The Protocol Behind Every Web Page
HTTP (HyperText Transfer Protocol) is the foundation of data communication on the web. Every time you visit a website, your browser uses HTTP to request pages, images, scripts, and other resources from web servers.
HTTP is a request-response protocol: the client (browser) sends a request, and the server sends a response. It's stateless โ each request is independent; the server doesn't remember previous requests (unless cookies or sessions are used).
HTTP Request Structure
GET /index.html HTTP/1.1 โ Method, Path, Version
Host: www.example.com โ Required header
User-Agent: Mozilla/5.0 โ Client information
Accept: text/html โ Expected response type
Accept-Language: en-US โ Preferred language
Connection: keep-alive โ Connection management
โ Empty line = end of headers
The most common HTTP methods:
- GET โ Request a resource (view a page, download an image).
- POST โ Submit data to the server (login form, upload file).
- PUT โ Update an existing resource.
- DELETE โ Remove a resource.
- PATCH โ Partially modify a resource.
- HEAD โ Like GET, but only returns headers (no body). Used to check if a resource exists.
HTTP Response Structure
HTTP/1.1 200 OK โ Version, Status Code, Reason
Content-Type: text/html โ Response body type
Content-Length: 1234 โ Body size in bytes
Cache-Control: max-age=3600 โ Caching instructions
โ Empty line = end of headers
<html> โ Response body (the actual content)
<head>...</head>
<body>Hello, World!</body>
</html>
Common status codes:
Code โ Meaning โ Category
โโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโ
200 โ OK โ Success
301 โ Moved Permanently โ Redirect
304 โ Not Modified (cached) โ Success
400 โ Bad Request โ Client Error
403 โ Forbidden โ Client Error
404 โ Not Found โ Client Error
500 โ Internal Server Error โ Server Error
503 โ Service Unavailable โ Server Error
HTTPS: Secure HTTP
HTTPS (HTTP Secure) is HTTP encrypted with TLS (Transport Layer Security). It ensures that data between your browser and the server is:
- Encrypted โ Eavesdroppers can't read the data.
- Authenticated โ You're connected to the real server, not an imposter.
- Integrity โ Data hasn't been tampered with in transit.
HTTPS uses port 443 (vs. HTTP's port 80). Modern browsers flag HTTP sites as "Not Secure" and most websites now use HTTPS exclusively.
HTTP/2 and HTTP/3
- HTTP/2 โ Introduces multiplexing (multiple requests over a single connection), header compression, and server push. Much faster than HTTP/1.1.
- HTTP/3 โ Runs over QUIC (which uses UDP) instead of TCP. Eliminates head-of-line blocking and reduces connection establishment time. The future of web communication.