Have you ever thought about it? You simply start a browser, type in the website name, and within a second, that webpage appears in your browser tab. But how exactly? That is what we will see in this blog: how HTTP/HTTPS works and why it is important on the internet.
What is HTTP/HTTPS
As humans, we have numerous ways to interact with our friends and family. For example, we can use social media applications to easily contact with our friends and family just like Whatsapp.
Similarly, if we browse for a website, there is a protocol that we use as a mediator to interact with that website, and that protocol is known as HTTP (hyper text transfer protocol). Now, protocol can be defined as a set of rules used to communicate with web servers in order to obtain webpaged data such as html, photos, videos, and so on.
When you want to set up a website on the internet, you will need two things. The first is your domain name, which is a name for your website and a logical address for your computer. The second is your hosting, which is a dedicated computer that connects to the internet 24 hours a day, seven days a week to store your web content. You may get this from any hosting provider.
Difference Between HTTP and HTTPS?
Both protocols are working on the same thing, where HTTP (hypertext transport protocol) is not that secure but HTTPS (hypertext transport protocol secure) provides you with a secure channel for sending and receiving data, or we can say that HTTPS is an upgraded version of HTTP. In HTTPS “S” stands for “Secure”
For data communication, HTTPS provides an encrypted channel. As a result, whenever you fill out a form on any website, your data is securely transmitted to the Webserver.
URL (Uniform Resource Locator)
URL is an instruction on how to reach a resource on the internet, similar to this
- Scheme:-This specifies the protocol used to access the information, whether HTTP, HTTPS, or FPT.
- Host:-This is the name of your visiting website, also known as the domain name or IP address of the server we wish to visit.
- Port:-The port is where we will connect, for example, in HTTP it will be Port 80, in HTTPS it will be 443, however you can host on any port between 1 and 65535.
- Path:-This is the location of the data file you want to access.
- Query String:-This is basically extra information that tells the server exactly what you want. For example, if there is a website with 100 blogs but you want to access blog number 7, you must tell the web server that from the 100 blogs you want to access blog number 7.
HTTP/HTTPS Requests And Responses
HTTP requests allow your browser to say hello to the web server and start creating a connection to extract information from it. You may now make and request to the web server with just one line “GET/HTTP/1.1” as shown below (IMG if making a request)
However, in order to provide a much richer web experience, we must also provide more data to the web server. This additional data is delivered within what are known as headers, which contain extra information to offer to the web server with which we are communicating. For the time being, we will focus on HTTP requests and will discuss headers in future blogs.
Example of HTTP Request
GET /Index.html HTTP/1.1
Host: allsafesecure.com
User-Agent Mozilla/6.0 Firefox/84.0
Referer: https://allsafesecure.com/
· Breakdown of each line in this HTTP/HTTPS Request
- Line:-This request is sent using the GET method, we are requesting the home page with /, and we are informing the webserver that we are using HTTP Protocol version 1.1. ” There are different methods in HTTP Request which use different and we will see some of them in just a movement”
- Line:-Here we provide some information about a website that we would like to visit, such as allsafesecure.com
- Line:-Here we are telling the web server that which browser software we are using with the version number
- Line:-We are informing the web server that the website that directed us to this one is https://allsafesecure.com
- Line:-HTTP requests are always ended with a blank line to notify the web server that our request has been completed.
Example of HTTP/HTTPS Response Which we got from Webserver
HTTP/1.1 200 OK
Server: nginx/1.15.8
Date: Fri, 09 Apr 2021 13:34:03 GMT
Content-Type: text/html
Content-Length: 98
<html>
<head>
<title>Allsafesecure</title>
</head>
<body>
Welcome To Allsafesecure.com
</body>
</html>
· Breakdown of each line in this HTTP/HTTPS Response
- Line:-Here, the server will inform us what HTTP version he is using, such as HTTP1.1, and then the server will give us an HTTP Status code “There are various HTTP status codes, and each code has its own meaning” in this case, we have “200 Ok,” which means the request was successfully completed.
- Line:-The server will provide some information about the software and version number he is using in this section.
- Line:-The web server’s current date, time, and timezone.
- Line:-This is the Content-Type header, which tells the user what type of data or information will be provided by the web server, such as HTML, photos, videos, PDf, XML, and so on.
- Line:-Content-Length informs the client of the length of the response, allowing us to validate that no data is missing.
- Line:-HTTP response contains a blank line to confirm the end of the HTTP response.
- Line to Line 14:-Here we got the information that we Request.
HTTP Methods
By the front end, we simply view the website’s Graphic User Interface (GUI). We can visit any website by typing its name. When making an HTTP request, the client can display their intended action using HTTP methods. There are many HTTP methods, but we’ll go through the most frequent ones, however, you’ll largely be dealing with the GET and POST ways.
- GET Request:- This is used for getting information from a web server
- POST Request:- This is used to send data to the webserver and maybe create new records.
- PUT Request:- This is used to submit data to a web server in order to update any information.
- DELETE Request:- This is used to delete information or data from a web server.
HTTP/HTTPS Status Codes
HTTP Status codes are an indication given by the server as to how the server is handling the HTTP Request and if there is any error while handling the HTTP Request, the server can give us status codes to fix the error. There are multiple HTTP status codes ranging from 100 to 599, and this code is divided into five different ranges.
- 100-199 – Information Response:- When a web server wants to inform a web browser that the first part of their request has been accepted and that they should continue delivering the remaining of their request (These codes are no longer very common)
- 200-299- Success:-When the server receives all of the requests from the web browser successfully, it will use this set of status codes.
- 300-399 – Redirection:-These redirect the client’s request to another resource. This can go to a different webpage or to a separate website entirely.
- 400-499 – Client Errors:-Used to inform the client that their request had an error.
- 500-599 – Server Errors:-When there is a serious problem with the server handling the request, this Status code is used.
Common HTTP/HTTPS Status Codes
- 200- ok:-If you get the status code 200 – OK in the HTTP response, it signifies the request was properly completed.
- 201- Created:-This Status code indicates the creation of a resource (for example a new user or new post on the blog)
- 301- Permanent Redirect:-This redirects the client’s web browser to a different webpage or informs search engines that the page has moved Permanently.
- 302 – Temporary redirect:-This is similar to status code 301, but in this, we redirect the client’s browser to a new webpage while also informing search engines that the page has undergone a temporary change and may change again in the near future.
- 400 – Bad Request:-This status code informs the browser that something in their request was either incorrect or missing.
- 401 – Not Authorised:-It means that you are not currently authorized to browse this resource until you gain access to that online application. typically with a username and password
- 403 – Forbidden:-It means Whether you are logged in or not, you do not have the authorization to view the webpage/data.
- 405 – Method not allowed:-When you send the wrong request to the web server, you get Error Status code 405; for example, if you need to create an account on the website but in the header, you send a GET request instead of a POST request so the server will give this error.
- 500 – Internal Service Error:-When the server is confused about how to handle your request properly, this status code is returned.
- 503- Service unavailable:-This server is unable to handle your request because it is either busy or unavailable for maintenance.