View
225
Download
2
Tags:
Embed Size (px)
Citation preview
3
The Format of a ResponseThe Format of a Response
version spstatus codesp phraseheader
cr lf: value cr lf
header : value cr lfcr lf
Entity Body
headerslines
statusline
4
The Initial Line of a Response
• The initial line of a response is also called the status line
• The initial line consists of– HTTP version– response status code– reason phrase that describes the
status code
5
HTTP/1.0 200 OK Date: Fri, 31 Dec 1999 23:59:59 GMT Content-Type: text/html Content-Length: 1354
<html> <body> <h1>Hello World</h1> (more file contents) . . . </body> </html>
Response Example
6
HTTP/1.0 200 OK Date: Fri, 31 Dec 1999 23:59:59 GMT Content-Type: text/html Content-Length: 1354
<html> <body> <h1>Hello World</h1> (more file contents) . . . </body> </html>
Response Exampleversion
message body
headers
reason phrasestatus code
8
Status Codes in Responses
• The status code is a three-digit integer, and the first digit identifies the general category of response: – 1xx indicates an informational message – 2xx indicates success of some kind – 3xx redirects the client to another URL– 4xx indicates an error on the client's part
• Yes, the system blames it on the client if a resource is not found (i.e., 404)
– 5xx indicates an error on the server's part
9
Status Codes 1xx
• The 100 (Continue) Status– Allows a client to determine if the
Server is willing to accept the request (based on the request headers) before the client sends the request body
– The client’s request must have the header
Expect: 100 (Continue)What is it good for?
10
Status Codes 2xx
Status codes 2xx – Success
• The action was successfully received, understood, and accepted
• Usually upon success a status code 200 and a message OK are sent
• This is the default
11
More 2xx Codes
• 201 (Created)– Location header gives the URL
• 202 (Accepted)– Processing is not yet complete
• 204 (No Content)– Browser should keep displaying
previous document
12
More 2xx Codes
• 205 (Reset Content)– No new document, but the browser
should reset the document view– It is used to force browsers to clear
fields of forms– New in HTTP 1.1
13
Status Codes 3xx
Status codes 3xx – Redirection
• Further action must be taken in order to complete the request
• The client is redirected to get the resource from another URL
14
More 3xx Codes
• 301 – Moved Permanently– The new URL is given in the Location header– Browsers should automatically follow the link to
the new URL
• 302 – Moved Temporarily – In HTTP 1.1 “Found” instead of “Moved
Temporarily”• But “Moved Temporarily” is still used
– Similar to 301, except that the URL given in the Location header is temporary
– Most browsers treat 301 and 302 in the same way
15
More 3xx Codes
• 303 – See Other– Similar to 301 and 302, except that if
the original request was POST, the new document (given in the Location header) should be retrieved with GET
– New in HTTP 1.1
16
More 3xx Codes
304 – Not Modified– This is a response to the If-Modified-
Since request header– If the page has been modified, then it
should be returned with a 200 (OK) status code
17
More 3xx Codes
307 – Temporary Redirect– New URL is given in the Location
header– Only GET but not POST requests
should follow the new URL– In 303 (See Other), both GET and
POST requests follow the new URL– New in HTTP 1.1
18
Status Codes 4xx
Status codes 4xx – Client error• The request contains bad syntax or
cannot be fulfilled
404 File not found
19
4xx Codes
• 400 – Bad Request– Syntax error in the request
• 401 – Unauthorized• 403 – Forbidden
– “permission denied” to the server to access the page
• 404 – Not Found• Turn off “Show friendly HTTP error
messages” in Internet Explorer (Internet Options Advanced)
20
More 4xx Codes(All New in HTTP 1.1)
• 405 – Method Not Allowed• 410 – Gone• 411 – Length Required• 413 – Request Entity Too Large
– Server may include a Retry-After response header
21
More 4xx Codes(All New in HTTP 1.1)
• 414 – Request URI Too Long• 415 – Unsupported Media Type• 417 – Expectation Failed
– It the server receives an Expect request header with a value of 100 (Continue), it means that the client is asking if it can send an attached document in a follow-up request
– The server should respond with either 417 or 100 (Continue)
22
Status Codes 5xx
Status codes 5xx – Server error
• The server failed to fulfill an apparently valid request
For example,502 Bad gateway
23
5xx Codes
• 500 – Internal Server Error• 501 – Not Implemented• 502 – Bad Gateway• 503 – Service Unavailable
– The response may include a Retry-After header to indicate when the client might try again
• 505 – HTTP Version Not Supported– New in HTTP 1.1
25
The Purposes of Response Headers
• Give forwarding location• Specify cookies• Supply the page modification date• Instruct the browser to reload the page
after a designated interval• Give the document size so that persistent
(keep-alive) connection can be used• Designate the type of document being
generated• Etc.
26
Allow Response Header
• It specifies the request methods (GET, POST, etc.) that are allowed for the requested URL
• It is required for 405 (Method Not Allowed) responses
• The default service method of servlets automatically generates this header for OPTIONS requests
27
Cache-Control (1.1) and Pragma (1.0) Response
Header• A no-cache value prevents proxies and
browsers from caching the page• More on this header later, when we will
talk about caching• Don’t use the Pragma header in responses
– The meaning of “Pragma: no-cache” is only specified for requests
• A safer approach is to use both the Pragma header and the Cache-Control header with the no-cache value
28
Connection Response Header
• A value of close instructs the client not to use persistent HTTP connections
• In HTTP 1.1, persistent connections are the default
29
Content Response Headers
• Content-Encoding– It indicates how the page was
encoded• Content-Language
– It gives the language in which the page is written•The value should be one of the
standard language codes, e.g., en, en-us, da
30
Content-Length Response Header
• It specifies the number of bytes in the response
• It is needed only if a persistent (keep-alive) connection is used
31
Content-Type Response Header
• It gives the MIME (Multipurpose Internet Mail Extension) type of the response document
• MIME types are of the form:– maintype/subtype for officially registered
types– maintype/x-subtype for unregistered
types• Examples: text/html, image/jpeg,
application/x-gzip
32
Expires Response Header
• It gives the time at which the document should be considered out-of-date and thus should no longer be cached
• It can be used, for example, if the document is valid only for a short time
• To achieve the desired effect, some other Cache-Control headers must also be used
33
Last-ModifiedResponse Header
• This header gives the time when the document was last changed
• The date that is given in the Last-Modified response header can be used in later requests in the If-Modified-Since request header
• When using servlets, don’t set this header explicitly; implement a getLastModified method instead
34
Location Response Header
• This header should be included in all responses that have a 3xx status code
• The browser automatically retrieves the document from the new location that is given as the value of this header
35
Refresh Response Header
• The number of seconds until the browser should reload the page
• Can also include the URL of a document that should be loaded (instead of the original document)
• This header is not part of HTTP 1.1 but is an extension supported by Netscape and Internet Explorer
36
Retry-After Response Header
• This header can be used in conjunction with a 503 (Service Unavailable) response to tell the client how soon it can repeat its request
37
Set-Cookie Response Header
• This header specifies a cookie associated with the page; it has several fields:
• Each cookie requires a separate header• Servlets should use the special-purpose
addCookie method of HttpServletRepsonse instead of setting the value of this header directly
• This header is not part of HTTP 1.1 but is widely supported
Set-Cookie: name=value; expires= value; path= value; domain= value; secure
38
WWW-Authenticate Response Header
• This header is always included with a 401 (Unauthorized) status code
• It gives the authentication scheme(s) and parameters applicable to the URL that was requested
41
Meta HTTP-EQUIV Tags
• The browser interprets these tags as if they were headers in the HTTP response
• For example<META HTTP-EQUIV=“Refresh” CONTENT=“5; URL=http://host/path/”>• If the value is 0 (instead of 5) and there
is no URL parameter, the same page is continuously refreshed, causing the Back button to stop working
42
Meta HTTP-EQUIV TagsAre Only Read by
Browsers• Meta HTTP-EQUIV tags are
interpreted by browsers• Proxies usually don’t read the
HTML documents – they only read the headers of the HTTP requests and responses
• Therefore, Cache-Control headers in META HTTP-EQUIV tags actually apply only to the browser’s cache
44
Manually Experimentingwith HTTP
>host wwwwww.cs.huji.ac.il is a nickname for vafla.cs.huji.ac.ilvafla.cs.huji.ac.il has address 132.65.80.39vafla.cs.huji.as.il mail is handled (pri=10) by
cs.huji.ac.il
>telnet www.cs.huji.ac.il 80Trying 132.65.80.39…Connected to vafla.cs.huji.ac.il.Escape character is ‘^]’.
46
The Response
HTTP/1.1 200 OKDate: Sun, 11 Mar 2001 21:42:15 GMTServer: Apache/1.3.9 (Unix)Last-Modified: Sun, 25 Feb 2001 21:42:15 GMTContent-Length: 479Content-Type: text/html
<html> (html code …)</html>