HTTP protocol, GET and POST request and response headers

HTTP protocol works with TCP/IP to transfer data, it uses the GET or POST request to retrieve the response from server, the response status is known by a code which tells what was the response or else if error occured what was the error and its cause.


HTTP: HTTP is a application level protocol which is used to transmit data over the web. It uses the TCP/IP protocol as its carrier. HTTP is a well known protocol mainly used to transfer the data in the form of text or byte stream over the WWW. All web browsers support this protocol. Also there is a secure version of this protocol known as HTTPS which used encryption to ensure data security.

The HTTP works on the phenomenon of the Request and Response. The web browser sends the request and after server processes the request a response is composed corresponding to that request. All the web development languages support this protocol of HTTP. Java is no exception. Even Java provide the inbuilt support in the form of HttpServletRequest and HttpServletResponse interfaces. These provide way to interact and manipulate the request and responses. In this article we are going to explain more about the Request and response structure. And HTTP headers.

Let’s first discuss about the HTTP request structure and its header.

When we make any request to the server, it is done using some URL:Uniform Resource Locater, the HTTP takes the URL and add its header with it so that server may understand what to do with this url. For example suppose we are sending some page request to a dynamic web application, in which case we also pass the page ID. so that URL looks like this’

www.examsmyantra.com?category=java

Now every browser treats the web address by prefixing an HTTP protocol with it so the request will become

http://examsmyantra.com?category=java

So this is a URL, but not only this. Every request proceeds with a request type method with it. It is either a GET or a POST. We are going to discuss these both in terms of HTTP Request header.

When there is a general URL call it is done by GET method automatically. The request structure becomes like this:

GET /index.php?category=java HTTP/1.1

where
GET – The HTTP method
/index.php – path of the requested file/page
?category=Java – parameter
HTTP/1.1 – protocol and its version

Along with this information there is a header attached which contains following information

Accept	*/*
Accept-Encoding	gzip, deflate
Accept-Language	en-US,en;q=0.5
Cookie	_ga=GA1.2.1492154776.1402809586; __atuvc=19%7C25; PHPSESSID=92638ad27273746f9152ac134607f33e
Host	www.examsmyantra.com
Referer	https://www.examsmyantra.com/
User-Agent	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0

The header information represents following key points
Accept – tell what type of data can be send with the request
Accept-Encoding – the type of encoding supported and used
Accept-Language – the language requested
Cookie – if the cookies are accepted or not
Host – to communicate with which host
Referer – which url refers this request
User-Agent – the browser identification

So you see this is how a request is made and In a moment now we will show you what response it got and what headers the response had with itself.

HTTP/1.1 200 OK

which means the response was sent using HTTP protocol version 1.1 and the status code is 200 which means OK.

Along with that the following response header is what we get with the response

Cache-Control	no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection	Keep-Alive
Content-Encoding	gzip
Content-Length	5856
Content-Type	text/html; charset=utf-8
Date	Fri, 08 Aug 2014 09:00:14 GMT
Expires	Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive	timeout=5
Pragma	no-cache
Server	Apache mod_fcgid/2.3.10-dev
Vary	Accept-Encoding
X-Powered-By	PHP/5.4.26
x-ua-compatible	IE=edge
Content - ...

Content-Encoding – the encoding type used by response
Content-Length – the length of content received with the response
Content-type – the type fo content received
Date: when it was send
Expires – when the request would be expiring
Keep-Alive – the IP routing related information
Server – which server generated the response
-Vary – does server accept encoding
X-powered by: which script generated the response
X-us-compatible – if compatible with IE
Connection – tells if the connection will be opened or will die after this request and required a new one.
Content – the content which will be rendered by browser.

So this was it. the request and response. In the POST method of HTTP there is not but a slight difference only. the request becomes

POST /index.php HTTP/1.1

and rest of header

Accept	*/*
Accept-Encoding	gzip, deflate
Accept-Language	en-US,en;q=0.5
Cookie	_ga=GA1.2.1492154776.1402809586; __atuvc=19%7C25; PHPSESSID=92638ad27273746f9152ac134607f33e
Host	www.examsmyantra.com
Referer	https://www.examsmyantra.com/
User-Agent	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0
category=java

so as you see it is all the same except that we pass the information in the header as a payload instead of URL. The response for the POST remains the same as for GET method. So this is pretty much all about the HTTP request and response. Now we are going to look at some of the response types which we may get. There are CODE and strings which tells about the status of the response.

The first digit of the Status-Code defines the class of response. The last two digits do not have any categorization role. There are 5 values for the first digit:

  • 1xx: Informational – Request received, continuing process
  • 2xx: Success – The action was successfully received, understood, and accepted
  • 3xx: Redirection – Further action must be taken in order to complete the request
  • 4xx: Client Error – The request contains bad syntax or cannot be fulfilled
  • 5xx: Server Error – The server failed to fulfill an apparently valid request

The complete list of response code is as follows

      Status-Code    =
            "100"  ; Section 10.1.1: Continue
          | "101"  ; Section 10.1.2: Switching Protocols
          | "200"  ; Section 10.2.1: OK
          | "201"  ; Section 10.2.2: Created
          | "202"  ; Section 10.2.3: Accepted
          | "203"  ; Section 10.2.4: Non-Authoritative Information
          | "204"  ; Section 10.2.5: No Content
          | "205"  ; Section 10.2.6: Reset Content
          | "206"  ; Section 10.2.7: Partial Content
          | "300"  ; Section 10.3.1: Multiple Choices
          | "301"  ; Section 10.3.2: Moved Permanently
          | "302"  ; Section 10.3.3: Found
          | "303"  ; Section 10.3.4: See Other
          | "304"  ; Section 10.3.5: Not Modified
          | "305"  ; Section 10.3.6: Use Proxy
          | "307"  ; Section 10.3.8: Temporary Redirect
          | "400"  ; Section 10.4.1: Bad Request
          | "401"  ; Section 10.4.2: Unauthorized
          | "402"  ; Section 10.4.3: Payment Required
          | "403"  ; Section 10.4.4: Forbidden
          | "404"  ; Section 10.4.5: Not Found
          | "405"  ; Section 10.4.6: Method Not Allowed
          | "406"  ; Section 10.4.7: Not Acceptable

          | "407"  ; Section 10.4.8: Proxy Authentication Required
          | "408"  ; Section 10.4.9: Request Time-out
          | "409"  ; Section 10.4.10: Conflict
          | "410"  ; Section 10.4.11: Gone
          | "411"  ; Section 10.4.12: Length Required
          | "412"  ; Section 10.4.13: Precondition Failed
          | "413"  ; Section 10.4.14: Request Entity Too Large
          | "414"  ; Section 10.4.15: Request-URI Too Large
          | "415"  ; Section 10.4.16: Unsupported Media Type
          | "416"  ; Section 10.4.17: Requested range not satisfiable
          | "417"  ; Section 10.4.18: Expectation Failed
          | "500"  ; Section 10.5.1: Internal Server Error
          | "501"  ; Section 10.5.2: Not Implemented
          | "502"  ; Section 10.5.3: Bad Gateway
          | "503"  ; Section 10.5.4: Service Unavailable
          | "504"  ; Section 10.5.5: Gateway Time-out
          | "505"  ; Section 10.5.6: HTTP Version not supported
          | extension-code

TI is taken from the official W3 website. which you can find in the reference section of this article. Most of these status code are seen rarely and you will encounter a very few in general.

Reference:

Http/1.1 Response