HTTP Fundamentals
HTTP stands for Hypertext Transfer Protocol. It is a method for encoding and transporting information between a client (such as a web browser) and a web server. HTTP is the primary protocol for the transmission of information across the Internet. So, let’s learn the fundamentals of HTTP.
What are Cookies?
Cookies are usually small text files, given ID tags that are stored on your computer’s browser directory or
program data subfolders.
GET /spec.html HTTP/1.1
Host: www.example.org
Cookie: theme=light; sessionToken=abc123
Record the user’s browsing activity.
Which pages were visited in the past?
Contain the name of the domain & Lifetime.
Tool : EditThisCookie – http://bit.ly/1oe1o08
What is Authentication?
Authentication is the process of showing your credentials, such as your username, password, or another secret key, to the system and having the system verify your credentials or you. In API terms, Authentication is used to protect content on the web. This means that only a valid user with valid credentials can access that API endpoint. These credentials tell the system who you are. Which allows the system to make sure and confirm a user’s identity. Here, a “system” can be anything, like a computer, phone, bank, or even a physical office building.
Basic authentication – String is encoded with Base64.
curl –header “Authorization: Basic am9objpzZWNyZXQ=” my-website.com
Digest Authentication – Authentication is performed by transmitting the password in an ENCRYPTED
form. (With Some Salt etc)
OAuth– Authentication protocol that allows you to approve one application interacting with another on your behalf without giving away your password.
We can create an HTTP request from the browser by typing a URL.
HTTP Methods Explained
| Method | Description |
|---|---|
| GET | Request to read web page |
| HEAD | Request to read a web page’s header |
| PUT | Request to store a web page |
| POST | Append to a named resource (e.g. a Web page) |
| DELETE | Remove the web page |
| TRACE | Echo the incoming request |
| CONNECT | Reserved for the future use |
| OPTIONS | Query certain options |
GET
The HTTP GET method is used to read (or retrieve) a representation of a resource. In case of success (or non-error), GET returns a representation in JSON and an HTTP response status code of 200 (OK). In an error case, it most often returns a 404 (NOT FOUND) or 400 (BAD REQUEST).
POST
The POST method is most often utilized to create new resources. In particular, it is used to create subordinate resources. That is subordinate to some other (e.g. parent) resource. In other words, when creating a new resource, POST to the parent and the service takes care of associating the new resource with the parent, assigning an ID (new resource URI), etc.
On successful creation, HTTP response code 201 is returned.
PATCH
PATCH is used to modify resources. The PATCH request only needs to contain the changes to the resource, not the complete resource.
In other words, the body should contain a set of instructions describing how a resource currently residing on the server should be modified to produce a new version.
DELETE
DELETE is quite easy to understand. It is used to delete a resource identified by filters or IDs.
On successful deletion, the HTTP response status code 204 (No Content) returns with no response body.
To learn further, you may also see API Concepts.
