catalogs
I. Introduction to GET and POST
Third, the first acquaintance with the request header and sticky packet problem
IV. Recognizing the remainder of the request header
I. Introduction to GET and POST
GET https://www.sogou.com/HTTP/1.1
The method in the request message, which is the most conventional method (getting resources)
POST: method of transmitting the body of the entity
Generally speaking the weight of the method
GET accounts for 80% of
POST takes up 10%
A variety of other miscellaneous methods one into a
The semantics of the method description:
GET: Get XXX from the server
POST (Common Contextual Login, Upload): Transmits an XXX from the server
But then people don’t really follow that semantics anymore
The main difference between POST and GET
GET puts some custom data into the QueryString, the body is usually empty
POST puts some customized data into the body, the QueryString is usually empty
Commonality: both transmit to the server, there is no difference in the nature of thePut in the URL QueryString user can see, Body is not visible.
classic interview question
Uploading and logging in to POST more
Essentially the data goes wherever you put it, and the two can be substituted for each other, just remember that the
Body users are not visible (not bookmarkable)
QueryString:user-visible (favorites can be bookmarked)
Partial misrepresentation on the internet: 💢 💢 💢
1. longer data into the body (with POST) Reason: GET request, the URL has a limit, the provisions of the specific length of the upper limit (1kb,2kb —- old calendar, a long time ago)
2. POST is safer than GET, we say that the security are: not easy to be hacked, even if the POST just so that ordinary users can not see the data, but does not affect the hacker’s operations to ensure the safety of the key is the transmission of sensitive data encryption!
Some of the statements on the web that need attention (not quite right).
1. GET and POST have different semantics.
The designers initially assigned different semantics, but in practice they are not always fully adhered to
E.g. there are companies that POST whether you request or send
2. GET is idempotent, POST is not idempotent.
Give you the same input, every time is the same output is idempotent, every time the output is not the same is not idempotent (said idempotent is actually more like to say that your output is not stable, at any time to make changes) (like Baidu infertility ads, the first location is certainly not the hospital in Beijing but your local hospital.
3GET requests can be cached, POST cannot be cached
Some operations, more time-consuming, rather than having to recalculate each time, it is better to save the result, in the next save, go to the direct access to him (but the premise of access is idempotent, in other words, 23 put together easier to remember)
ii. blank lines and body
Empty line, equivalent to a separator separates the header and body describes the body from where to start, body format, in fact, there are many kinds, here body format and previously said QueryString
body:encrypt key=password&utf8=%E2%9C%a3&anthenticy_token=jp%24subbyhwj
It is also a key-value pair, but urlencoded, and in the login scenario, it contains authentication information such as the username and password for the current login.
Third, the first acquaintance with the request header and sticky packet problem
The request header is also a key-value pair structure, where each line is a key-value pair, and the keys are separated from the values using, for example, spaces:
Cookie: xxxx (space between key and value)
QueryString (key-value pairs in the body, completely customized by the program, and key-value pairs in the header, mainly standardized (what are the values, what are the corresponding values, but of course, he will also have customized parts))
Host: server host address and port, Host content, not really in the URL already have it, why do you have to go to say it again?
Reason: The HOST content and URL are the same, but there are exceptions, and if a proxy is used, they are not necessarily the same.
Content-Length-> describes how many bytes the length of the body, some have body, some do not, if there is no body, this field can not, if there is a body, then this field must have. Otherwise it is an illegal request.
The body starts with a blank line and counts as long as the Content-Length, which is the end of the body.
This lengthDoes Content-Length remind you of a classic – yes our TCP sticky packet problem.HTTP based on TCP to solve the problem, when the browser continuously initiates multiple HTTP requests, or the server continuously returns HTTP server, the server and the browser how to distinguish from where to where is a complete HTTP data it (this is the problem of sticky packets,)The old way 1: the use of delimiters, 2: the use of length, HTTP both, if it is GET, there is no Body to use an empty line as the end of the punctuation, if it is POST, there is a Body, the use of length to distinguish the end.)
IV. Recognizing other parts of the request header
Data format in the Body of a Content-Type request <–> HTTP has multiple uses and transfers data of many kinds
There are three main categories:
1. application/x-www-form-urlended:Body has the same format as QueryString (login request)
2.multiport/form-data General upload files / or images will be this case (of course, not absolute, code cloud uploaded images are not this kind)
3.application/json:body is in json format
Of course, this is the format of the request, if the response may be more complex such as html:text/html—– image/jpg/applictaion/json/text/css are possible, through the Content-Type can be distinguished from the body format is what, especially the browser, according to the different formats to decide how to Processing , a lot of resources on a website is fixed (css, images, js rarely change) in order to improve the loading speed of the site, will be the first visit, the resources cached locally (that is, on the hard disk of your browser’s computer) the next visit, you do not have to re-visit the disk.
4.User-Agent(UA)
User-Agent:Mozila/5.0/windows NT 10.0;win64;x64 (operating system version, win64, like my computer ARM architecture) AppleWebKit/537.36(KHTML ,like Gecko don’t need to know),Chrome/116.0.0.0 Safari/537.36
It’s a relic of the old days.
Newer browsers support more features and older browsers support fewer features, but at the same moment, there are people in the market who use the newer browser versions and people who use the older ones
If you develop a Web site at this time, will you choose to let him have more awesome features? (If you have, new users comfortable, but old users can not be used), smart apes thought of a way: the browser to send HTTP requests, to the server to self-reporting, tell the server, I am using what system, what browser to access the Internet, the server can be based on the information, to distinguish between the treatment. -> (so that he becomes more compatible), UA main distinction between the PC / mobile (PC: computer, mobile: cell phone)
Refer:Describes where the current page is coming fromIf you enter the URL directly through the browser address and click on a favorite page, the request is a referer, but if you click on the content of someone’s web page and generate a jump, it is a referer.
General advertisers may advertise on multiple sites, advertisers respectively statistics from Baidu, Sogou, which comes from which end of the search engine to give them , of course your refeerer is the premise of the explicit transmission.
Of course, this is also prone to a situation called “operator hijacking”, for example, ads from Sogou, you change it to Unicom, which will increase the operator’s revenue.