2.1.2- Going Deeper into HTTP

<< 2.1.1- How the Web Server and Browser Communicate

Chapter2

2.2.0- How Scripting Languages Work >>

Going Deeper into HTTP

There's still quite a lot of technical detail missing here, so let's dig further down and look more closely at exactly how HTTP works. When a request for a web page is sent to the server, this request contains more than just the desired URL. There is a lot of extra information that is sent as part of the request. This is also true of the response – the server sends extra information back to the browser. It's these different types of information that we'll look at in this next section.

A lot of the information that is passed within the HTTP message is generated automatically, and the user doesn't have to deal with it directly, so you don't need to worry about transmitting such information yourself. While you don't have to worry about creating this information yourself, you should be aware that this extra information is being passed between machines as part of the HTTP request and HTTP response – because the ASP that we write can allow us to have a direct effect on the exact content of this information.

 

Every HTTP message assumes the same format (whether it's a client request or a server response). We can break this format down into three sections: the request/response line, the HTTP header and the HTTP body. The content of these three sections is dependent on whether the message is an HTTP request or HTTP response – so we'll take these two cases separately.

Let's just pause and illustrate our understanding of the process now:

 

We can see that the HTTP request and HTTP response have broadly similar structures and that there is information that is common to both, which is sent as part of the HTTP header. There are other pieces of information that can only be known to either the browser or the server, and that are also sent as part of either the request or response. It makes sense to examine their constituent parts in greater detail.

The HTTP Request

The HTTP request is sent by the browser to the web server and it contains the following.

The Request Line

The first line of every HTTP request is the request line, which itself contains three pieces of information: first, an HTTP command known as a method; second, the URL of the file that the client is requesting; third, the version number of HTTP. So, an example request line might look like this:

 

GET /testpage.htm HTTP/1.1

 

The method is used to tell the server the amount of information the browser requires, and how much information is being sent. Here are three of the most common methods that might appear in this field:

 

Method	Description
GET	This is a request for information residing at a particular URL. The majority of HTTP requests made on the Internet are GET requests. The information required by the request can be anything from an HTML or ASP page to the output of a VBScript, JavaScript or PerlScript program or some other executable. You can send some limited data to the browser, in the form of an attachment to the URL.
HEAD	This is the same as the GET method except that it indicates a request for the HTTP header only and no data.
POST	This request indicates that data will be sent to the server as part of the HTTP body. This data is then transferred to a data-handling program on the web server. For example, we'll use this setting in Chapter 7 to pass information, which will then be used on the server as part of the ASP-handling process.

 

There are a number of other methods supported by HTTP – including PUT, DELETE, TRACE, CONNECT, OPTIONS. As a rule, you'll find that these are less common; they are beyond the scope of this discussion. If you want to know more about these, take a look at RFC 2068, which you'll find at http://www.faqs.org/rfcs/rfc2068.html.

The HTTP Header

The next bit of information sent is the header. This contains details of what document types the client will accept back from the server; the type of browser that has requested the page; and the date and general configuration information. The HTTP request's header contains information that falls into three different types:

 

General: contains information about either the client or server, but not specific to one or the other

Entity: contains information about the data being sent between the client and server

qRequest: contains information about the client configuration and different types of acceptable documents

 

An example header might look like this:

 

ACCEPT:*/*

ACCEPT_LANGUAGE:en-us

CONNECTION:Keep-Alive

HOST:webdev.wrox.co.uk

REFERER:http://webdev.wrox.co.uk/books/SampleList.asp?bookcode=3382

USER_AGENT:Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)

 

As you can see, the header is composed of a number of lines; each line contains the description of a piece of header information, and then its value.

 

There are a lot of headers, and most of them are optional, so HTTP has to indicate when it has finished transmitting the header information. To do this, a blank line is used. A list of HTTP headers can be found in Appendix I.

The HTTP Body

If the POST method was used in the HTTP request line, then the HTTP request body will contain any data that is being sent to the server – for example data that the user typed into an HTML form. (We'll see examples of this later in the book). Otherwise, the HTTP request body will be empty.

The HTTP Response

The HTTP response is sent by the server back to the client browser, and contains the following.

The Response Line

The response line contains only two bits of information: first, the HTTP version number; and second, an HTTP request code that reports the success or failure of the request. An example response line might look like this:

 

HTTP/1.0 200 OK

 

This example returns the HTTP status code 200, which represents the message 'OK'. This denotes the success of the request, and that the response contains the required page or data from the server. You may recall that we mentioned the status code 404 a few pages ago – if the response line contains a 404 then the web server failed to find the requested page. Error code values are three-digit numbers, where the first digit indicates the class of the response. There are five classes of response:

 

 

You'll find a full listing of these error codes in Appendix G.

The HTTP Header

The HTTP response header is similar to the request header, which we discussed above. In the HTTP response, the header information again falls into three types:

 

• General: contains information about either the client or server, but not specific to one or the other
• Entity: contains information about the data being sent between the client and the server
• Response: Information about the server sending the response and how it can deal with the response

Once again, the header consists of a number of lines, and uses a blank line to indicate that the header information is complete. Here's a sample of what a header might look like:

 

HTTP/1.1 200 OK the status line

Date: Mon, 1st Nov 1999, 16:12:23 GMT the general header

Server: Microsoft-IIS/4.0 the response header

Last-modified: Fri, 29th Oct 1999, 12:08:03 GMT the entity header

 

The first line we've already discussed, the second is self-explanatory. The third line indicates the type of software the web server is running, and as we are requesting a file somewhere on the web server, the last bit of information refers to the last time the page we are requesting was modified.

 

The header can contain much more information than this, or different information, depending on what exactly is requested. If you want to know more about the different types of information contained in the three parts of the header, you'll find them listed in RFC 2068 (Sections 4.5, 7.1 and 7.2).

The HTTP Body

If the request was successful, then the HTTP response body contains the HTML code (together with any script that is to be executed by the browser), ready for the browser's interpretation.

<< 2.1.1- How the Web Server and Browser Communicate

Chapter2

2.2.0- How Scripting Languages Work >>