HTTP uses TCP

Stateless: server does not remember previous history.

Persistent: Open TCP connection, get all objects, close (on timeout).

Non-Persistent: Open TCP connection, get one object, close.


HTTP request format:

METHOD URL VERSION — request line

HEADER FIELD NAME    — header lines

ENTITY BODY


Cookies

Allow servers to remember previous information


get, post, put, delete, head

 


Example

Cookies

screen-shot-2016-11-19-at-8-44-39-pm

enable cookies with Java example:

screen-shot-2016-11-19-at-7-17-03-pm

$ curl -v https://www.youtube.com/watch?v=sxiRFwQ1RJ4

*   Trying 4.35.21.178…

* Connected to http://www.youtube.com (4.35.21.178) port 443 (#0)

* TLS 1.2 connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

* Server certificate: *.google.com

* Server certificate: Google Internet Authority G2

* Server certificate: GeoTrust Global CA

> GET /watch?v=sxiRFwQ1RJ4 HTTP/1.1

> Host: http://www.youtube.com

> User-Agent: curl/7.49.1

> Accept: */*

>

< HTTP/1.1 200 OK

< Content-Type: text/html; charset=utf-8

< P3P: CP=”This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info.”

< X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

< Expires: Tue, 27 Apr 1971 19:44:06 EST

< Strict-Transport-Security: max-age=31536000

< Cache-Control: no-cache

< X-Frame-Options: SAMEORIGIN

< X-Content-Type-Options: nosniff

< Date: Sat, 19 Nov 2016 21:47:40 GMT

< Server: YouTubeFrontEnd

< Set-Cookie: YSC=RyyW752y9WY; path=/; domain=.youtube.com; httponly

< Set-Cookie: VISITOR_INFO1_LIVE=hlaTdQMXwu8; path=/; domain=.youtube.com; expires=Fri, 21-Jul-2017 09:40:39 GMT; httponly

< Alt-Svc: quic=”:443″; ma=2592000; v=”36,35,34″

< Accept-Ranges: none

< Vary: Accept-Encoding

< Transfer-Encoding: chunked

Advertisements