- Network
- A
HTTP requests: parameters, methods, and status codes
When a user enters a website URL in the browser's search bar, their computer or other device initiates a connection with the server and sends it an HTTP request — a message with some information. This could be a request to send an HTML page or, conversely, user data that the server needs to process. Essentially, the browser provides the user with a graphical interface for obtaining information from websites using HTTP.
HTTP messages are the primary means of communication between devices in a client-server architecture. There are other methods, such as FTP or P2P, but in the everyday activities of internet users, the most common scenario is HTTP.
In this article, we will look at how servers and user devices communicate: what an HTTP message is, its structure, and what an HTTP request and response consist of. We will also briefly touch on the HTTP protocol itself and its basics.
❯ What HTTP is for
To ensure that devices in a computer network understand each other, there are special rules that regulate the format of communication. These rules are called protocols, and one of them is HTTP.
It is necessary for hypertext data transfer, such as HTML pages. The protocol itself belongs to the seventh level of the OSI model, i.e., the application layer.
Essentially, HTTP messages are plain text. The protocol itself regulates the rules for composing this text and communication between devices: what comes first, the structure of an HTTP request and response, how long the server should take to respond, and more.
Usually, port 80 is used for receiving messages via HTTP, and port 443 for the encrypted version, HTTPS.
The main version of the protocol that is used now is HTTP 1.1. Compared to the first version, it already has headers - parameters that describe HTTP requests, new methods are supported, and much more.
❯ What an HTTP message consists of
An HTTP message is plain text composed according to certain rules. In the scheme of HTTP requests and responses, there are three main components:
the start line of the HTTP request and response,
headers and their values,
optionally - the body of the message.
Start line
This is the beginning of the HTTP message. It takes up one line, and in the HTTP protocol, the start lines of requests and responses differ slightly.
The HTTP request specifies:
The method that characterizes the desired result of the request: data transfer, loading an HTML page, or something else.
URI. This is a unique resource identifier.
Protocol version.
Here is an example of an HTTP request start line:
GET /blog/examplepage HTTP/1.1What it means: the client uses the GET method to request an HTML page located at /blog/examplepage from the server via protocol version 1.1.
The HTTP response start line specifies other parameters:
Protocol version.
Status code (numbers that characterize the statuses of the HTTP request).
(Optional) Text explanation of the code.
For example, if the request was successfully processed, the server will start the HTTP message as follows:
HTTP/1.1 200 OK
HTTP Request Methods
Methods describe the type of request: whether the client is only requesting a page, transmitting information within the request body, and more. The two most popular methods for retrieving and posting data are POST and GET.
A brief description of all methods:
GET. With this method, the client requests the content of a resource from the server. For example, an HTML page. Additionally, this method can be used to send client data to the server. To do this, parameters and their values, which need to be sent to the server, must be added to the resource address after the?symbol. The data transmitted in the HTTP request looks as follows:
GET /blog/examplepage?variable1=somevalue1&variable2=somevalue2 HTTP/1.1Here, variable1 and variable2 are the parameters that the client will send, and somevalue1 and somevalue2 are their values. An important property of the method is idempotence: if an HTTP request is executed several times with the same content, the result will also be the same.
HEAD. This is a method for retrieving the headers of a resource. It is often used to obtain metadata and check if the resource has changed since the last visit and if it exists.POST. With this method, the client can send data in the body of the message, for example, in cases where the data cannot be sent using theGETmethod. This could be a post on social media or bank card data that should not be left in the search history. Also,POSTis a non-idempotent method: the result may differ each time it is sent. Another feature ofPOSTis that responses to it will not be cached.OPTIONS. With this method, you can request a list of methods that it or its resource supports. Also,OPTIONScan be used to "ping" the server - to test its operability.PUT. This method creates a new resource or replaces an existing one with the data specified in the request body.PATCH. Works in the same way asPUT, but in relation to part of the resource.DELETE. The client indicates that they would like to delete a resource.TRACE. With this method, you can check if intermediate nodes in the network are modifying the client's request.CONNECT. Establishes a tunnel between the client and the server.
Status Codes
This is a three-digit number in the response that characterizes the status of its processing. The first digit indicates the class code. There are five in total. Let's tell you a little more about each and the common codes.
Informational. These status codes describe the process of information transfer itself. For example, the server has successfully received the request but is still processing it. Here are some common codes of this class:
100. This code indicates that the client's HTTP message has been successfully received and it can continue sending them.
101. In an HTTP request, you can ask the server to switch to a different protocol version using the
Upgradeheader. If the server satisfies such a request, it will send code 101 in response.102. Used in the operation of HTTP requests that the server has accepted but has not yet processed.
Success. This class of codes is used to inform the client about the success of its request. Most often, users encounter these codes:
200 OK. The most common status code. It implies that the client's request was successful.
201. This code is used in cases where a new resource is created using the request. For example, using the
PUTmethod. If the operation is successful, this code will be indicated in the response.
Redirection. This class of status codes is used in cases where the request needs to be changed to complete the operation. Most often, this is related to an incorrect resource URI.
Several examples:
301 Moved Permanently. Used in cases where the requested resource has been permanently moved to another directory — it can be found in the
Locationheader. This status code also has a similar code 308, which also means that the client should use the same method to the new location of the resource.302 Found. This status code is used when the requested resource is temporarily located at another address. It will be indicated in the
Locationheader. This status code also has a similar code 307, which is used in cases where the client should use the same method.
Client Error. Status codes that belong to this class are used in cases where an error occurred on the client side during the request.
Common codes include:
400 Bad Request. The client incorrectly composed its HTTP message.
403 Access Forbidden. Different access rights are required for the resource.
404 Not Found. This status code is most commonly encountered and means that the server accepted the request but found nothing at the specified address.
Server Error. This is a similar class of status codes that signal an error. However, this time the error occurred on the server side. Here are some options:
500 Internal Server Error. The server could not process the request due to an internal error. For example, there are problems in the PHP code used to process the request.
502 Bad Gateway and 504 Gateway Time Out. Sometimes the server acts as an intermediary node. If the next node returns an error, the server will indicate the status code 502 in the response. If it does not respond within the allotted time, then 504.
503 Service Unavailable. This status code means that there are currently technical problems on the server and it cannot process the request.
At the end of the article, we added a table with all HTTP codes, statuses, and their descriptions.
What are HTTP headers?
They define additional parameters of the HTTP message. They are a pair of a parameter and its value, separated by a colon. One parameter per line.
All headers can be divided into four types:
Those used in both HTTP requests and HTTP responses, and not related to the message body.
HTTP request parameters.
Headers only for HTTP responses.
And those that contain data about the message body: its length, data format, and much more.
In general, there are quite a lot of headers, so we will talk about the most common ones:
Host. This is an HTTP request header that contains the address of the server to which the client is making the request. If you combine the Host value with the URI, you get the URL of the resource. Example of an HTTP request:
GET /blog/examplepage HTTP/1.1
Host: timeweb.cloud
Date. This is a header with the date when the HTTP message was created.
Last-Modified. If the resource has been modified, the server will inform when exactly thanks to Last-Modified.Content-Type. Characterizes the format and encoding in which the message body is transmitted.Content-Language. This header can be used to specify the language of the message body.Content-Length. Used to report the size of the message body. Useful when the message body is too bulky.
Message Body
This is an optional element of an HTTP message with a payload. Optional because not every message contains an HTML page or user data. For example, the message body specifies the content of an HTTP request when using the POST method.
It is separated from the other elements of the HTTP request and response by a single blank line. Its end is two blank lines. If there are two blank lines inside the body, you need to use the Content-Length header. With it, the other party will expect a complete message whose length is equal to the header value.
To ensure that all parties in the HTTP protocol dialogue understand how the information is transmitted, the MIME standard is used to identify the content by the Content-Type header. For example, it regulates plain text, HTML pages, or JSON.
The standard also describes non-standard situations. For example, in form data. They are transmitted in the "key=value" format, so the equal sign in the data is replaced with the %3D code.
❯ List of HTTP Codes
Code | Status | Description |
100 | Continue | Interim response indicating that the initial part of the request has been received and the client may continue sending. |
101 | Switching Protocols | The server has switched protocol versions at the client's request. |
102 | Processing | This is how the server informs the client that it has accepted the request but is still processing it. Necessary to prevent the connection from timing out. This status code is used in WebDAV - a set of extensions and additions to HTTP. |
103 | Early Hints | The code is used to return part of the headers when the full list cannot be quickly formed. |
200 | OK | The request has been successfully processed. |
201 | Created | The request has been successfully completed, and a new resource has been created as a result of processing. |
202 | Accepted | The server has accepted the request but has not yet processed it. |
203 | Non-Authoritative Information | The server took the information for the response from a source other than the original. For example, a backup. |
204 | No Content | The response has no message body. |
205 | Reset Content | The server informs the client that it must reset the input data. |
206 | Partial Content | Used if the client requested only a fragment of the resource. |
207 | Multi-Status | The server transmits the results of several operations in the response. Used in WebDAV. |
208 | Already Reported | Used in WebDAV and means that part of the message is in the previous response. |
226 | IM Used | The server has successfully processed the A-IM request header. Used for delta encoding. |
300 | Multiple Choices | The server can provide the resource in different MIME formats. |
301 | Moved Permanently | The requested resource has been permanently moved to another directory - it can be found in the Location header. |
302 | Found | The requested resource is temporarily located at another address - it can be found in the Location header. |
303 | See Other | The response to the request can be found at another URI using |
304 | Not Modified | Used if the client requested the resource with the |
305 | Use Proxy | The requested resource is only available through a proxy. |
307 | Temporary Redirect | The requested resource has been temporarily moved to another URI. To access it, the client must use the same method as in the original request. |
308 | Permanent Redirect | The requested resource has been permanently moved to another URI. To access it, the client must use the same method as in the original request. |
400 | Bad Request | The client has incorrectly composed its HTTP message. |
401 | Unauthorized | To access the resource, the client must authenticate. |
402 | Payment Required | Provided for future use. |
403 | Forbidden | The client does not have the necessary access rights. |
404 | Not Found | Unfortunately, the server found nothing at this address. Most likely, the client made a mistake with the URI or the page was deleted. |
405 | Method Not Allowed | The server does not support the request method chosen by the client. |
406 | Not Acceptable | The server will return this code if it or the requested resource does not support the request headers. |
407 | Proxy Authentication Required | The client must authenticate on the proxy server. |
408 | Request Timeout | The client did not transmit information to the server within the specified time. |
409 | Conflict | The request cannot be completed due to a conflict with other requests. For example, when multiple users try to update or change a resource. |
410 | Gone | Means that the resource has been deleted or is unavailable. |
411 | Length Required | The client |
❯ Conclusion
In this article, we examined the main components of HTTP messages: the start line, headers, and body of the message. We also paid attention to their features, such as request methods and error codes. And we briefly discussed what the HTTP protocol is in general.
You can read more about the current HTTP/1.1 specification in RFC9112.
Write comment