HTTP/HTTPS
HTTP (Hypertext Transfer Protocol) is a standard protocol that is mainly used for IP communication between servers and clients on the Internet. The client is usually a web browser that requests a website from a web server. Another use case for the HTTP protocol is REST (Representational State Transfer) web services.
Furthermore, HTTP is a stateless protocol, each command is handled independently. After a server has responded to a client request, the connection is closed again. A client has the option of informing the server that the connection should be maintained after a request.
HTTP methods
The HTTP standard (version 1.1) defines different methods that a HTTP server can offer to requesting clients. In particular, GET, POST, and PUT are some of the most commonly used HTTP methods. The following table contains all HTTP methods defined in the standard.
HTTP method | Description |
|---|---|
GET | Requests a resource from the server. |
POST | Transfers data to the server. |
PUT | Replaces or creates a resource on the server with the request payload. |
CONNECT | Establishes a SSL tunnel to a server. |
DELETE | Deletes the addressed resource from the server. |
HEAD | Same functionality as GET, without payload data. |
OPTIONS | Requests the available communication options from the server. |
TRACE | Performs a message loopback for testing purposes. |
PATCH | Same functionality as PUT, but used for partial changes of resources. |
A user must know that not every server implements all these methods. According to the specification, only GET and HEAD are mandatory for a specification-compliant server, all other commands are optional. There is also the possibility that user credentials are required to access resources on a server.
HTTP status codes
An HTTP response is divided into header and body. An important part of this response is the HTTP status code. The HTTP status code delivers information about the request back to the client. The following table shows the defined ranges of the HTTP status code.
Status code range | Description |
|---|---|
100-199 | Status codes that contain information messages. |
200-299 | Status codes that inform the client about a successful request. |
300-399 | Status codes that show a diversion and request an interaction from the user. |
400-499 | Status codes that show error messages (triggered by the client). |
500-599 | Status codes that show error messages (triggered by the server). |
HTTPS
HTTPS (Hypertext Transfer Protocol Secure) is an extension of the HTTP protocol, which implements TLS (Transport Layer Security). Data sent using the HTTP protocol is completely unencrypted and therefore does not meet the security requirements for sending passwords or credit card information, for example. In addition to the encryption of transported data, HTTPS also offers server authentication.