🌐

Understanding HTTP and HTTPS Protocols

Apr 24, 2025

View transcript

Lecture on HTTP: HyperText Transfer Protocol

Overview

  • HTTP is the standard web protocol used to transfer hypertext and hypermedia (e.g., images).
  • It is stateless, meaning each request is independent and does not retain information about previous requests.
  • All data in HTTP is sent in clear text, including sensitive information like passwords.

HTTP vs HTTPS

  • HTTP: Regular protocol; everything is in clear text, posing security risks, especially on public WiFi.
  • HTTPS: Secure version of HTTP that encrypts the data; recommended to protect sensitive data.

HTTP Requests

  • Requests are made by a client to a server to retrieve or send data.
  • Example of a basic request: GET /wiki HTTP/1.1 Host: wikipedia.org
  • Common tools for making requests: web browsers, apps, and software like Postman.

Network Tools

  • Browsers like Firefox and Chrome have developer tools to inspect network activity (HTTP requests and responses).
  • HTTP requests are ubiquitous and can be observed in network tools.

Components of HTTP Requests

  • Methods: GET, POST, PUT, PATCH, DELETE, etc., each serving different purposes.
  • Target: URL specifying the desired resource.
  • Protocol Version: Commonly HTTP/1.1, sometimes HTTP/2.
  • Headers: Additional metadata, such as expected response type and client information.
  • Request Body: Contains data for requests like form submissions.

HTTP Responses

  • A response from the server contains status codes, headers, and a body.
  • Status Codes: Indicate the result of the request (e.g., 200 OK, 404 Not Found, 500 Internal Server Error).
  • Response body typically contains the HTML or content requested.

URL Structure

  • Protocol: HTTP or HTTPS indicates the request type.
  • Host: Domain name converted to an IP address.
  • Path: Directs to the specific resource on the host server.
  • Other optional parts: Authentication, Port, Query (parameters), and Fragment (page sections).

Cookies

  • Small text files stored on the client-side, used to maintain state between sessions.
  • Set by server responses and sent back by clients in subsequent requests.
  • Can be manipulated or deleted by the client, impacting security.

Conclusion

  • HTTP is essential for web operations, allowing resource requests and state management via cookies.
  • Next lecture will focus on HTML, the structure of web content.
  • Recommended tools: VS Code, Firefox, Chrome, and Postman for practicing HTTP requests.

Full transcript