xml; charset=utf-8
Content-Length: length
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

<?xml version="1.0" encoding="utf-8"?>

<string xmlns="http://clearforest.com/">string</string>



Posted by at No comments:

HTTP - Messages

HTTP operates by exchanging messages across a reliable TCP/IP connection.

Once connection is established, HTTP messages are passed. These messages are consisted of requests from client to server and responses from server to client which will have following format:

 HTTP-message   = <Request> | <Response> ; HTTP/1.1 messages

 - A Start-line
 - Zero or more header fields followed by CRLF
 - An empty line (i.e., a line with nothing preceding the CRLF) indicating the end of the header fields
 - Optionally a message-body

Header Fields
HTTP header fields provide required information about the request or response, or about the object sent in the message body. There are following four types of HTTP message headers:

  - General-header: These header fields have general applicability for both request and response messages.
  - Request-header: These header fields are applicability only for request messages.
  - Response-header: These header fields are applicability only for response messages.
  - Entity-header: These header fields define metainformation about the entity-body or, if no body is present.

Example:
User-Agent: curl/7.16.3 libcurl/7.16.3 OpenSSL/0.9.7l zlib/1.2.3
Host: www.example.com
Accept-Language: en, mi
Date: Mon, 27 Jul 2009 12:28:53 GMT
Server: Apache
Last-Modified: Wed, 22 Jul 2009 19:15:56 GMT
ETag: "34aa387-d-1568eb00"
Accept-Ranges: bytes
Content-Length: 51
Vary: Accept-Encoding
Content-Type: text/plain

Message Body

The message body part is optional for an HTTP message but if it is available then it is used to carry the entity-body associated with the request or response.
If entity body is associated then usually Content-Type and Content-Length headers lines specify the nature of the body associated.
A message body is the one which carries actual HTTP request data (including form data and uploaded etc.) and HTTP response data from the server ( including files, images etc). Following is a simple content of a message body:
<html>
<body>
<h1>Hello, World!</h1>
</body>
</html>

Posted by at No comments:

HTTP - Parameters

HTTP Version
HTTP uses a <major>.<minor> numbering scheme to indicate versions of the protocol.
HTTP/1.0

Uniform Resource Identifiers (URI) 
Is simply formatted, case-insensitive string containing name, location etc to identify a resource, for example a website, a web service etc.

Date/Time Formats
All HTTP date/time stamps MUST be represented in Greenwich Mean Time (GMT), without exception. HTTP applications are allowed to use any of the following three representations of date/time stamps:
Sun, 06 Nov 1994 08:49:37 GMT  ; RFC 822, updated by RFC 1123

Character Sets
You use character set to specify the character sets that the client prefers. Multiple character sets can be listed separated by commas. If a value is not specified, the default is US-ASCII.

Content Encodings
A content ecoding values indicate an encoding algorithm has been used to encode the content before passing it over the network. Content codings are primarily used to allow a document to be compressed or otherwise usefully transformed without losing the identity.
Like gzip.

Media Types
HTTP uses Internet Media Types in the Content-Type and Accept header fields in order to provide open and extensible data typing and type negotiation. All the Media-type values are registered with the Internet Assigned Number Authority ((IANA). Following is a general syntax to specify media type:
Accept: image/gif

Language Tags
HTTP uses language tags within the Accept-Language and Content-Language fields. A language tag is composed of 1 or more parts: A primary language tag and a possibly empty series of subtags:
en, en-US, en-cockney, i-cherokee, x-pig-latin
Posted by at No comments:

Http

Is a protocol use in every trasanction the World Wide Web.

HTTP is an TCP/IP based communication protocol, which is used to deliver data (HTML files, image files, query results etc) on the World Wide Web.

The default port is TCP 80, but other ports can be used.

It provides a standardized way for computers to communicate with each other.

HTTP specification specifies how clients request data will be constructed and sent to the serve, and how servers respond to these requests.

*define la sintaxis y la semántica que utilizan los elementos de software de la arquitectura web (clientes, servidores, proxies) para comunicarse*

Basic Features

 - HTTP is connectionless:
      The HTTP client ie. browser initiates an HTTP request
            and after a request is made -> the client disconnects from the server and waits for a response.                     The server process the request and re-establish the connection with the client to send                            response back.

- HTTP is media independent:
       This means, any type of data can be sent by HTTP as long as both the client and server know how to handle the data content. This is required for client as well as server to specify the content type using appropriate MIME-type.

- HTTP is stateless:
       The server and client are aware of each other only during a current request. Afterwards, both of them forget about each other.
       Due to this nature of the protocol, neither the client nor the browser can retain information between different request across the web pages.

Basic Architecture
The HTTP protocol is a request/response protocol based on client/server based architecture where web browser, robots and search engines, etc. act like HTTP clients and Web server acts as server.

CLIENT
The HTTP client sends a request to the server in the form of a request method, URI, and protocol version, followed by a MIME-like message containing request modifiers, client information, and possible body content over a TCP/IP connection.
--- An HTTP "client" is a program (Web browser or any other client) that establishes a connection to a server for the purpose of sending one or more HTTP request messages. ---

SERVER
The HTTP server responds with a status line, including the message's protocol version and a success or error code, followed by a MIME-like message containing server information, entity metainformation, and possible entity-body content.
--- An HTTP "server" is a program ( generally a web server like Apache Web Server or Internet Information Services IIS etc. ) that accepts connections in order to serve HTTP requests by sending HTTP response messages. ---

















Posted by at No comments:
Subscribe to: Posts (Atom)