HTTP Fundamentals

 

 

HTTP Resources 

 

Uniform Resource Locator (URL)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 Browser return below content from server to display for user

 

 

 

 

 

 HTTP Vs IIS Server

IIS server will look at incoming HTTP request on server and return content from physical location of server where it is installed.

IIS Web Server DEMO

 

 

 

 

 Ports, Queries and Fragments

 

DEMO of QueryString

URL Encoding

Commonly Encoded Values for UnSafe Characters

Content Types

Content Negotiation DEMO

HTTP Messages

 

 Manual Request

 

 

 

 

 

 

 

 

 

 

 

DEMO of POST HTTP request

If we refresh this page again 

DEMO of GET HTTP Request

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 The tool Fiddler is used to look Request and Response contents

 

 

 

 

 HTTP Connections

DEMO of HTTP Connections

The tool WireShark is used to TCP/IP Handshaking between client and Server

Evolution of HTTP

Old Browser is using Serial connection HandShaking Mechanism

Modern Browsers using parallel connection Handshaking mechanism

Modern browsers are using Persistent Connection mechanism in Modern browsers

 

Here, Single connection will be used for subsequent request and responses of browser. this is server depends.

 

Look at the connection close header response to indicate that connection closed at server side

 

 

 

 

 

 

Modern browsers are also using Pipe line Connection mechanism in Modern browsers

 

 

 

  HTTP Architecture 

Proxies Servers

If company wants to prohibit Twitter then proxy redirect to BIN

 

 

 

 

 Reverse Proxy can do many services for company, like load balancing, compressing and etc.

 

 

 

 

 

 

  Settings to check proxy at local machine

 

 

 

 

  Caching

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 DEMO of Caching

 

 

 

 

 Some Responses with Private Caching

 

 

 

 

Some responses with No Caching options

 

 

 

  HTTP Security

 

Http is stateless protocol, that means for every request will have response from server and both the client and server will forget about transactions

 

 

 

 

 Below listed Server side methods are available ASP.NET application programming model to save state between Server and Client transactions.

 

 

 

 

 

 Cookies for State Management system

Cookies is client side state management mechanism to store information about HTTP Transactions.

 

 

 

 

 

 

 

 

 

 Tracing Sessions and HTTP Only with the help of Cookies

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 Cookies(Session Cookies is Non persistence), Domains and Persistence

 

Below is non persistence cookie HTTP response.

 

 

 

 Persistence cookie HTTP Response.

 

 

 

 

 

 

  DEMO of Basic Authentication

Take the Basic Authorization information as below

Use below site to decrypt Basic Authorization information which we copied in our previous page

Here Digest authentication is like Basic Authentication, but in digest authentication use Advanced Encryption algorithm which is specified by server.

Chrome browser will be asking to provide user name and password via windows authentication

But IE will not ask user name and password directly instead it will take automatically from current system login identity by setting below settings.

There are two different authentication mechanism in Form based authentication.  that is Secured(HTTPS) and Unsecured(HTTP) protocols.  In HTTPS authentication our credentials would be encrypted based on certificates.

Open ID is centralized authentication mechanism now a days.  At present applications are not ready to store and manage user credentials instead they are dealing with third party credential providers to get the user credentials to manage users' login.

Secure HTTP

HTTPS authentication mechanism is used to in form based authentication method to encrypt request and response messages.