HTTP Protocol, HTTP Methods & HTTP Status Codes
In this article, I am going to discuss HTTP Protocols, HTTP Methods, and HTTP Status Codes in detail. Please read our previous article where we gave a brief introduction to the Java Servlets. At the end of this article, you will understand the following pointers in detail.
- What are HTTP Protocols?
- HTTP Request Headers
- Http Response Format
- Why do we need an HTTP response status code?
- Methods of setting HTTPResponse Status Codes
- Methods for Sending Error
- Common Status Codes with Status Message
- Why HTTP Response Headers?
- Requirements of HTTP Protocols
- How HTTP Protocol is able to manage stateless nature?
- HTTP Methods
- What are HTTP request methods?
- What is the difference between GET and POST method?
What are HTTP Protocols?
A protocol is a set of standard rules which must be followed by two systems in order to make communication possible. We have different types of protocols like HTTP, https, FTP, UDP, TCP/IP. If we want to execute the web-based applications we must follow HTTP protocols. A client is a machine that sends a request to the server. A server is a machine that receives the request and processes the request and sends back the result to the client.
The HTTP protocol is divided into the following two types:
HTTP request Format:
When the client sends a request, then that request will be converted into an HTTP request format and send it to the server.
The initial request-line consists of the following three sections:
Method: method will indicate what operations have to be performed by the server. Examples: get, post, delete, trace, etc.
Request resource: Request resource is nothing but the resource which has to be processed by the server. Sometimes requesting resources may be available or may not be available.
Protocol Version: Protocol version indicates what is the protocol version used by the client.
HTTP Request Headers
HTTP requests include headers that provide extra information about the request. Headers are used to send the extra information about the client to the server like what is the version of the browser or client software, what language is used by the client, etc. The following are the two most important headers:
- User-Agent: It contains information about the version of browser/ client software.
- Accept-Language: It contains information about what language is used by the client.
HTTP Request Header Methods
String getHeader(java.lang.String name): Value of the specified request header as String.
java.util.Enumeration getHeaders(java.lang.String name): Values of the specified request header.
java.util.Enumeration getHeaderNames(): names of request headers.
int getIntHeader(java.lang.String name): Value of the specified request header as an int.
Http Response Format:
When the server sends the response to the client then the response will be converted into an HTTP response format and send to the client.
The initial response line also contains the following three sections:
Protocol Version: Protocol version indicates what is the protocol version used by the server.
Status Code: Status code indicates what is the response given by the server to the client. Developers have given the following set of codes for different types of results:
Why do we need an HTTP response status code?
- Forward client to another page
- Indicates resource is missing
- Instruct browser to use cached memory
Methods of setting HTTPResponse Status Codes
public void setStatus(int statusCode)
The status code is defined in HTTPServletResponse. The Status codes are numeric fall into five general categories:
Default Status Code is 200 (OK)
Methods for Sending Error
Error status codes (400-599) can be used in sendError methods
public void sendError(int sc): The server may give the error special treatment.
public void sendError(int code, String message): Wraps message inside a small HTML document.
Status Message: For every status code, the developer have given specific status messages to understand the status code.
200 -> OK
404 -> Not Found
Common Status Codes with Status Message
200 (SC_OK): Success and document follow. Default for servlets
204 (SC_N0_CONTENT): Success but no response body. The browser should keep displaying the previous document
301 (SC_MOVED_PERMANENTLY): The document moved permanently (indicated in Location Header). Browsers go to the new location automatically
302 (SC_MOVED_TEMPORARILY): Note the message is “Found”. Requested document temporarily moved elsewhere (indicated in Location header). Browsers go to the new location automatically. Servlets should use sendRedirect, not setStatus when setting this header
401 (SC_UNAUTHORIZED): Browser tried to access a password-protected page without a proper Authorization header
404 (SC_NOT_FOUND): No such page
HTTP Response Header
Headers are used to send extra information to the client. The most important Header send by the server to the client is “contentType(text/html)”. Sometimes we also send an error report, header-cache into, etc.
Why HTTP Response Headers?
- Give forwarding location
- Specify cookies
- Supply the page modification date
- Instruct the browser to reload the page after a designated interval
- Give the file size so that persistent HTTP connections can be used.
- Designate the type of document being generated.
HTTP Response Header Methods
- setHeader: Sets an arbitrary header.
- setDateHeader: Converts milliseconds since 1970 to a date string in GMT format.
- setIntHeader: Prevents need to convert int to String before calling setHeader.
- addHeader, addDateHeader, addIntHeader: Adds new occurrence of the header instead of replacing.
- setContentType: Sets the content-Type header. Servlets almost always use this.
- setContentLength: Length header. Used for persistent HTTP connections.
- addCookie: Adds a value to the Set-Cookie header.
- sendRedirect: Sets the location header and changes status code.
Requirements of HTTP Protocols
In web applications, to transfer the data between client and server we require a protocol, it should be
- A connectionless protocol
- A stateless protocol
- A compatible protocol to carry hypertext data
When Connectionless Protocol is a protocol, it should not require a physical connection, but require a logical connection to carry the data. Where Stateless Protocol is a protocol, which should not remember previous request data at the time of processing the later request.
In general, in the client-server application, request data will be transferred from client to server in the form of hypertext data and the response data will be transferred from server to client in the form of hypertext data so that we require a Compatible Protocol to carry hypertext data between client and server.
Among all the protocols HTTP protocol is able to satisfy all the above requirements so that we will use HTTP protocol in web applications.
How HTTP Protocol is able to manage stateless nature?
In Client-Server applications, when we send a request from the client to the server protocol will pick up the request and perform the following actions.
- The protocol will establish a virtual socket connection between client and server as per the server IP address and protocol which we provided in the URL.
- The protocol will prepare the request format with the header part and body part, where the header part will manage all the request headers (metadata about the client) and the body part will manage request parameters (the data which was provided by the user at the client browser).
- After preparing the request format protocol will carry the request format to the server through the virtual socket connection.
Upon receiving the request from the protocol server will identify the requested resource, execute generate a dynamic response, and dispatch that dynamic response to the client. When the server dispatch the dynamic response to the client protocol will pick up the response and perform the following actions.
- The protocol will prepare response format with the header part and body part, where the header part will manage response headers (metadata about the dynamic response) and the body part will manage the actual dynamic response.
- After seeing the response format protocol will carry format to the client.
- When the dynamic response reached to client protocol will terminate the virtual socket connection, with this protocol will eliminate the present request data from its memory.
In the above context, the present request data will be managed by the protocol up to the connection’s existence will protocol connection has terminated then the protocol will not manage request data.
Due to the above reason HTTP protocol is unable to manage clients’ previous request data at the time of processing later request. Therefore, the HTTP protocol is a stateless protocol.
Note: If we use HTTP protocol, a stateless protocol in our web applications then we are unable to manage clients’ previous request data, but as per the application requirements we need to manage clients’ previous request data at the time of processing later request. In this context, to achieve the application requirement we have to use a set of explicit mechanisms at the server-side called Session Tracking Mechanisms.
In web applications, with HTTP protocol, we are able to specify different types of requests at the client browser. The above flexibility is possible for the HTTP protocol due to the availability of 7 number of HTTP methods called as BIG 7 HTTP methods.
HTTP Protocol has provided the following HTTP methods along with the HTTP 1.0 version.
HTTP Protocol has provided the following HTTP methods as per the http1.1 version.
Http1.1 version has provided a reserved HTTP method i.e. CONNECT.
GET HTTP Method:
If we use the get() method then from data will be submitted to the server by appending with URL. In this case, we have no security because our form data will be displayed inside the address bar. With this get method, we can submit a limited amount of data (up to 1024kb). Get request type is the default request type in web applications. Get request type should not have a body part in the request format. If we specify request parameters along with GET request then that request parameters will be transferred to the server through the request format header part due to the lack of body part. In general request format header part will have memory limitation so that it is able to carry a maximum 256 number of characters. Therefore, the GET request is able to carry fewer data from client to server.
POST HTTP Method:
If we use the post() method then form data will be submitted to the server by appending with the header body instead of URL. In this case, we have security because no form data will be displayed inside the address bar. Whit this get method we can also submit an unlimited amount of data. The POST request type is not the default request type. POST request type should have a body part in the request format. Due to the availability of the body part in POST request, all the request parameters will be transferred to the server through request format body part, here there is no memory limit is the request format body part so that the post request is able to carry large data from client to server.
PUT HTTP Method:
The put() method will put the resource inside the server, but for security reasons, this method is not recommended to use. Both post and put request can be used to upload the data on the server machine. To upload the data on the server machine if we use post request then it is not mandatory to specify a particular address location along with post request. To upload the data on the server machine if we use put requests then it is mandatory to specify the server-side location along with the put request.
HEAD HTTP Method:
If we send a head request for a particular resource available at the server then the server will send the requested resource as well as the metadata about the requested resource as a response. Internally head request uses get request to get the requested resource from the server. The head() method is used to specify the header portion send by the server to the client. This method is used as a part of request dispatches between servers.
OPTIONS HTTP Method:
The main purpose of the options request type is to get the HTTP methods which are supported by the present server. In general HTTP protocol has provided by 7 HTTP methods conceptually, supporting all the methods or some of the methods or none is completely depending on the server implementation provided by the service providers.
With this convention we are unable to credit how many numbers of HTTP methods are supported by the present application server, where to credit the HTTP methods which are supported by the present server, we have to use the OPTIONS request type.
DELETE HTTP Method:
The delete() method will delete the resource from the server, but for security reasons, this method is not recommended to use. The main purpose of this request type is to delete a particular resource available at the server machine.
TRACE or LOCATE:
The trace() or locate() methods will search for a resource inside the server, but for security reasons, this method is not recommended to use. The main purpose of trace request is to get the working status of a particular resource available at the server machine. The trace request type is able to execute its functionality like an echo server.
Note: Almost all the servers may not support PUT, DELETE, and request types as their security constraints. In general, almost all the servers are able to support GET and POST request types.
What are HTTP request methods?
When the web client is requesting the web server it uses either GET method or POST method. These two methods are known as HTTP request methods.
- “GET” method-based request can send a limited amount of data along with the request (max of 256 kilobytes)
- “POST” method-based request can send an unlimited amount of data to the server along with the request.
What is the difference between GET and POST method?
It is recommended to design the form page by having a post method. When we submit the form page if the button is clicked multiple times then the idempotent problem has occurred. To prevent this problem take the request method as post and process that request in doPost() method with additional logic. This indicates post is not idempotent because it can prevent double posting canceling the entire request. The double posting problem is called an idempotent problem.
In the next article, I am going to discuss the Java Servlet API in detail. Here, in this article, I try to explain HTTP Protocols. I hope you enjoy this HTTP Protocol article.