【高级程序设计】Week2-2 HTTP and Web

marshall user information

send a request containing this to server-side program

parse response

an application-layer protocol

rely on many other protocols

TCP (provides reliable in-order delivery)

IP (delivers data packets between the end hosts)

Layer2 (deal with the individual networks MAC)

delivers services and applications

deal with the advanced application-specific functionality

HTTP, FTP, SMTP

delivers data segments between processes

deal with things like reliability, flow control

TCP, UDP, SPX

delivers data packets between hosts.

access multiple networks

IP, ICMP, IPX

HTTP is built over TCP: Socket socket = new socket("10.0.0.1",80);

TCP makes life easier for HTTP

- no packet loss, no out-of-order delivery, congestion/flow control automatically handled

特点:

connection-oriented protocol; 面向连接

provides a reliable unicast end-to-end byte stream over an unreliable internetwork 单向，不可靠

Connec

tion-oriented

含义：Before any data transfer, TCP establishes a connection

- one TCP entity is waiting for a connection("server"), the other TCP entity("client") contacts the server

Byte stream broken up into chunks called segments:

receiver sends ACKs for segments;

TCP maintains a timer, the segement is retransmitted if an ACK is not received in time.

Detecting errors:

TCP has checksums for header and data. Segments with invalid checksums are discarded.

Eack byte that is transmitted has a sequence number.

TCP deals with segments: send a segment, resend the segment if it's lost

To higher layers, TCP exposes a byte stream service

protocol://hostname[:port]/path/filename#section

protocol: used to access the server

hostname[:port]: the name of the server(if no port, automatically uses the default for protocol)

/path/filename#section: the location of a file on the server

filename

#section

作用：

- points to a file in the directory specified  by path

- If omitted, it is left to the server to decide which file to send. (It may send an index of the directory, often in a file called index.html) 索引文件

section：

- 含义：a name anchor (fragment/Ref) in an HTML document 标记或链接目标位置的方式

- 使用：create using a tag ...

- specifiy how a client & server establish a connection

- how client requests data from server

- how server responds to requests

- how a connection is closed

特点：

stateless

- doesn't remember anything about previous connections, it's simple and robust.

- can lead to inefficiencies

初始化

connection

• HTTP/1.0,2.0,1.1：use TCP as the underlying transport protocol
• Browser and server use TCP socket interfaces
  • Client writes HTTP request messages into its socket and reads responses from the socket; Server reads HTTP requests and writes it responses to its socket.
• connection is established with the server with the port specified in the URL：80 by default

• set up TCP connection from client to server
• HTTP client sends a message to the server requesting the page at specified URL using the TCP connection.(request includes the path name)
• HTTP server receives message via the connection socket
  • retrieves the requested object from its data storage
  • encapsulates the object in an HTTP response message
  • sends the response back via the connection socket
• HTTP server tells TCP to close connection: TCP do this until client has successfully received the response
• Client receives message, and the TCP connection terminates
• The message tells the client that the response object is an HTML file
  • Client extracts the file from the response message, parses the HTML file and finds references to other referenced objects.

Query string incorporated in the request URL

Idempotent: multiple requests have the same effect as a single one

there are also persistent connections:

- Server leaves a TCP connection open (for some time) after sending a response.

With pipelining:

– Usually multiple resources are obtained by parallel TCP connections

– Speeds up downloads for complex web pages

Without  pipelining:

– All the referred requests are sent back-to-back, leading to only one round trip for all the referred to objects.

– Susan always accesses the internet from her PC.

– Assume that she visits a specific e-commerce site for the first time.

– When initial HTTP request arrives at site, site creates: Ⅰ unique ID;Ⅱ entry in backend database for ID

- All traffic (headers and payloads) are encrypted

- Authenticates server

- Prevents other from sniffing traffic

- Near-identical to HTTP URLs

- The protocol changes : From http:// to https://

 Adds extra overhead

- you should only use HTTPS when necessary

- Some organisations are pushing for all HTTP to be encrypted

- Increases connection setup time 

- Requires TCP setup + TLS handshake

Thus, increases page load time

Not good for requesting small resources

- The security of HTTPS depends on that of the underlying TLS protocol

- A website that uses mixed protocols (e.g., images served via HTTP, login info via HTTPS) can still make the user vulnerable to attacks/surveillance

Deployed on Google serversGoogle服务器部署了该协议

– Also supported by Twitter, Facebook, imgur, Blogspot也支持该协议

Multiplexing多路复用

Multiple resources can be requested and fetched in parallel 可以并行请求和获取多个资源

Prevents “head of line” blocking防止"队头阻塞"

Universal encryption统一加密

All traffic is encrypted by default默认情况下所有流量都加密

Equivalent of running everything over HTTPS相当于使用HTTPS运行所有内容

Server push/hint服务器推送/提示

Server can push resources before being requested服务器可以在请求之前推送资源Server can “hint” that clients fetch resources (e.g. if the server knows the client will need something in the future) 服务器可以“提示”客户端提取资源

Content prioritisation内容优先级

Specify preferred order and priority that server transfers resources to clien指定服务器向客户端传输资源的首选顺序和优先级