When IP transmits all kinds of data packets, it is not directly sent to the destination host, but transited through the route, which is similar to the real express transit strategy.
TCP protocol provides byte stream service at the transport layer. It cuts the data in the upper HTTP into segments to facilitate transmission and provide reliable transmission.
Before TCP establishes a connection, three-way handshake is needed. There is a very important sign in the three-way handshake process, which is SYN and ACK.
DNS is a domain name resolution protocol, which is responsible for resolving domain names into IP addresses.
HTTP is a request-response protocol. The communication process must have a client and a server. The client initiates a request and the server responds. In the transmission process, the message content is compressed and encoded and transmitted in the form of blocks.
The GET and POST methods at the beginning of the start line indicate the type of server requested to access, and they are called methods. GET gets the resources of the server, and POST sends information to the server.
Are both GET and POST methods secure and idempotent?
The subsequent URI indicates the resource object that is requested to access.
HOST is the domain name of the server, because using a virtual HOST on the same server may deploy multiple domain names, but after DNS resolution, these domain names all point to the same IP address, so use host to distinguish them.
HTTP/ 1. 1, indicating the http version number.
Connection field: used to manage persistent connections. The version of HTTP/ 1. 1 is a persistent connection by default, but the old version is not. You need to specify this field as Keep-alive, and if you want to disconnect, specify it as close.
Accepted field: indicates the content format acceptable to the client.
Accept-Encoding field: content encoding supported by the client.
Accept-Language field: the language type that the client can handle.
HTTP/ 1. 1 indicates the corresponding http version of the server.
200 OK is the status code of the request processing result.
Http protocol is stateless and does not save previous requests and responses. For example, it is troublesome to log in to Taobao website without saving the login, but it is unrealistic for the server to record the status of each client, which is not in line with the original intention of HTTP lightweight design.
Cookie technology is used to save state, and Cookie information is written in request and response messages.
When the client sends a request message to the server for the first time, the server will add a Set-Cookie field in the response message and set the Cookie value; After the client receives the response, it will save this Cookie value and add this Cookie value to the next request message, so that the server can judge which client the request message comes from according to the Cookie value. Compare records on the server to obtain previous status information.
In the original version of the HTTP protocol, TCP connection and disconnection are required for every HTTP communication, which increases the communication overhead.
HTTP/ 1. 1 and some HTTP/ 1.0 support persistent connection, which is also called Keep-alive method, that is, a TCP connection is established, and HTTP requests and responses are made many times until one end explicitly disconnects.
Pipeline technology is based on persistent connection. In the past, the client sent a request, then waited for the server to respond, and then sent the next request. In the pipeline technology, the client can send multiple requests continuously without waiting for the response from the server, and the server sends the responses one by one after receiving multiple requests.
The server indicates the processing result of the client's request response through the status code. There are five common status codes, as shown in the following figure:
HTTP protocol communicates directly with TCP, while HTTPS communicates with SSL first, and then with SSL and TCP. Simply put, HTTPS is HTTP communication in SSL cloak.
TLS is a prototype protocol developed in SSL, and sometimes they are collectively referred to as SSL.
With SSL, HTTP has the functions of encryption, certificate and integrity protection.
The way to encrypt and decrypt using the same key is called symmetric encryption. When sending encrypted content, the key must also be sent to the other party, so that once the key is hijacked, the encrypted content can be decrypted.
SSL is used in this encryption way.
Asymmetric encryption has two keys, the public key can be sent at will, and the private key is only known to itself.
The sender uses the public key sent by the other party to encrypt the content, and the other party uses its own private key to decrypt it after receiving the ciphertext.
Although asymmetric encryption can ensure that information will not be eavesdropped, when encrypting content, the processing speed of asymmetric encryption is very slow and not as fast as symmetric encryption. Therefore, asymmetric encryption is used to encrypt the symmetric encryption key first, and then symmetric encryption is used to communicate after the key exchange is successful.
In order to verify that the public key is secure, the client and the server will apply to the digital certificate authority CA for digital certificate signature.
In the above process, the application layer will attach a message digest of MAC (Message Authentication Code) when sending data, which can be used to verify whether the message has been tampered with and protect the integrity of the message.
disadvantage?
HTTP2 is based on HTTPS, so it is also encrypted transmission, which can ensure the security of data transmission.
Improvement from HTTP3 to HTTP2
Multiple requests in HTTP2 reuse a TCP connection. The underlying TCP protocol is not clear about how many requests there are. Once packet loss occurs, it will trigger the retransmission mechanism of TCP, so all HTTP requests in a TCP connection will wait for the retransmission of the lost packet. Therefore, HTTP3 changes the lower TCP protocol to UDP protocol.