HTTP Request: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 20: Line 20:


=The HTTP Method=
=The HTTP Method=
The '''HTTP method''' is also known as '''HTTP verb'''.


The HTTP Methods are: GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS and CONNECT. The most common are GET and POST.
The HTTP Methods are: GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS and CONNECT. The most common are GET and POST.

Revision as of 01:01, 26 September 2018

Internal

Overview

A HTTP request consists of a header section, followed by a blank line, followed by the request body.

An example of a header section follows:

GET /intro.html HTTP/1.1
User-Agent: Mozilla/4.0
Accept: image/gif, image/jpeg, text/*, */*

The first line of the request specifies the method, the Request-URI of the document and the version of the HTML protocol it is using. The next lines contain optional Headers. After the headers, the client sends a blank line to indicate the end of the header section. An optional body follows.

The HTTP Method

The HTTP method is also known as HTTP verb.

The HTTP Methods are: GET, POST, PUT, HEAD, DELETE, TRACE, OPTIONS and CONNECT. The most common are GET and POST.

HTTP methods in RFC 2616: http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html

GET

The GET method is designed for getting information, such as a document, a chart or the result from a database query. The GET method can include as part of the request some of its own information that better describes what to get. This information is passed as a query string: a sequence of characters appended to the request URL. Placing the extra information in the URL in this way allows the page to be bookmarked or emailed like any other. Because GET requests theoretically shouldn't need to send large amounts of information, some servers limit the length of URL's and query string to about 240 characters.

GET is read-only. It is idempotent (repeated application does not modify the resource except the first time) and safe (does not change the state of the resource).

POST

The POST method is designed for posting information. A POST request passes all its data, of unlimited length, directly over the socket connection as part of its HTTP request body. The exchange is invisible to the client, the URL doesn't change at all, so POST requests cannot be bookmarked.

The data can be actually encoded over the connection using different encoding types:

  • application/x-www-form-urlencoded - this is what HttpClient uses by default.
  • multipart/form-data

POST is non-idempotent and unsafe operation, each POST method is allowed to modify the resource in an unique way. Information may or may not be sent information with the requests. Information may or may not be received with the response.

PUT

The PUT request instructs the server to store the message body sent with the request under the location provided in the HTTP message. Usually modeled as an insert or update. It is idempotent.

DELETE

The DELETE request is used to remove resources. It is idempotent.

HEAD

Similar to GET, except that instead of returning a response body, it only returns a response code and headers.

OPTIONS

Used to request information about communication options of the resource. Allows the client to determine the capabilities of the server, without triggering any resource action or retrieval.

Request-URI

The Request-URI is a Uniform Resource Identifier and identifies the resource upon which to apply the request.

HTTP Query String Parameters

HTTP query string parameters are encoded in the URL and can be accessed from a servlet using: HttpServletRequest.getParameter(String name)

Example:

http://localhost/something?a=100&b=200

"a" and "b" are query string parameters.

HTTP Method Parameters

Headers

RFC 822

The HTTP request headers are present in the HTTP request itself, as a list of strings, terminated by an empty line. The header section can be (or not) followed by a body.

The header format is governed by RFC822. From RFC822: Each header field can be viewed as a single, logical line of ASCII characters, comprising a field-name, followed by a colon (":") and a field-body. For convenience, the field-body portion of this conceptual entity can be split into a multiple-line representation (folding). The field name must be composed of printable ASCII characters (i.e., characters that have values between 33 and 126, except colon).

The field value can be preceded or trailed by any amount of white space, though a simple space character is preferred. The white space occurring before the first non-whitespace character of the field body or after the last non-whitespace character of the field body may be removed without changing the semantics of the field body. The field body can contain quoted strings.

Header fields can be extended over multiple lines by preceding each extra line with at least one space or tab.

The field body can be empty: the name-only headers are legal.

The field body may contain white spaces. In this case, the white space may be replaced with a single space character before interpreting the field value or forwarding the message

HTTP request headers can be accessed from an Apache httpclient method using HttpMethod.getRequestHeaders(). HTTP request headers can be accessed from a servlet request using HttpServletRequest.getHeader(String name).

Duplicate Header Names

Multiple headers with the same field name may be present in a message. In this case, the entire value for that header is defined as a comma-separated list, where the value is the combination of the multiple header fields into one "field-name: field-value" pair, without changing the semantics of the message, by appending each subsequent field-value to the first, each separated by a comma. The order in which header fields with the same field-name are received is therefore significant to the interpretation of the combined field value. A proxy must not change this order when a message is forwarded.

Header Case Independence

When working with header names, capitalization does not matter. Case is to be ignored. For example, the field-names "From", "FROM", "from", and even "FroM" are semantically equal and should all be treated identically.

Header Order

The order in which header fields with differing field names are received is not significant. However, it is "good practice" to send general header fields first, followed by request header or response header fields, and ending with the entity header fields.

General Headers

General Headers

Request Headers

Entity Headers

Entity Headers

The Blank Line

The HTTP Request Body

The optional request body is referred to as the HTTP entity:

HTTP Entity