A standard Internet protocol that specifies the client/server interaction processes between Web browsers such as Mozilla Firefox and Web servers such as Apache. Its the network protocol used to deliver virtually all files and other data(collectively called resources) on the World-Wide-Web, whether they are HTML files, image files, query results or anything else. Usually HTTP takes place though TCP/IP Sockets.A Browser is an HTTP client because it sends requests to an HTTP server (Web Sever), which then sends response back to the client. The standard and default port for the HTTP servers to listen is 80, though they can use any port.
What are Resources?
HTTP is used to transmit resources not just files. A resource is some chunk of information that can be identified by a URL (its R in URL). The most common kind of resource is a file, but a resource may also be a dynamically generated query, the output of a CGI script, a document that is available in several languages or anything else.
The original Hypertext Transfer Protocol (HTTP) 1.0 protocol is a stateless protocol whereby a Web browser forms a connection with a Web server, downloads the appropriate file, and then terminates the connection. The browser usually requests a file using an HTTP GET method request on TCP port 80, which consists of a series of HTTP request headers that define the transaction method (GET, POST, HEAD, and so on) and indicates to the server the capabilities of the client. The server responds with a series of HTTP response headers that indicate whether the transaction is successful, the type of data being sent, the type of server, and finally the requested data.
IIS 4 supports a new version of this protocol called HTTP 1.1, which has new features that make it more efficient. These new features include the following:
· Persistent connections:
An HTTP 1.1 server can keep TCP connections open after a file has been transferred, eliminating the need for a connection to be opened and closed each time a file is transferred, as is the case with HTTP 1.0.
This is a process whereby an HTTP 1.1 client can send multiple Internet Protocol (IP) packets to the server without waiting for the server to respond to each packet.
This process allows several HTTP requests by the client to be buffered into a single packet and sent to the server, which results in faster transfer times because fewer and larger packets are used.
· Host headers:
This feature enables an HTTP 1.1–compliant Web server to host multiple Web sites using a single IP address.
· Http put and http delete commands:
These commands enable Web browsers to upload and delete files from Web servers using HTTP
HTTPS VS HTTP
As opposed to HTTP URLs that begin with "http://" and use port 80 by default, HTTPS URLs begin with "https://" and use port 443 by default. HTTP is unsecured and is subject to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information. HTTPS is designed to withstand such attacks and is considered secure against such attacks . HTTP operates at the highest layer of the OSI Model, the Application layer; but the security protocol operates at a lower sub layer, encrypting an HTTP message prior to transmission and decrypting a message upon arrival. Strictly speaking, HTTPS is not a separate protocol, but refers to use of ordinary HTTP over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connection. Everything in the HTTP message is encrypted, including the headers, and the request/response load.