Shulou(Shulou.com)06/01 Report--

This article mainly introduces "what is the meaning and working principle of HTTP and HTTPS". In daily operation, I believe that many people have doubts about the meaning and working principle of HTTP and HTTPS. The editor consulted all kinds of materials and sorted out simple and easy-to-use methods of operation. I hope it will be helpful to answer the doubts about "the meaning and working principle of HTTP and HTTPS". Next, please follow the editor to study!

What is HTTP?

HTTP stands for HyperText Transfer Protocol and is the foundation of the World wide Web. Without it, Web would not be what it is today.

By default, HTTP URL starts with http:// and uses port 80 by default.

The hypertext part of the name indicates that the document or file is involved. These can contain text, images, graphics, video, or any other media.

In addition, they may contain links to other documents or files for cross-reference, which you can easily access after clicking the link with the mouse or touchpad or touching the link on your phone screen.

The transfer part of the name means that files can be moved from one networked device to another over the World wide Web.

As part of the protocol, it consists of a set of computer rules governing how devices can take advantage of the Internet. It also tells them how to use the Internet as a communication medium when connecting remotely to many other devices.

HTTP is built on top of the TCP/IP network protocol suite and other layers in the protocol stack.

TCP/IP is a standardized set of rules that allow browsers and servers to communicate over Internet. After all, the World wide Web is the communication between the browser and the server.

Specifically, HTTP is an application layer protocol, which is the main protocol for communication and data transfer between Web clients and Web servers.

In short, HTTP is a set of rules and standards on how to transfer hypertext files and all kinds of information over the network. This is how the browser communicates with the server.

A typical HTTP request and response process

Use HTTP when the browser wants to connect to a website.

They communicate by sending HTTP requests and receiving HTTP responses. This is called the request-response cycle in the client computer-Web server computing model.

The client (usually a Web browser such as Google Chrome, Mozilla Firefox, or Apple Safari) makes a request. It does this by typing a humanized URL (uniform Resource Locator) like W3Cschool.cn in the address bar at the top of the browser.

The domain name, W3Cschool.cn, is mapped to the response server according to the IP address and the domain name system (DNS).

The Web browser then connects to the server and issues an HTTP request that it needs to receive information to load the web page.

The HTTP request might look like this:

GET / HTTP/1.1Host: www.freecodecamp.org

It includes:

A HTTP method, usually called a HTTP verb, such as GET. This particular verb is used to obtain information. Another common verb is POST, which is used when the client submits data in a form. The verb specifies what the browser expects to do from the server.

The path, which in our example is /, in the root path. The server stores all the files that make up the Web site, so the request needs to specify the part that the browser requests to load.

The HTTP type and its version.

The domain name of URL.

The Web server then receives the request and processes it by looking up the requested data.

The server is a computer that is different from the one we use every day. Its sole purpose is to store data and files and to retrieve and distribute them as needed.

The server returns a message or HTTP response to the browser.

Examples of responses are as follows: HTTP/1.1 200OK

Start with the protocol and version of HTTP/1.1

Next is the HTTP status code, a 3-digit number, in this case 200. It indicates whether the HTTP request has been completed. The status code that begins with 2 indicates success and the request has completed successfully. The status code that begins with 4, such as 404, indicates a client error (such as an error typed in URL), so the page does not appear in the browser. The status code that begins with 5 indicates a server-side error, and the page is not displayed in the browser again.

Then there is the status text, human-readable text, which summarizes the meaning of the status code. In this case, it is "OK", which means that the requested document was successfully retrieved.

The HTTP response also includes headers that may look like the following:

Date: Thu, 12 Aug 2021 12:07:16 GMTserver: cloudflarecontent-type: text/html; charset=utf-8

The header includes important information about the type of content sent back, such as the language, format, and time when the response was sent.

Finally, the response to the "GET" request includes the optional HTTP body. This contains the requested information, such as the HTML/CSS/JavaScript file that makes up the Web site.

The browser then receives the response, renders the page, and closes the connection.

Every time it needs to load a new element (such as a different style or image or video) on the page, it starts a new connection and the whole process is repeated again.

Limitations of HTTP

HTTP is fast because of its simplicity, but it does not provide security when exchanging data. This is because all data is transmitted in plain text and is not encrypted at all.

During transmission, hypertext data is broken down into "packets", and anyone with the right tools, skills, and knowledge between the browser and the server can easily view and steal the information being transmitted.

This means that usernames, passwords, and sensitive information are at risk of being accessed by attackers, while the risk of virus injection is high.

This means that HTTP is not a secure or private medium, causing users to feel insecure.

HTTP is secure for some websites, such as blogs, but you should not submit any credit card or other personal information through a HTTP connection.

What is HTTPS?

HTTPS stands for HyperText Transfer Protocol Secur.

By default, HTTPS URL starts with https:// and uses port 443 by default.

It is not a protocol independent of HTTP, but it is a more secure and confidential version of it. This is the most secure way to transfer data between the browser and the server.

Most websites now use HTTPS instead of HTTP. Therefore, always make sure that the site uses HTTPS before submitting any sensitive information, such as logging into your bank account and conducting financial transactions.

You can determine whether the site is secure and has a HTTPS connection by the lock icon on the left side of the address bar:

Unlike HTTP, which works at the application layer, HTTPS works at the transport layer.

How does HTTPS work?

Each packet sent over an HTTPS connection is encrypted and secured over the HTTP using an encryption protocol such as TLS or SSL.

Transport layer Security (TLS), formerly known as secure Sockets layer (SSL), is a protocol used to encrypt communications. It is a newer and more secure version of SSL.

TLS provides security against attacks, and its three main goals are authentication, privacy, and overall security.

TLS protects communications by using asymmetric key algorithm Public key Infrastructure (PKI). The system uses two unique related keys to encrypt and decrypt sensitive information so as to realize secure communication on the Internet.

The two keys are used together, and in this way TLS creates a link between the sender and the receiver. It ensures that both sides are identified and that it is what they say it is.

First of all, you must put the public key. It can be viewed publicly and can be shared with everyone and anyone who wants to interact with the site.

This key is used to convert plaintext to ciphertext, encrypt the data, and encrypt the data as a lock. It also confirms the owner of the private key. The distribution of the public key to the browser is done through a certificate.

Each public key then has a unique private key, and they work in pairs. You use this key to decrypt the information. Data encrypted with a public key can only be decrypted with the corresponding unique private key.

It is this unique private key that unlocks and decrypts the data. The private key also confirms that the information is yours. This key is confidential, stored, and available only to its owner.

A secure connection is established and certificates are exchanged before any actual data is transmitted.

The client enters the URL of the web page they want to visit. The server of the web page is sent through a TLS or SSL certificate containing the public key to initiate the connection. The client and server go back and forth several times (called a TLS/SSL handshake) until a secure session is established.

At this point, the study of "what is the meaning and working principle of HTTP and HTTPS" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.