Clear text transmission: The data transmitted by HTTP is unencrypted clear text, which is easy to be eavesdropped, tampered and hijacked by hackers.
Stateless: HTTP is a stateless protocol, that is, the server will not save the client's previous request information. Each request is independent, and the server cannot be sure that it is the same user.
Request-response model: HTTP adopts the request-response model. The client sends a request to the server, and the server returns the corresponding data after processing. This model is simple and direct, but it limits the ability of the server to send data to the client actively.
HTTPS is a protocol that adds a layer of security to HTTP. It uses SSL or TLS encryption protocol to protect data transmission security. HTTPS has the following features and advantages:
Data encryption: HTTPS uses encryption algorithm to encrypt the transmitted data, which makes the data difficult to be eavesdropped and tampered during transmission, and improves the security of transmission.
Authentication: HTTPS verifies the identity of the server through a certificate to ensure that the client uses the correct target to communicate with the server. This can prevent security threats such as man-in-the-middle attacks and DNS hijacking.
Data integrity: HTTPS uses digest algorithm (such as MD5, SHA, etc. ) to check the transmitted data to ensure that the data has not been tampered with or damaged during transmission.
Search engine optimization is friendly: search engines prefer HTTPS-encrypted websites as a factor in search ranking.