HTTP protokolünün şeması
Kullanıcı tarafından bir adres görüntülenmek istendiğinde, ilgili adrese bir request gönderilir.
Bu request, sunucu tarafında değerlendirilerek bir response oluşturulur ve istemciye geri gönderilir. Burada browser tarafından oluşturulan request nesnesinde kullanıcı tarafından girilen bazı bilgiler de gönderilir. Mesela kullanıcı adı ve şifre gibi.
Örnek bir request mesajı
Bir request mesajı nelerden oluşur?
<request-line>
<general-headers>
<general-headers>
<request-headers>
<entity-headers>
<empty-line>
[<message-body>]
Yukarıdaki sıralama bir request mesajının anatomisidir.<entity-headers>
<empty-line>
[<message-body>]
Bu listedeki request header'lar "Host" haricinde tamamen opsiyoneldir. Yani bulunmaları mecburi değildir.
Yani sadece request line ve Host header'ı bir request yollamak için yeterlidir.
Örneğin şu request geçerlidir:
GET /index.html HTTP/1.1 Host: www.example.com
CR: carriage return
LF: line feed
Empty-line alanı sadece <CR><LF> den oluşur. Başka karakter içeremez.
Buradaki metod : HTTP 1.1de tanımlanan 8 metoddan biri (örneğin GET)
Request-uri : İstenilen kaynağın adresi (örneğin /index.html)
Http-version : HTTP/1.1
Request line örnekleri:
HEAD: Get komutuna benzer ancak sadece başlık bilgilerini gönderir.
POST: Web servera veri yollamak için kullanılır. Parametre içerir.
DELETE: Serverdan dosyayı silmesini ister.
OPTIONS: Serverdan desteklediği metodların listesini ister.
PUT: Bir veriyi serverda saklamak üzere gönderir.
TRACE: Serverdan yaptığı işlemlerin diagnostic trace ini göndermesini ister.
CONNECT:SSL bağlantılarının proxy ile yapılmasında kullanılır.
Birden fazla değer araya virgül konarak belirtilebilir.
Örnek request headerları:
Örneğin:
Ya da örneğin Java'da Socket kullanarak bir http client yazabiliriz:
Yukarıdaki sıralama bir response mesajının anatomisidir.
Status-code : 3 haneli durum kodu (örneğin 200)
Reason-phrase : Durum açıklaması (örneğin OK)
Örnek bir response'tan status line:
HTTP/1.1 200 OK
Empty-line alanı sadece <CR><LF> den oluşur. Başka karakter içeremez.
Request mesajının ilk satırı yani "request line" neler içerir?
Request mesajının ilk satırı şöyledir:
request-method-name request-URI HTTP-version
Buradaki metod : HTTP 1.1de tanımlanan 8 metoddan biri (örneğin GET)
Request-uri : İstenilen kaynağın adresi (örneğin /index.html)
Http-version : HTTP/1.1
Request line örnekleri:
GET /test.html HTTP/1.1 HEAD /query.html HTTP/1.0 POST /index.html HTTP/1.1
Request line'daki HTTP request (istek) metodları nelerdir?
GET: Dosya çağırma komutudur.HEAD: Get komutuna benzer ancak sadece başlık bilgilerini gönderir.
POST: Web servera veri yollamak için kullanılır. Parametre içerir.
DELETE: Serverdan dosyayı silmesini ister.
OPTIONS: Serverdan desteklediği metodların listesini ister.
PUT: Bir veriyi serverda saklamak üzere gönderir.
TRACE: Serverdan yaptığı işlemlerin diagnostic trace ini göndermesini ister.
CONNECT:SSL bağlantılarının proxy ile yapılmasında kullanılır.
En çok kullanılan http request metodları Get ve Post metodlarıdır.
Get metodu basit istekler veya bilgi alma amaçlı kullanılır.
Post ise daha kompleks istekler veya veritabanı işlemleri için kullanılabilir.
Get metodu basit istekler veya bilgi alma amaçlı kullanılır.
Post ise daha kompleks istekler veya veritabanı işlemleri için kullanılabilir.
Request'te bulunan header'lar nelerdir?
HTTP headerları name:value yani isim:değer çiftleridir.Birden fazla değer araya virgül konarak belirtilebilir.
Örnek request headerları:
Host: www.xyz.com Connection: Keep-Alive Accept: image/gif, image/jpeg, */* Accept-Language: us-en, fr, cn
HTTP request leri test etmek
Telnet ile bir servera TCP/IP bağlantısı kurup direkt olarak http requestleri gönderebiliriz.Örneğin:
> telnet telnet> help ... telnet help menu ... telnet> open 127.0.0.1 8000 Connecting To 127.0.0.1... GET /index.html HTTP/1.0 (Hit enter twice to send the terminating blank line ...) ... HTTP response message ...
Ya da örneğin Java'da Socket kullanarak bir http client yazabiliriz:
import java.net.*; import java.io.*; public class HttpClient { public static void main(String[] args) throws IOException { // The host and port to be connected. String host = "127.0.0.1"; int port = 8000; // Create a TCP socket and connect to the host:port. Socket socket = new Socket(host, port); // Create the input and output streams for the network socket. BufferedReader in = new BufferedReader( new InputStreamReader(socket.getInputStream())); PrintWriter out = new PrintWriter(socket.getOutputStream(), true); // Send request to the HTTP server. out.println("GET /index.html HTTP/1.0"); out.println(); // blank line separating header & body out.flush(); // Read the response and display on console. String line; // readLine() returns null if server close the network socket. while((line = in.readLine()) != null) { System.out.println(line); } // Close the I/O streams. in.close(); out.close(); } }
Örnek bir response mesajı
Bir response mesajı nelerden oluşur?
<status-line>
<general-headers>
<response-headers>
<entity-headers>
<empty-line>
[<message-body>]
[<message-trailers>]
<response-headers>
<entity-headers>
<empty-line>
[<message-body>]
[<message-trailers>]
Response mesajının ilk satırı yani "status line" neler içerir?
Status line şu şekildedir: <HTTP-VERSION> <status-code> <reason-phrase>
HTTP-Version: Server'ın kullandığı http protokolü versiyonunu belirtir (örneğin HTTP/1.1)Status-code : 3 haneli durum kodu (örneğin 200)
Reason-phrase : Durum açıklaması (örneğin OK)
Örnek bir response'tan status line:
HTTP/1.1 200 OK
Status-code yani durum kodları nelerdir?
1xx : Bilgi amaçlı kodlardır
2xx : İşlemin başarılı olduğunu belirtir
3xx : Yönlendirme yapıldığını belirtir
4xx : Client error yani istemcinin gönderdiği istekte bir hata olduğunu belirtir (syntax hatası vb.)
5xx : Server error yani sunucuda bir hata olduğunu belirtir (gönderilen istekte hata olmadığı, serverdan kaynaklanan bir sorun nedeniyle işlemin yapılamadığı anlamına gelir)
En sık görülenler:
En sık görülenler:
200: OK , yani işlem başarılı.
404: not found, yani aradığımız sayfa belirttiğimiz adreste yok.
500: internal server error, yani sunucuda bir hata oluştuğundan isteğimizi gerçekleştiremedi.
Durum kodları tam listesi
100
|
Continue
|
Client should continue sending its request. This is a special status code; see below for details.
|
101
|
Switching Protocols
|
The client has used the Upgrade header to request the use of an alternative protocol and the server has agreed.
|
200
|
OK
|
Generic successful request message response. This is the code sent most often when a request is filled normally.
|
201
|
Created
|
The request was successful and resulted in a resource being created. This would be a typical response to a PUT method.
|
202
|
Accepted
|
The request was accepted by the server but has not yet been processed. This is an intentionally “non-commital” response that does not tell the client whether or not the request will be carried out; the client determines the eventual disposition of the request in some unspecified way. It is used only in special circumstances.
|
203
|
Non-Authoritative Information
|
The request was successful, but some of the information returned by the server came not from the original server associated with the resource but from a third party.
|
204
|
No Content
|
The request was successful, but the server has determined that it does not need to return to the client an entity body.
|
205
|
Reset Content
|
The request was successful; the server is telling the client that it should reset the document from which the request was generated so that a duplicate request is not sent. This code is intended for use with forms.
|
206
|
Partial Content
|
The server has successfully fulfilled a partial GET request. See the topic on methods for more details on this, as well as the description of the Range header.
|
300
|
Multiple Choices
|
The resource is represented in more than one way on the server. The server is returning information describing these representations, so the client can pick the most appropriate one, a process called agent-driven negotiation.
|
301
|
Moved Permanently
|
The resource requested has been moved to a new URL permanently. Any future requests for this resource should use the new URL.
This is the proper method of handling situations where a file on a server is renamed or moved to a new directory. Most people don't bother setting this up, which is why URLs “break” so often, resulting in 404 errors as discussed below. |
302
|
Found
|
The resource requested is temporarily using a different URL. The client should continue to use the original URL. See code 307.
|
303
|
See Other
|
The response for the request can be found at a different URL, which the server specifies. The client must do a fresh GET on that URL to see the results of the prior request.
|
304
|
Not Modified
|
The client sent a conditional GET request, but the resource has not been modified since the specified date/time, so the server has not sent it.
|
305
|
Use Proxy
|
To access the requested resource, the client must use a proxy, whose URL is given by the server in its response.
|
306
|
(unused)
|
Defined in an earlier (draft?) version of HTTP and no longer used.
|
307
|
Temporary Redirect
|
The resource is temporarily located at a different URL than the one the client specified.
Note that 302 and 307 are basically the same status code. 307 was created to clear up some confusion related to 302 that occurred in earlier versions of HTTP (which I'd rather not get into!) |
400
|
Bad Request
|
Server says, “huh?” J Generic response when the request cannot be understood or carried out due to a problem on the client's end.
|
401
|
Unauthorized
|
The client is not authorized to access the resource. Often returned if an attempt is made to access a resource protected by a password or some other means without the appropriate credentials.
|
402
|
Payment Required
|
This is reserved for future use. Its mere presence in the HTTP standard has caused a lot of people to scratch their chins and go “hmm…” J
|
403
|
Forbidden
|
The request has been disallowed by the server. This is a generic “no way” response that is not related to authorization. For example, if the maintainer of Web site blocks access to it from a particular client, any requests from that client will result in a 403 reply.
|
404
|
Not Found
|
The most common HTTP error message, returned when the server cannot locate the requested resource. Usually occurs due to either the server having moved/removed the resource, or the client giving an invalid URL (misspellings being the most common cause.)
|
405
|
Method Not Allowed
|
The requested method is not allowed for the specified resource. The response includes an Allow header that indicates what methods the server will permit.
|
406
|
Not Acceptable
|
The client sent a request that specifies limitations that the server cannot meet for the specified resource. This error may occur if an overly-restrictive list of conditions is placed into a request such that the server cannot return any part of the resource.
|
407
|
Proxy Authentication Required
| |
408
|
Request Timeout
|
The server was expecting the client to send a request within a particular time frame and the client didn't send it.
|
409
|
Conflict
|
The request could not be filled because of a conflict of some sort related to the resource. This most often occurs in response to a PUT method, such as if one user tries to PUT a resource that another user has open for editing, for example.
|
410
|
Gone
|
The resource is no longer available at the server, which does not know its new URL. This is a more specific version of the 404 code that is used only if the server knows that the resource was intentionally removed. It is seen rarely (if ever) compared to 404.
|
411
|
Length Required
| |
412
|
Precondition Failed
|
Indicates that the client specified a precondition in its request, such as the use of an If-Match header, which evaluated to a false value. This indicates that the condition was not satisfied so the request is not being filled. This is used by clients in special cases to ensure that they do not accidentally receive the wrong resource.
|
413
|
Request Entity Too Large
|
The server has refused to fulfill the request because the entity that the client is requesting is too large.
|
414
|
Request-URI Too Long
|
The server has refused to fulfill the request because the URL specified is longer than the server can process. This rarely occurs with properly-formed URLs but may be seen if clients try to send gibberish to the server.
|
415
|
Unsupported Media Type
|
The request cannot be processed because it contains an entity using a media type the server does not support.
|
416
|
Requested Range Not Satisfiable
|
The client included a Range header specifying a range of values that is not valid for the resource. An example might be requesting bytes 3,000 through 4,000 of a 2,400-byte file.
|
417
|
Expectation Failed
|
The request included an Expect header that could not be satisfied by the server.
|
500
|
Internal Server Error
|
Generic error message indicating that the request could not be fulfilled due to a server problem.
|
501
|
Not Implemented
|
The server does not know how to carry out the request, so it cannot satisfy it.
|
502
|
Bad Gateway
|
The server, while acting as a gateway or proxy, received an invalid response from another server it tried to access on the client's behalf.
|
503
|
Service Unavailable
|
The server is temporarily unable to fulfill the request for internal reasons. This is often returned when a server is overloaded or down for maintenance.
|
504
|
Gateway Timeout
|
The server, while acting as a gateway or proxy, timed out while waiting for a response from another server it tried to access on the client's behalf.
|
505
|
HTTP Version Not Supported
|
The request used a version of HTTP that the server does not understand.
|
Hiç yorum yok:
Yorum Gönder