COSC 4351: 1.3 HTTP

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

An HTTP request and HTTP response are both composed of four parts:

1. Status line 2. Zero or more header fields 3. Empty line 4. Optional message body

What is Step 1 in an HTTPS transaction?

Browser requests an HTTPS connection to a web page.

User-Agent

Identifies the browser making the request. Browsers often identify themselves using a unique string of characters. The User-Agent field may be used by a web sever to respond back with different resources depending on which browser made the request. EX: A desktop page may be sent back to a desktop Chrome browser, but a mobile web page may be sent back to an iPhone browser.

Content-type

Media type of the response's message body. - Common media types: text/css, image/jpeg, application/pdf, video/quicktime

HEAD

Request a response identical to GET but without the response body.

PUT

Request the web sever accept the message body enclosed in the request as a modification of an existing resource

301

Status Phrase: Moved Permanently Meaning: The resource should always be requested at a different URL

What is Step 3 in an HTTPS transaction?

The browser and web server initiate an "SSL handshake"

What is Step 4 in an HTTPS transaction?

The browser and web sever transmit encrypted information.

Host

The domain name for the requested path. - Some websites are hosted at the same IP address, so the host field helps the web sever determine which website's resource is being requested.

What happens before HTTP communication beings?

The web browser extracts the domain name from the URL being accessed and preforms a DNS lookup.

What is Step 2 in an HTTPS transaction?

Web server sends digital certificate to the browser.

Do browsers use ETags to aid in caching web resources?

Yes

Does caching web content, do browsers reduce the amount of network traffic required to display previously visited web pages?

Yes

In step 4 of HTTPS transaction, can encrypted information only be decrypted by the browser and web server?

Yes

When the resource changes, should the Tag associated with the resource change too?

Yes

Would the browser warn the user if the digital certificate is not from a trusted certificate authority?

Yes

browser cache

an area on the computer's disk where web content can be stored by the web browser for quick retrieval later.

What must the URL start with in Step 1 in HTTPS transaction?

https://

What does the browser and web server use the SSL handshake for?

to generate session keys used to encrypt and decrypt information

browser redirect

when the web sever returns a 201 or 302 status code with a Location header indicating the URL the browser should load next.

Where can the HTTP header field If-None-Match be found? A. HTTP request B. HTTP response

A. HTTP request The browser sends the If-None-Match header field with the ETag to the web server in the HTTP request.

Last-Modified

Datetime the requested resource was last modified on the web sever. - For resources that are dynamically created by the web sever, the last modified date time is often not provided

Date

Datetime the response was generated by the web sever. - Datatime values in HTTP headers are represented in GMT, which is equal to UTC

network sniffer

is software that monitors network traffic and allows users to inspect HTTP requests and responses.

Linkrot

is the general name for once valid links that now return 404 status codes

Content-length

number of bytes in the response's message body. - The web server uses the content length to determine how much data to expect from the web sever

GET

request a representation of the specified resource

HTTP functions as a ___ - ___ protocol between _______ and ____.

request-response web browsers web severs

DNS lookup

sends the domain name to the local DNS and receives the IP address of the web sever hosting the domain name.

Where does the web sever send back the requested resource in?

the message body of the response

How many total HTTP requests does a browser send for a web page that does not use any other web resources? A. 1 B. 2 C. 3

A. 1 Only one HTTP request is made for the HTML file.

In HTTP requests and responses, what number is this step: Web browser does a DNS lookup of the domain name and makes a TCP connection. - TCP connection

1

In HTTP requests and responses, what number is this step: HTTP request is made asking for resource at http://w3c.org/test.html. - HTTP request test.html

2

In HTTP requests and responses, what number is this step: Web server locates test.html file and sends the contents of test.html to the browser - HTTP response <html>

3

When a user types or clicks on a short URL, the URL shortening service responds with a ______ status code and a Location header with the web page's full URL.

301

In HTTP requests and responses, what number is this step: Browser parses HTML and makes second request for http://w3c.org/field.jpg. - HTTP request field.jpg

4

In HTTP requests and responses, what number is this step: Web server locates field.jpg and sends the image to the browser. The browser then displays the field.jpg image. -HTTP response [image]

5

In HTTP requests and responses, what number is this step: No more resources to request, so TCP connection is closed.

6 Last step

URL shortening

A technique to create shorter URLs that redirect to longer URLs.

digital certificate

A website wanting to use HTTPS must acquire these. They are issued by a trusted certificate authority

Which status code is sent when the web server wants to redirect the browser to a different URL? A. 200 B. 301 or 302 C. 403

B. 301 or 302 301 and 302 status codes are always accompanied by a Location header that indicates the new URL that the browser should access. Ex: "Location: http://w3c.org/new-location.html". 302 status codes are for URLs that may not redirect in the future.

Which status code is sent when the web server compares the cached ETag with the server's ETag for a requested web resource, and the two ETags are identical? A. 200 B. 304 C. 403

B. 304 When the ETags are equal, the web browser has an up-to-date cached copy of the web resource.

Which request method is used by the browser to get the same response headers that a GET would generate but without the message body? A. GET B. HEAD C. PUT

B. HEAD only requests the response headers

If a web browser sends 20 HTTP requests to a web server, how many HTTP responses will the web server send to the web browser? A. 0 B. 10 C. 20

C. 20 Every HTTP request results in a single HTTP response.

Which status code is sent when the web server is denied permission to the requested URL? A. 301 B. 304 C. 403

C. 403 404 frequently occurs when the URL corresponds to a directory that does not have directory listing permissions or a file that doesn't have read permissions

Which status code is sent when the requested URL does not point to an existing resource on the web server? A. 200 B. 301 C. 404

C. 404 404 can occur when the user mistypes a URL, a URL for a resource has changed, or a resource has been removed

How many total HTTP requests does a browser send for a web page that contains four web resources: an image, a video, a CSS style sheet, and a JavaScript file? A. 1 B. 4 C. 5

C. 5 One HTTP request is made for the HTML file, and one request is made for each resource.

Before a TCP connection is created, the web browser performs a/an A. HTTP request B. HTTP response C. DNS lookup

C. DNS lookup The browser performs DNS lookup so the browser can establish a TCP connection with the web sever

What HTTP header field is used to make a conditional request using a datetime? A. If-None-Match B. Last-Modified C. If-Modified-Since

C. If-Modified-Since The If-Modified-Since header field is used with the Last-Modified datetime to request that the web server send the requested resource if the resource has changed since the specified time. Ex: "If-Modified-Since: Wed, 01 Sep 2014 13:24:52 GMT" asks the web server to send the resource if the resource was modified after Sept 1, 2014 at 13:24:52 GMT.

Which request method is used by the browser to submit web form data to the web server? A. GET B. PUT C. POST

C. POST POST is the request method most often used to submit web form data to the web server.

Do web servers always generate ETags for all web resources?

ETags are not often produced for dynamic web content.

Does a 304 response generally contain a message body? Yes No

No 304 indicates the cached content is up to date, so resending the same content to the browser is unnecessary

POST

Request the web sever accept the message body enclosed in the request as a new resource

DELETE

Request the web sever delete the existing resource

Which part is the web sever able to identify the requested resource from the path?

Status line

403

Status phrase: Forbidden Meaning: The web server does not have permission to access the resource.

302

Status phrase: Found Meaning: The resource should temporarily be requested at a different URL

500

Status phrase: Internal Server Error Meaning: Something unexpected happened on the web server

404

Status phrase: Not Found Meaning: The resource could not be located.

304

Status phrase: Not Modified Meaning: The resource has not been modified since the last time the resource was requested

200

Status phrase: OK Meaning: Standard response for a successful request

Sever

identifies the web sever software that generated the response. - popular values for it: Apache, Microsoft-IIS, nginx

Request method

indicates the desired action to perform on a resource.

status code

is a 3 digit number that indicates the status of the requested resource

HTTP Request

is a message sent from the web browser to the web sever. Often the request asks the web sever to send back a web resource like an HTML file, image, CSS style sheet, JavaScript file, or a video.

HTTP Response

is a message sent from the web server back to the web browser in repose to an HTTP request. Often the response contains the requested web resource.

hypertext transfer protocol HTTP

is a networking protocol that runs over TCP/IP and governed communication between web browsers and web severs

Transmission Control Protocol/Internet Protocol (TCP/IP)

is a protocol suite that governs how packets of data are transferred over the internet from one machine to another.

HTTPS

is a protocol the encrypts HTTP traffic between a browser and web sever so a network sniffer cannot intercept sensitive information in the HTTP traffic like passwords, credit card numbers, financial transactions, etc.

Certificate authority

is a trusted entity that gives out digital certificates, which contains a public key needed to encrypt data between the browser and web sever

entity tage (ETag)

is an identifier for a specific version of a web resource. Ex: 34905a3e285dd11


Kaugnay na mga set ng pag-aaral

Chapter 5: Settings for Psychiatric Care

View Set

Interpersonal Communication Midterm

View Set

Audit Chapter 10, Audit Chapter 11, Auditing Chapter 9, Auditing Chapter 7 - Exam 2

View Set