1. 1 HTTP EECS 325/425, Fall 2005 September 12

2. 2 Chapter 2: Application layer r 2.1 Principles of network applications m app architectures m app requirements r 2.2 Web and HTTP r 2.4 Electronic Mail m SMTP, POP3, IMAP r 2.5 DNS r 2.6 P2P file sharing r 2.7 Socket programming with TCP r 2.8 Socket programming with UDP r 2.9 Building a Web server

3. 3 Web and HTTP Killer Internet applications, started in mid-1990’s News, games, e-commerce, etc Some concepts r A Web page consists of objects r Objects can be HTML files, JPEG images, Java applets, audio files,… r A Web page consists of base HTML-file which may include multiple referenced objects r Each object is addressable by a uniform resource locator (URL). They can be from different hosts. r Example URL: www.someschool.edu/someDept/pic.gif host name path name

4. 4 HTTP overview HTTP: hypertext transfer protocol r Web’s application layer protocol r client/server model m client: browser that requests, receives, “displays” Web objects m server: Web server sends objects in response to requests r HTTP 1.0: RFC 1945 r HTTP 1.1: RFC 2068 PC running Explorer Server running Apache Web server Mac running Navigator HTTP request HTTP response

5. 5 HTTP overview (continued) Uses TCP (reliable): r client initiates TCP connection (creates socket) to server, port 80 r server accepts TCP connection from client r HTTP messages (application- layer protocol messages) exchanged between browser (HTTP client) and Web server (HTTP server) r TCP connection closed HTTP is “stateless” r server maintains no information about past client requests Protocols that maintain “state” are complex! r past history (state) must be maintained r if server/client crashes, their views of “state” may be inconsistent, must be reconciled aside

6. 6 HTTP connections Non-persistent HTTP r At most one object is sent over a TCP connection. r HTTP/1.0 uses non- persistent HTTP Persistent HTTP r Multiple objects can be sent over single TCP connection between client and server. r HTTP/1.1 uses persistent connections in default mode r Q: is persistent HTTP also stateless?

7. 7 Non-persistent HTTP Suppose user enters URL www.someSchool.edu/someDepartment/home.index 1a. HTTP client initiates TCP connection to HTTP server (process) at www.someSchool.edu on port 80 2. HTTP client sends HTTP request message (containing URL) into TCP connection socket. Message indicates that client wants object someDepartment/home.index 1b. HTTP server at host www.someSchool.edu waiting for TCP connection at port 80. “accepts” connection, notifying client 3. HTTP server receives request message, forms response message containing requested object, and sends message into its socket time (contains short text, references to 10 jpeg images)

8. 8 Nonpersistent HTTP (cont.) 5. HTTP client receives response message containing html file, displays html. Parsing html file, finds 10 referenced jpeg objects 6. Steps 1-5 repeated for each of 10 jpeg objects 4. HTTP server closes TCP connection. time

9. 9 Response time modeling Definition of RRT: time to send a small packet to travel from client to server and back. Q: Do you remember what contribute to the RTT? Response time (assumed no packet losses): r one RTT to initiate TCP connection r one RTT for HTTP request and first few bytes of HTTP response to return r file transmission time total = 2RTT+transmit time time to transmit file initiate TCP connection RTT request file RTT file received time

10. 10 Persistent HTTP Non-persistent HTTP issues: r requires >=2 RTTs per object r OS must work and allocate host resources for each TCP connection r but browsers often open parallel TCP connections to fetch referenced objects m Can dramatically affect server performance! Persistent HTTP r server leaves connection open after sending response r subsequent HTTP messages between same client/server are sent over this connection Persistent without pipelining: r client issues new request only when previous response has been received r one RTT for each referenced object Persistent with pipelining: r default in HTTP/1.1 r client sends requests as soon as it encounters a referenced object r as little as one RTT for all the referenced objects

11. 11 HTTP request message r two types of HTTP messages: request, response r HTTP request message: m ASCII (human-readable format) GET /somedir/page.html HTTP/1.1 Host: www.someschool.edu User-agent: Mozilla/4.0 Connection: close Accept-language:fr (extra carriage return, line feed) request line (GET, POST, HEAD commands) header lines Carriage return, line feed indicates end of message

12. 12 HTTP request message: general format

13. 13 Uploading form input Post method: r Web page often includes form input r Input is uploaded to server in entity body URL method: r Uses GET method r Input is uploaded in URL field of request line (same for google): www.somesite.com/animalsearch?monkeys&banana

14. 14 Method types HTTP/1.0 r GET r POST r HEAD m asks server to leave requested object out of response m Why is it useful? HTTP/1.1 r GET, POST, HEAD r PUT m uploads file in entity body to path specified in URL field r DELETE m deletes file specified in the URL field

15. 15 HTTP response message HTTP/1.1 200 OK Connection close Date: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …... Content-Length: 6821 Content-Type: text/html data data data data data... status line (protocol status code status phrase) header lines data, e.g., requested HTML file

16. 16 HTTP response status codes 200 OK m request succeeded, requested object later in this message 301 Moved Permanently m requested object moved, new location specified later in this message (Location:) 304 Not modified m Can use cached copy 400 Bad Request m request message not understood by server 403 Forbidden m Authorization will not help 404 Not Found m requested document not found on this server 505 HTTP Version Not Supported In first line in server->client response message. A few sample codes:

17. 17 Trying out HTTP (client side) for yourself 1. Telnet to your favorite Web server: Opens TCP connection to port 80 (default HTTP server port) at cis.poly.edu. Anything typed in sent to port 80 at cis.poly.edu telnet cis.poly.edu 80 2. Type in a GET HTTP request: GET /~ross/ HTTP/1.1 Host: cis.poly.edu By typing this in (hit carriage return twice), you send this minimal (but complete) GET request to HTTP server 3. Look at response message sent by HTTP server!

18. 18 sxj63@easy[~]$ telnet cis.poly.edu 80 Trying 128.238.32.126... Connected to cis.poly.edu. Escape character is '^]'. HEAD /~ross/ HTTP/1.1 Host: cis.poly.edu HTTP/1.1 200 OK Date: Mon, 12 Sep 2005 16:34:40 GMT Server: Apache/1.2.5 Last-Modified: Fri, 22 Jul 2005 19:11:30 GMT ETag: "15834-2161-42e144e2" Content-Length: 8545 Accept-Ranges: bytes Content-Type: text/html Connection to cis.poly.edu closed by foreign host. sxj63@easy[~]$ telnet cis.poly.edu 80 Trying 128.238.32.126... Connected to cis.poly.edu. Escape character is '^]'. HEAD /~banana/ HTTP/1.1 Host: cis.poly.edu HTTP/1.1 404 File Not Found Date: Mon, 12 Sep 2005 16:36:10 GMT Server: Apache/1.2.5 Content-Type: text/html Connection to cis.poly.edu closed by foreign host. sxj63@easy[~]$ sxj63@easy[~]$ telnet vorlon.cwru.edu 80 Trying 129.22.150.75... Connected to vorlon.EECS.cwru.edu. Escape character is '^]'. GET /index.html HTTP/1.0 HTTP/1.1 200 OK Date: Mon, 12 Sep 2005 16:44:27 GMT Server: Apache Last-Modified: Wed, 24 Nov 2004 04:04:25 GMT ETag: "4f4c67-a5-2f6be440" Accept-Ranges: bytes Content-Length: 165 Connection: close Content-Type: text/html; charset=ISO-8859-1 www.eecs.cwru.edu Connection to vorlon.EECS.cwru.edu closed by foreign host. sxj63@easy[~]$

19. 19 User-server state: cookies Many major Web sites use cookies (users may like them or hate them) Four components: 1) cookie header line in the HTTP response message 2) cookie header line in HTTP request message 3) cookie file kept on user’s host and managed by user’s browser 4) back-end database at Web site Example: m Susan access Internet always from same PC m She visits a specific e- commerce site for first time m When initial HTTP requests arrives at site, site creates a unique ID and creates an entry in backend database for ID

20. 20 Cookies: keeping “state” (cont.) client server usual http request msg usual http response + Set-cookie: 1678 usual http request msg cookie: 1678 usual http response msg usual http request msg cookie: 1678 usual http response msg cookie- specific action cookie- spectific action server creates ID 1678 for user entry in backend database access Cookie file amazon: 1678 ebay: 8734 Cookie file ebay: 8734 Cookie file amazon: 1678 ebay: 8734 one week later:

21. 21 Cookies (continued) What cookies can bring: r authorization r shopping carts r recommendations r user session state (Web e-mail) Cookies and privacy: r cookies permit sites to learn a lot about you r you may supply name and e-mail to sites r search engines use redirection & cookies to learn yet more r advertising companies obtain info across sites aside

22. 22 Conditional GET r Goal: don’t send object if cache has up-to-date cached version r cache: specify date of cached copy in HTTP request If-modified-since: r server: response contains no object if cached copy is up- to-date: HTTP/1.0 304 Not Modified r Q: does IMS make HTTP stateful? cache server HTTP request msg If-modified-since: HTTP response HTTP/1.0 304 Not Modified object not modified HTTP request msg If-modified-since: HTTP response HTTP/1.0 200 OK object modified

23. 23 Readings etc r Section 2.1-2.5 r Is it difficult to implement a Web crawler to find out more about the Web, e.g., m the links between Web pages m the versions of Web servers m the versions of HTTP