test

Sun Java System Web Server 7.0 Update 8 NSAPI Developer's Guide

Appendix A Hypertext Transfer Protocol

The Hypertext Transfer Protocol (HTTP) is a protocol which is a set of rules that describes how information is exchanged, that enables a client such as a web browser and a Web Server to communicate with each other.

HTTP is based on a request-response model. The browser opens a connection to the server and sends a request to the server. The server processes the request and generates a response, which it sends to the browser. The server then closes the connection.

This chapter provides a short introduction to a few HTTP basics. For more information on HTTP, see the IETF home page athttp://www.ietf.org/home.html.

This chapter has the following sections:

Compliance

Sun Java System Web Server supports HTTP/1.1. The server is conditionally compliant with the HTTP/1.1 proposed standard, as approved by the Internet Engineering Steering Group (IESG), and the Internet Engineering Task Force (IETF) HTTP working group.

For more information on the criteria for being conditionally compliant, see the Hypertext Transfer Protocol -- HTTP/1.1 specification (RFC 2616) at http://www.ietf.org/rfc/rfc2616.txt.

Requests

A request from a browser to a server includes the following information:

Request Method, URI, and Protocol Version

A browser can request information using a number of methods. The commonly used methods are:

Request Headers

The browser can send headers to the server. Most of these request headers are optional. This section lists some of the commonly used request headers.

Accept

File types the browser can accept.

Authorization

Used if the browser wants to authenticate itself with a server. Information such as the user name and password are included.

User-Agent

Name and version of the browser software.

Referer

URL of the document.

Host

Internet host and port number of the resource being requested.

Request Data

If the browser has made a POST or PUT request, it sends data after the blank line following the request headers. If the browser sends a GET or HEAD request, no data exists to send.

Responses

The server’s response includes the following:

HTTP Protocol Version, Status Code, and Reason Phrase

The server sends back a status code, which is a three-digit numeric code. The five categories of status codes are:

Table A–1 Common HTTP Status Codes

Status Code

Meaning

200

The Request has succeeded for the method used (GET, POST, HEAD).

201

The request has resulted in the creation of a new resource reference by the returned URI. 

206

The server has sent a response to byte range requests. 

302

Found. Redirection to a new URL. The original URL has moved. This result is not an error. Most browsers will get the new page. 

304

Use a local copy. If a browser already has a page in its cache, and the page is requested again, some browsers such as Netscape Navigator relay to the web server the “last-modified” timestamp on the browser’s cached copy. If the copy on the server is not newer than the browser’s copy, the server returns a 304 code instead of returning the page, reducing unnecessary network traffic. This result is not an error. 

400

Sent if the request is not a valid HTTP/1.0 or HTTP/1.1 request. For example HTTP/1.1 requires a host to be specified either in the Host header or as part of the URI on the request line.

401

Unauthorized. The user requested a document but did not provide a valid user name or password. 

403

Forbidden. Access to this URL is forbidden. 

404

Not found. The document requested is not on the server. This code can also be sent if the server is configured to protect the document for unauthorized personnel. 

408

If the client starts a request but does not complete it within the keep-alive timeout configured in the server, then this response will be sent and the connection closed. The request can be repeated with another open connection. 

411

The client submitted a POST request with chunked encoding, which is of variable length. However, the resource or application on the server requires a fixed length - a Content-Length header to be present. This code tells the client to resubmit its request with Content-Length.

413

Some applications, for example, certain NSAPI plug-ins cannot handle very large amounts of data, so returns this error code. 

414

The URI is longer than the maximum the web server is willing to serve. 

416

Data was requested outside the range of a file. 

500

A server-related error occurred. The server administrator must check the error log in the server. 

503

Sent if the quality of service mechanism was enabled and bandwidth or connection limits were attained. The server then serves requests with that code.  

Response Headers

The response headers contain information about the server and the response data. This section lists some common response headers.

Server

Name and version of the web server

Date

Current date in Greenwich Mean Time

Last-Modified

Date when the document was last modified

Expires

Date when the document expires

content-length

Length of the data that follows (in bytes)

content-type

MIME type of the data that follows

WWW-Authenticate

Used during authentication and includes information that tells the browser software what information is necessary for authentication such as user name and password

Response Data

The server sends a blank line after the last header. It then sends the response data such as an image or an HTML page.