If you have a keen eye for web addresses in the top bar of your browser, you’ve probably noticed the first part of any website’s address, the letters “HTTP” or “HTTPS.” However, what is HTTP and how does it work? Let’s take a look at the glue that holds the web together.
HTTP: the short version
HTTP is an acronym and stands for hAnd peryouextension youtransfer protocol. Let’s break that down a bit, starting with the “protocol” part. In technology, a protocol is the set of rules that machines must follow in order to “talk” to each other. For example, VPN protocols determine how VPNs interact with servers. HTTP is much less specific than that, and instead sets the rules for how the Internet works.
This is not an exageration. Without HTTP, there would be no communication over the world wide web. This is because HTTP governs the communication between web servers and web clients: the “transfer” part. Web servers are the places you connect to in order to view sites; for example, you are currently in contact with the How-to Geek web host so you can read this article.
To access a web server, you need a web client. Most of the time, this client is your browser, but it can really be any type of application. For example, if you clicked on this article from the Facebook mobile app, then the browser built into the Facebook app is your web client. Client-server interaction is pretty much what the entire Internet comes down to, and HTTP is an integral part of that.
The final part of the HTTP acronym is the “hypertext” part, which is the type of files that are transmitted, almost always via HTML files. These types of files are the building blocks of the web, as they not only display the language, but can also be interconnected. This is different from file types you have on your device, which normally can’t do that.
How HTTP works in a nutshell
HTTP is a protocol that runs on the so-called application layer of the Internet, above the Internet layer, where the real details of the web are like IP addresses. The application layer is where you’ll find the browsers and applications you use every day, and HTTP is a very important part of that.
The way it works is that your browser, the client, will send an HTTP request over the network, which is processed by the server of the site you want to access. The site then sends back an HTTP response, which is, if all went well, the page you want to see. The browser then displays the response.
Breakdown of HTTP requests
Of course, there is a bit more to it than that. An HTTP request is actually made up of several parts, each of which plays an important role in how the site is displayed. Among the most important parts of any request are the HTTP method, the request headers, and the request body.
The method is usually the action that HTTP is asked to perform, thus retrieving information or providing it (the “GET” and “POST” commands, respectively, though there are many others). HTML request headers are a bit more difficult to explain, but think of them like envelopes: each contains the destination address, the sender’s address, and a lot of other information, such as the type of mailbox (browser) and also encryption information.
The HTML body “fills” the envelope with information such as login information or anything else the server needs to know to display the page; sometimes it is empty and the envelope, the request header, is enough.
With the request received, the web server now starts working on its response, which is also made up of three parts: the HTTP status code, the response header, and the response body. The header and body are much like their counterparts in requests, except that the body will contain a lot more information that goes back, such as the files that contain the information to display a web page.
Status codes are an interesting touch, as we’ve all probably encountered them without realizing what they were. They are three digits that can start with numbers from 1 to 5. Each series represents something. So any three-digit code starting with 2 means success (the page displays without issue), while one starting with 4 means an error, like the infamous 404: page not found code.
This call and response system is the foundation of everything we do on the Internet. Although it gets more complicated than we described above, this covers the basics. Of course, there is the question of how all this communication is kept secure.
This is where we run into the problem with HTTP: at no point is the information encrypted or protected in any way. It is purely request and receive, there is no step where security is added. Anyone who can intercept messages can see what is being sent, including things like credit card numbers or account information.
In a way, it’s like when you’re talking to a neighbor over the fence that separates your properties: everyone is in their own zone, but if someone gets close enough, they can hear every word you say.
As you can imagine, this is extremely bad news for most Internet users, and incredibly good news for the people who take advantage of them. To fix this, a new type of HTTP was implemented, called HTTPS, where the final “S” stands for “secure”. This type of HTTP encrypts the information, which makes it much more difficult for anyone to eavesdrop, so to speak.
These days, it’s becoming less and less common to see what’s called “simple” HTTP anywhere, as nearly every site worth mentioning has switched to HTTPS in recent years. There are some who, for reasons that vary by site owner, have resisted this change. You may want to avoid them, or at least use a VPN to protect any sensitive information.
That said, while HTTPS is definitely a vital upgrade, that’s it, an upgrade. HTTP has been powering the Internet since it began, and we doubt that will change any time soon.
The post What is HTTP? appeared first on Daily Report.