HTTP

in Front-end

Another mystery ! Here are some notes about HTTP.

HTTP Overview:

  • HTTP (Hypertext Transfer Protocol) is a TCP/IP-based application layer protocol for communication between clients and servers.
  • It standardizes content request and transmission across the internet.
  • HTTP is based on TCP/IP and uses default port 80 (HTTP) or 443 (HTTPS) for secure communication.

HTTP/0.9 (1991):

  • Simplest version with a single method: GET.
  • Request example: “GET /index.html”
  • Response consisted of the HTML content.
  • No headers, only HTML responses.

HTTP/1.0 (1996):

  • Enhanced version with more response formats (images, video, plain text), methods (POST, HEAD), and headers.
  • Introduced status codes, character sets, language negotiation, caching, and more.
  • Request example:
    GET / HTTP/1.0
Host: cs.fyi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5)
Accept: */*
  • Response example:
    HTTP/1.0 200 OK 
Content-Type: text/plain
Content-Length: 137582
...
(response body)

HTTP/1.1 (1997):

  • Major improvements: new methods (PUT, PATCH, OPTIONS, DELETE), hostname identification, persistent connections, pipelining, chunked transfers, caching, byte ranges, and more.
  • Introduced persistent connections to reduce overhead from repeated connections.
  • Pipelining allowed sending multiple requests before waiting for responses.
  • Introduced chunked transfers for dynamic content.
  • Digest and proxy authentication added.
  • Enabled server push, header compression (HPACK), and request prioritization.

HTTP/1.1 Drawbacks:

  • Head-of-line blocking: Slow requests block subsequent ones.
  • Multiple connections required for parallelism.
  • Redundant data sent due to stateless nature.

SPDY (2009):

  • Google’s experimental protocol to improve web speed and security.
  • Focused on reducing latency.
  • Introduced multiplexing, compression, prioritization, and security features.

HTTP/2 (2015):

  • Addressed HTTP/1.x limitations with low latency design.
  • Binary protocol with frames and streams instead of text. “There is a HEADERS frame for the meta data and DATA frame for the payload and there exist several other types of frames (HEADERS, DATA, RST_STREAM, SETTINGS, PRIORITY etc).” “Frames are nothing but binary pieces of data. A collection of frames is called a Stream. Each frame has a stream id that identifies the stream to which it belongs and each frame has a common header.”
  • Multiplexing allowed multiple requests over a single connection. “Once a TCP connection is opened, all the streams are sent asynchronously through the same connection without opening any additional connections. And in turn, the server responds in the same asynchronous way i.e. the response has no order and the client uses the assigned stream id to identify the stream to which a specific packet belongs.”
  • Header compression using HPACK.
  • Server push feature pushed resources to clients before being requested.
  • Request prioritization and security enhancements.
  • Encouraged use over TLS (HTTPS) for security reasons.

HTTP/2 Stream and Frame:

  • HTTP/2 messages composed of frames (HEADERS, DATA, RST_STREAM, SETTINGS, PRIORITY, etc.) sent over streams.
  • Each stream has a unique ID, and streams are multiplexed over a single connection.
  • Server push allows preemptively sending resources to clients.
  • Header compression via HPACK reduces redundancy in headers.

HTTP 3

HTTP/3 is the next generation of the Hypertext Transfer Protocol, designed to enhance web performance and security. Let’s delve into its core concepts that every web developer should know:

HTTP/3 Overview:

  • HTTP/3 is the successor to HTTP/2, focusing on improving speed and reliability.
  • It’s designed to mitigate latency issues and provide better performance over unreliable networks.
  • Built on the QUIC (Quick UDP Internet Connections) protocol, which uses UDP instead of TCP for faster connections.

Key Concepts:

  1. QUIC Protocol:
    • QUIC (Quick UDP Internet Connections) is the foundation of HTTP/3.
    • Uses UDP (User Datagram Protocol) instead of TCP for lower latency.
    • Incorporates built-in encryption and security features.
  2. Multiplexing:
    • Similar to HTTP/2, HTTP/3 supports multiplexing multiple streams over a single connection.
    • Enables concurrent requests and responses, reducing latency.
  3. Connection Migration:
    • QUIC allows seamless connection migration between different network interfaces (e.g., Wi-Fi to cellular) without disrupting user experience.
  4. Improved Error Handling:
    • QUIC handles packet loss and network congestion more efficiently than TCP.
    • Reduces head-of-line blocking issues encountered in TCP-based protocols.
  5. Reduced Latency:
    • Designed to minimize latency by focusing on faster handshakes and data transmission.
  6. TLS Integration:
    • Encryption is an integral part of HTTP/3.
    • QUIC includes its own encryption protocol, reducing the overhead of TLS handshakes.
  7. Connection Migration:
    • Enables seamless transfer of connections between networks without disconnecting users.
  8. Connection Prioritization:
    • Like HTTP/2, HTTP/3 supports prioritizing requests to ensure critical resources are loaded quickly.
  9. Stream-Level Flow Control:
    • HTTP/3 incorporates improved flow control mechanisms at the stream level.
    • Prevents overwhelming servers or clients with too much data.

Impact on Web Development:

  1. Performance Improvements:
    • Reduced latency and improved multiplexing lead to faster web page loading.
    • Better user experiences, especially on mobile devices and in regions with unstable networks.
  2. Security Enhancements:
    • Built-in encryption enhances security for data transmission.
    • Lower risk of data interception or man-in-the-middle attacks.
  3. Optimization Challenges:
    • While HTTP/3 offers significant benefits, developers need to adapt to new protocols and optimize their applications accordingly.
  4. Server and CDN Support:
    • Adopting HTTP/3 requires server and Content Delivery Network (CDN) support.
    • Popular web servers like NGINX and Apache are adding HTTP/3 support.