HTTP and HTTPS
Hypertext transfer protocol (HTTP) is the way in which clients (browsers) communicate with servers to request web resources. The protocol allows Internet users to view webpages that are housed on servers. Put simply, HTTP is the foundation of Internet-based data exchange.
What is Hypertext?
Web pages are much more dynamic than a physical page in the real world. If you printed and read an article on paper you wouldn’t be able to click the links that are within the article online. You also wouldn’t be able to view an embedded video or expand an infographic.
Hypertext is unique from regular text because it includes links that can be used to access another webpage. That’s why it’s referred to as “hyper”. HTTP is needed to transfer hypertext from a server to a browser that is requesting to view the page. Without HTTP the Internet as we know it wouldn’t exist.
How HTTP Works
HTTP can be a hard concept to grasp if you aren’t a web developer. The first thing to understand is Internet network communication is multi-layered. HTTP is an application layer that sits on top. It’s essentially a universal protocol that makes Internet use possible.
There are three entities involved with HTTP: a client (usually a browser), a server and proxies.
CLIENT ⇄ PROXY ⇄ SERVER
The client acts on behalf of a user to send an individual message, which is known as a request. The request to view or navigate to a webpage is parsed out so that requests are made for each page element like video, layout information (CSS), etc.
The server receives the requests and sends back a response to the client. A response is an answer to the request either granting it or denying it. If it’s granted the server will make the resources available for the client to display them as a webpage.
In between the client and server there are proxies. These machines and computers perform a number of tasks such as logging, caching and load balancing. They also act as a gateway relaying HTTP messages between the client and server.
Proxies are either transparent or non-transparent. Transparent means that the proxy doesn’t alter the request that’s being sent to the server. A non-transparent proxy will change the request before passing it along to the server.
Before an HTTP request can be made a TCP connection needs to occur. A TCP connection is a reliable transport protocol (another layer in Internet communication). Typically a TCP connection is made for each request/response. HTTP/2 introduced message multiplexing over a single connection, which is more efficient when numerous requests are made in quick succession.
5 Basic Steps of HTTP Requests/Responses
Step 1 – Make a TCP connection
Step 2 – Send the HTTP request (directly to server or through a proxy)
Step 3 – Response from the server
Step 4 – Client reads the server’s response
Step 5 – Close the connection or use it for another request
Typically, the HTTP communication is going on in the background, and it’s so quick and seamless users never realize it’s happening. However, there are times when users are reminded that HTTP is a part of every webpage that’s viewed. If an error occurs, you may see an HTTP response code instead of the webpage.
An example of a common HTTP response code is a 404 page. This response code shows up when the requested page can’t be found because it no longer exists at the given web address and there’s no redirect to another webpage.
Learn how to pick the metrics that matter.Download the Guide
HTTP vs HTTPS
Take a look at any URL and you will see it starts with either http:// or https://. What makes the two different?
HTTPS indicates that the website connection is encrypted by SSL/TSL for added security. The “S” stands for secure. At one time HTTPS was primarily used for password-protected content and sensitive data, but now most websites use HTTPS rather than HTTP.
How HTTPS Works
When a client sends a request using the HTTP protocol it looks up the IP address for the website and connects to the corresponding server. All the data that’s sent over that connection is easy for a hacker, your Internet Service Provider or a government agency to read. The client may also not actually connect to the intended IP address, which is another security issue.
HTTPS helps solve these problems.
Connecting to an HTTPS-secured server adds an extra step when a client request is sent. The client will verify the website’s security certificate to make sure it’s the correct IP address.
Encryption adds another layer of security. It ensures that the data sent between the client and server can’t be easily read by someone who is eavesdropping. Banking institutions were among the first to adopt HTTPS because users were sharing sensitive financial information and using their websites for money management. Using HTTP put users at serious risk for identity theft and fraud.
If you use Google’s search engine you may have noticed that by default it uses HTTPS connections. The decision to do that means outsiders and people on the same Wi-Fi network can’t see what you’re searching for on Google.
The Future of HTTP and HTTPS
Moving forward HTTPS is going to be the standard because of the added security it provides. However, a few years from now it likely won’t be exactly the same as we know it today.
HTTP is designed to expand easily and has played a large role in expanding the functionality of the Internet. The use of HTTP headers allows for the extendability and enables developers to experiment with new HTTP functions. This means that the use of HTTP is always evolving although the basic functions remain relatively the same.
Get the free 2019 Product Benchmarks report todayDownload Report