HyperText Transfer Protocol
he HyperText Transfer Protocol (HTTP) is a protocol
(a set of rules that describe how information is exchanged on a network)
that allows a web browser and a web server to "talk" to each other using
the ISO Latin1 alphabet, which is ASCII with extensions for European languages.
HTTP is based on a request/response model.
The client connects to the server and sends a request to the server. The
request contains the following: request method, URI, and protocol version.
The client then sends some header information. The server's response includes
the return of the protocol version, status code, followed by a header that
contains server information, and then the requested data. The connection
is then closed.
The Netscape Enterprise Server 3.0 supports HTTP
1.1. Previous versions of the server supported HTTP 1.0. The server is
conditionally compliant with the HTTP 1.1 proposed standard, as approved
by the Internet Engineering Steering Group (IESG) and the Internet Engineering
Task Force (IETF) HTTP working group. For more information on the criteria
for being conditionally compliant, see the Hypertext Transfer Protocol--HTTP/1.1
specification (RFC 2068) at:
http://www.ietf.org/html.charters/http-charter.html
This chapter provides a short introduction to a few
HTTP basics. For more information on HTTP, see the IETF home page at
http://www.ietf.org/home.html.
Requests
A request from a client to a server includes the
following information:
-
Request method
-
Request header
-
Request data
Request method
A client can request information using a number of
methods. Commonly used methods include the following:
-
GET--Requests the specified document
-
HEAD--Requests only the header information for the document
-
POST--Requests that the server accept some data from the client,
such as form input for a CGI program
-
PUT--Replaces the contents of a server's document with data from
the client
Request header
The client can send header fields to the server.
Most are optional. Some commonly used request headers are shown in Table
A.1.
Common request headers
Request header
|
Description
|
Accept
|
The file types the client can accept.
|
Authorization
|
Used if the client wants to authenticate itself
with a server; information such as the username and password are included.
|
User-agent
|
The name and version of the client software. |
Referer
|
The URL of the document where the user clicked
on the link.
|
Host
|
The Internet host and port number of the resource
being requested.
|
Request data
If the client has made a POST or PUT
request, it can send data after the request header and a blank line. If
the client sends a GET or HEAD request, there is no data
to send; the client waits for the server's response.
Responses
The server's response includes the following:
-
Status code
-
Response header
-
Response data
Status code
When a client makes a request, one item the server
sends back is a status code, which is a three-digit numeric code. There
are four categories of status codes:
-
Status codes in the 100-199 range indicate a provisional response.
-
Status codes in the 200-299 range indicate a successful transaction.
-
Status codes in the 300-399 range are returned when the URL can't be retrieved
because the requested document has moved.
-
Status codes in the 400-499 range indicate the client has an error.
-
Status codes of 500 and higher indicate that the server can't perform the
request, or an error has occurred.
Table A.2 contains
some common status codes.
Common HTTP status codes
Status code
|
Meaning
|
200
|
OK; successful transmission. This is not an error.
|
302
|
Found. Redirection to a new URL. The original
URL has moved. This is not an error; most browsers will get the new page.
|
304
|
Use a local copy. If a browser already has a
page in its cache, and the page is requested again, some browsers (such
as Netscape Navigator) relay to the web server the "last-modified" timestamp
on the browser's cached copy. If the copy on the server is not newer than
the browser's copy, the server returns a 304 code instead of returning
the page, reducing unnecessary network traffic. This is not an error.
|
401
|
Unauthorized. The user requested a document but
didn't provide a valid username or password.
|
403
|
Forbidden. Access to this URL is forbidden.
|
404
|
Not found. The document requested isn't on the
server. This code can also be sent if the server has been told to protect
the document by telling unauthorized people that it doesn't exist.
|
500
|
Server error. A server-related error occurred.
The server administrator should check the server's error log to see what
happened.
|
Response header
The response header contains information about the
server and information about the document that will follow. Common response
headers are shown in Table A.3.
Common response headers
Response header
|
Description
|
Server
|
The name and version of the web server.
|
Date
|
The current date (in Greenwich Mean Time).
|
Last-modified
|
The date when the document was last modified.
|
Expires
|
The date when the document expires.
|
Content-length
|
The length of the data that follows (in bytes).
|
Content-type
|
The MIME type of the following data.
|
WWW-authenticate
|
Used during authentication and includes information
that tells the client software what is necessary for authentication (such
as username and password).
|
Response data
The server sends a blank line after the last header
field. The server then sends the document data.
Copyright 1997 Netscape Communications Corporation.
All rights reserved.