The HTTP protocol is the heart of the web. It is a well-designed protocol and consequently has many uses beyond communication between web browsers and web servers.
This presentation describes HTTP using information and terminology from Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing and Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content, the first two parts of the most recent Internet Engineering Task Force (IETF) specification for HTTP/1.1. The "References" section of this presentation contains links to the complete specification.
The abstract in this document has a good summary of the objectives of HTTP:
The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems.
The HTTP protocol
Like many communication protocols, HTTP has two kinds of messages:
As shown above, an HTTP message has two major parts:
Any kind of data coding can be used in the message body. The coding of the header is simple and tightly controlled, but flexible. It must at least provide enough information so that the receiver of the message knows how to decode the message body.
The flexibility of the HTTP protocol is a result of this message structure. A similar message structure pattern is used in many internet protocols.
An HTTP header is coded as multiple lines of ASCII text. Each line is terminated by a carriage return (CR) line feed (LF) character sequence. As shown below it consists of a start line, at least one header line, and it is terminated by blank line. Each header line consists of the name of a value, followed a colon (:), followed by a value.
For a request the start line specifies the general nature of the request and the header lines provide more details.
For a response the start line specifies the status of the response and the header lines provide more details.
Since HTTP is designed for dealing with arbitrary types of data, the message body can use any kind of coding. To help the receiver use it, the header must contain header lines that describes the coding. For example, a "Content-Type" header line can specify the MIME type of the message body, and a "Content-Encoding" header can specify encryption or compression applied to it.
The request target is the URI for the requested resource. It is usually relative to the server root.
The HTTP version is almost always "HTTP/1.1".
General purpose web servers only support the GET, HEAD, and POST methods. However, HTTP is used for many purposes where the other methods are needed.
Web pages frequently contains forms that the user fills in, with a "Submit" button to send data to the server. When this button is clicked a request is sent to the server. For a small amount of data the GET method is used. The form data is encoded into the request URI since GET requests do not have message bodies. The POST method does allow a message body so it is used for larger amounts of data.
The field names below are a few of the many standardized field names that can be used in an HTTP request.
The HTTP response status code is a 3-digit code indicating the status of the response. The codes each have a standard reason phrase.
The status code fall into five general categories:
The field names below are a few of the many standardized field names that can be used in an HTTP response.
The following references make up the most recent version of the Internet Engineering Task Force (IETF) HTTP/1.1 standard.