Saturday, 31 August 2013

HTTP Fundamentals

 

 

HTTP Resources 

 

Uniform Resource Locator (URL)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 Browser return below content from server to display for user

 

 

 

 

 

 HTTP Vs IIS Server

IIS server will look at incoming HTTP request on server and return content from physical location of server where it is installed.




IIS Web Server DEMO


















 



 

 

 

 Ports, Queries and Fragments

 








DEMO of QueryString










URL Encoding





Commonly Encoded Values for UnSafe Characters




Content Types














Content Negotiation DEMO







HTTP Messages









 



 Manual Request

 

 

 

 

 

 

 

 

 

 

 

















DEMO of POST HTTP request




If we refresh this page again 







DEMO of GET HTTP Request












 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 The tool Fiddler is used to look Request and Response contents

 

 

 

 

 HTTP Connections





DEMO of HTTP Connections












The tool WireShark is used to TCP/IP Handshaking between client and Server




Evolution of HTTP


Old Browser is using Serial connection HandShaking Mechanism


Modern Browsers using parallel connection Handshaking mechanism












Modern browsers are using Persistent Connection mechanism in Modern browsers

 

Here, Single connection will be used for subsequent request and responses of browser. this is server depends.

 



Look at the connection close header response to indicate that connection closed at server side

 

 

 

 

 

 

Modern browsers are also using Pipe line Connection mechanism in Modern browsers

 

 

 

  HTTP Architecture 











Proxies Servers




If company wants to prohibit Twitter then proxy redirect to BIN










 

 

 

 

 Reverse Proxy can do many services for company, like load balancing, compressing and etc.

 

 

 

 

 

 

  Settings to check proxy at local machine

 

 

 

 

  Caching

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 DEMO of Caching

 

 

 

 

 Some Responses with Private Caching

 

 

 

 

Some responses with No Caching options

 

 

 

  HTTP Security

 

Http is stateless protocol, that means for every request will have response from server and both the client and server will forget about transactions

 

 

 

 

 Below listed Server side methods are available ASP.NET application programming model to save state between Server and Client transactions.

 

 

 

 

 

 Cookies for State Management system

Cookies is client side state management mechanism to store information about HTTP Transactions.

 

 

 

 

 

 

 

 

 

 Tracing Sessions and HTTP Only with the help of Cookies

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 Cookies(Session Cookies is Non persistence), Domains and Persistence

 

Below is non persistence cookie HTTP response.

 

 

 

 Persistence cookie HTTP Response.


 

 

 

 

 

 

  DEMO of Basic Authentication









Take the Basic Authorization information as below




Use below site to decrypt Basic Authorization information which we copied in our previous page





Here Digest authentication is like Basic Authentication, but in digest authentication use Advanced Encryption algorithm which is specified by server.











Chrome browser will be asking to provide user name and password via windows authentication



But IE will not ask user name and password directly instead it will take automatically from current system login identity by setting below settings.








There are two different authentication mechanism in Form based authentication.  that is Secured(HTTPS) and Unsecured(HTTP) protocols.  In HTTPS authentication our credentials would be encrypted based on certificates.












Open ID is centralized authentication mechanism now a days.  At present applications are not ready to store and manage user credentials instead they are dealing with third party credential providers to get the user credentials to manage users' login.



Secure HTTP


HTTPS authentication mechanism is used to in form based authentication method to encrypt request and response messages. 






































 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

No comments:

Post a Comment