这是我参与新手入门的第1篇文章。
一、什么是HTTP协议
- HTTP协议(Hypertext Transfer Protocol,超文本传输协议)对客户端和服务器端之间数据之间实现可靠性的传输文字、图片、音频、视频等超文本数据的规范。
- Http协议属于应用层,用户访问的第一层就是http。
二、HTTP协议格式
所谓超文本传输协议,就是传输的文本信息,对文本信息的格式做了一定的限制。
请求报文格式
HTTP报文由从客户机到服务器的请求和从服务器到客户机的响应构成。请求报文格式如下:
请求行 - 通用信息头 - 请求头 - 实体头 - 报文主体
请求报文如下
POST https://api.juejin.cn/interact_api/v1/comment/list HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/json
Content-Length: 90
Host: api.juejin.cn
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
{"item_id":"6981086026055811079","item_type":2,"cursor":"0","limit":20,"client_type":2608}
-
请求行 POST为请求类型,api.juejin.cn/interact_ap… 为要访问的资源,HTTP/1.1是协议版本
-
请求头部 从第二行起为请求头部,Accept-Encoding表示请求格式;Content-Type指的是请求的数据类型;Content-Length请求格式的长度;Host指出请求的目的地(主机域名);Connection连接方式;User-Agent它是检测浏览器类型的重要信息,由浏览器定义,并且在每个请求中自动发送。
-
空行 请求头后面必须有一个空行
-
请求数据 请求的数据也叫请求体,可以添加任意的其它数据。
响应报文格式
应答报文格式如下:
状态行 - 通用信息头 - 响应头 - 实体头 - 报文主体
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 06 Jul 2021 15:05:02 GMT
Vary: Accept-Encoding
X-Tt-Logid: 20210706230502010212150152150DC272
server-timing: inner; dur=47
x-tt-trace-host: 0105f83323851c44e692c39c28f85b3e51f77f4f44ef560dbb5ebeed4d00e2ad7e5389222aad8f43cc8a4e29c81a8d3c58f50d8995db9649cf4329ac8991656c5bbf8c9beb6a1cc49bec51a253adafea6b5f41ab3f1638949caafec97204337eeb
x-tt-trace-tag: id=3;cdn-cache=miss
X-TT-TIMESTAMP: 1625583902.666
Content-Encoding: gzip
Via: cache3.l2cn1800[88,0], cache6.cn1756[133,0]
Timing-Allow-Origin: *
EagleId: 7030991a16255839025774966e
{"err_no":0,"err_msg":"success","data":[{"comment_id":"6981339904140051213","comment_info":{"comment_id":"6981339904140051213","user_id":"4169821261664952","item_id":"6981086026055811079","item_type":2,"comment_content":"婊存淮婊存淮","comment_pics":[],"comment_status":1,"ctime":1625469867,"comment_replys":[],"digg_count":0,"bury_count":0,"reply_count":0,"is_digg":false,"is_bury":false,"level":0},"user_info":{"user_id":"4169821261664952","user_name":"骞插暐鐜╂剰","company":"","job_title":"","avatar_large":"https://sf3-ttcdn-tos.pstatp.com/img/mosaic-legacy/3792/5112637127~300x300.image","level":0,"description":"","followee_count":1,"follower_count":0,"post_article_count":0,"digg_article_count":3,"got_digg_count":0,"got_view_count":0,"post_shortmsg_count":0,"digg_shortmsg_count":0,"isfollowed":false,"favorable_author":0,"power":0,"study_point":0,"university":{"university_id":"0","name":"","logo":""},"major":{"major_id":"0","parent_id":"0","name":""},"student_status":0,"select_event_count":0,"select_online_course_count":0,"identity":0,"is_select_annual":false,"select_annual_rank":0,"annual_list_type":0,"extraMap":{},"is_logout":0},"user_interact":{"id":6981086026055811079,"omitempty":2,"user_id":0,"is_digg":false,"is_follow":false,"is_collect":false},"reply_infos":[],"is_author":false},{"comment_id":"6981339028272972581","comment_info":{"comment_id":"6981339028272972581","user_id":"3069492197591624","item_id":"6981086026055811079","item_type":2,"comment_content":"鍐插啿chong","comment_pics":[],"comment_status":1,"ctime":1625469664,"comment_replys":[],"digg_count":0,"bury_count":0,"reply_count":0,"is_digg":false,"is_bury":false,"level":0},"user_info":{"user_id":"3069492197591624","user_name":"鍙虫墜鎷夋媺閾�,"company":"","job_title":"","avatar_large":"https://sf1-ttcdn-tos.pstatp.com/img/user-avatar/d52827434789fbb81c8f78169e48f87c~300x300.image","level":0,"description":"","followee_count":5,"follower_count":1,"post_article_count":1,"digg_article_count":6,"got_digg_count":0,"got_view_count":31,"post_shortmsg_count":0,"digg_shortmsg_count":0,"isfollowed":false,"favorable_author":0,"power":0,"study_point":0,"university":{"university_id":"0","name":"","logo":""},"major":{"major_id":"0","parent_id":"0","name":""},"student_status":0,"select_event_count":0,"select_online_course_count":0,"identity":0,"is_select_annual":false,"select_annual_rank":0,"annual_list_type":0,"extraMap":{},"is_logout":0},"user_interact":{"id":6981086026055811079,"omitempty":2,"user_id":0,"is_digg":false,"is_follow":false,"is_collect":false},"reply_infos":[],"is_author":false},{"comment_id":"6981287607942513415","comment_info":{"comment_id":"6981287607942513415","user_id":"1425421481546093","item_id":"6981086026055811079","item_type":2,"comment_content":"鍏堟墦涓崱馃槂","comment_pics":[],"comment_status":1,"ctime":1625457690,"comment_replys":[],"digg_count":0,"bury_count":0,"reply_count":0,"is_digg":false,"is_bury":false,"level":0},"user_info":{"user_id":"1425421481546093","user_name":"瀹囨櫤娉娲惧ぇ鏄�,"company":"","job_title":"鍓嶇鏂版墜","avatar_large":"https://sf6-ttcdn-tos.pstatp.com/img/user-avatar/84991613df03e46dad8d34ddef4605f6~300x300.image","level":0,"description":"","followee_count":9,"follower_count":2,"post_article_count":0,"digg_article_count":1,"got_digg_count":0,"got_view_count":0,"post_shortmsg_count":7,"digg_shortmsg_count":19,"isfollowed":false,"favorable_author":0,"power":0,"study_point":0,"university":{"university_id":"0","name":"","logo":""},"major":{"major_id":"0","parent_id":"0","name":""},"student_status":0,"select_event_count":0,"select_online_course_count":0,"identity":0,"is_select_annual":false,"select_annual_rank":0,"annual_list_type":0,"extraMap":{},"is_logout":0},"user_interact":{"id":6981086026055811079,"omitempty":2,"user_id":0,"is_digg":false,"is_follow":false,"is_collect":false},"reply_infos":[],"is_author":false},{"comment_id":"6981245195145151245","comment_info":{"comment_id":"6981245195145151245","user_id":"34801414070510","item_id":"6981086026055811079","item_type":2,"comment_content":"鍏堟墦涓崱馃槂","comment_pics":[],"comment_status":1,"ctime":1625447816,"comment_replys":[],"digg_count":0,"bury_count":0,"reply_count":0,"is_digg":false,"is_bury":false,"level":0},"user_info":{"user_id":"34801414070510","user_name":"Jason涓嶅緱","company":"","job_title":"","avatar_large":"https://sf3-ttcdn-tos.pstatp.com/img/user-avatar/b5768337c7c60304aea5c62aeba221c3~300x300.image","level":0,"description":"","followee_count":2,"follower_count":0,"post_article_count":1,"digg_article_count":3,"got_digg_count":0,"got_view_count":34,"post_shortmsg_count":1,"digg_shortmsg_count":2,"isfollowed":false,"favorable_author":0,"power":0,"study_point":0,"university":{"university_id":"0","name":"","logo":""},"major":{"major_id":"0","parent_id":"0","name":""},"student_status":0,"select_event_count":0,"select_online_course_count":0,"identity":0,"is_select_annual":false,"select_annual_rank":0,"annual_list_type":0,"extraMap":{},"is_logout":0},"user_interact":{"id":6981086026055811079,"omitempty":2,"user_id":0,"is_digg":false,"is_follow":false,"is_collect":false},"reply_infos":[],"is_author":false}],"cursor":"4","count":4,"has_more":false}
-
状态行 状态行由协议版本号、状态码、状态消息组成
-
响应头 响应头是客户端可以使用的一些信息,如:Date(生成响应的日期)、Content-Type(MIME类型及编码格式)、Connection(默认是长连接)等等
-
空行 响应头和响应体之间必须有一个空行
-
响应体 响应正文,本例中是键值对信息
三、一次完整的HTTP请求所经历几个步骤?
HTTP通信机制是在一次完整的HTTP通信过程中,Web浏览器与Web服务器之间将完成下列7个步骤:
- 建立TCP连接
- Web浏览器向Web服务器发送请求行
- Web浏览器发送请求头
- Web服务器应答
- Web服务器发送应答头
- Web服务器向浏览器发送数据
- Web服务器关闭TCP连接
四、响应状态码
HTTP协议的状态码由3位数字组成,第一个数字定义了响应的类别,共有5中类别:
- 1.1xx: 指示信息--表示请求已接收,继续处理
- 2.2xx: 成功--表示请求已被成功接收、理解、接受
- 3.3xx: 重定向--要完成请求必须进行更进一步的操作
- 4.4xx: 客户端错误--请求有语法错误或请求无法实现
- 5.5xx: 服务器端错误--服务器未能实现合法的请求
- 常见的状态码:
200 OK //客户端请求成功
400 Bad Request //客户端请求有语法错误,不能被服务器所理解
401 Unauthorized //请求未经授权,这个状态代码必须和WWW-Authenticate报头域一起使用
403 Forbidden //服务器收到请求,但是拒绝提供服务
404 Not Found //请求资源不存在,eg:输入了错误的URL
500 Internal Server Error //服务器发生不可预期的错误
503 Server Unavailable //服务器当前不能处理客户端的请求,一段时间后可能恢复正常
五、Http协议中有那些请求方式
HTTP定义了多种请求方法,来满足各种需求。HTTP/1.0定义了三种请求方法:GET、POST 和 HEAD,到了HTTP/1.1,新增了五种请求方法:OPTIONS、PUT、DELETE、TRACE 和 CONNECT。各个请求方法的具体功能如下:
GET 请求指定的页面信息,并返回实体主体。
HEAD 类似于get请求,只不过返回的响应中没有具体的内容,用于获取报头
POST 向指定资源提交数据进行处理请求(例如提交表单或者上传文件)。数据被包含在请求体中。POST请求可能会导致新的资源的建立和/或已有资源的修改。
PUT 从客户端向服务器传送的数据取代指定的文档的内容。
DELETE 请求服务器删除指定的页面。
CONNECT HTTP/1.1协议中预留给能够将连接改为管道方式的代理服务器。
OPTIONS 允许客户端查看服务器的性能。
TRACE 回显服务器收到的请求,主要用于测试或诊断。
GET方法与POST方法的区别
- 区别一: get重点在从服务器上获取资源,post重点在向服务器发送数据;
- 区别二: Get传输的数据量小,因为受URL长度限制,但效率较高; Post可以传输大量数据,所以上传文件时只能用Post方式;
- get是不安全的,因为get请求发送数据是在URL上,是可见的,可能会泄露私密信息,如密码等; post是放在请求头部的,是安全的。
六、HTTPS工作原理
- 一、首先HTTP请求服务端生成证书,客户端对证书的有效期、合法性、域名是否与请求的域名一致、证书的公钥(RSA加密)等进行校验;
- 二、客户端如果校验通过后,就根据证书的公钥的有效, 生成随机数,随机数使用公钥进行加密(RSA加密);
- 三、消息体产生的后,对它的摘要进行MD5(或者SHA1)算法加密,此时就得到了RSA签名;
- 四、发送给服务端,此时只有服务端(RSA私钥)能解密。
- 五、解密得到的随机数,再用AES加密,作为密钥(此时的密钥只有客户端和服务端知道)。
七、总结
HTTP请求并不像我们想的那样复杂,服务器与浏览器交互就是根据一定的规则(HTTP协议)传输文本信息。理解了什么是超文本协议,开发时请求接口的时候也不会糊里糊涂啦。