NSAPI Programmer's Guide for Enterprise Server 4.0

NSAPI Programmer's Guide for Enterprise Server 4.0
Table of Contents | Previous | Next | Index | Bookshelf

NSAPI Programmer's Guide for Enterprise Server 4.0

Appendix G
HyperText Transfer Protocol

The HyperText Transfer Protocol (HTTP) is a protocol (a set of rules that describes how information is exchanged) that allows a client (such as a web browser) and a web server to communicate with each other. This appendix provides a short introduction to a few HTTP basics. For more information on HTTP, see the IETF home page at:

http://www.ietf.org/home.html

Introduction

HTTP is based on a request/response model. The browser opens a connection to the server and sends a request to the server.

The server processes the request and generates a response which it sends to the browser.The server then closes the connection.

Netscape Enterprise Server 3.x and 4.0 supports HTTP 1.1. Previous versions of the server supported HTTP 1.0. The server is conditionally compliant with the HTTP 1.1 proposed standard, as approved by the Internet Engineering Steering Group (IESG) and the Internet Engineering Task Force (IETF) HTTP working group. For more information on the criteria for being conditionally compliant, see the Hypertext Transfer Protocol--HTTP/1.1 specification (RFC 2068) at:

http://www.ietf.org/html.charters/http-charter.html

Requests

A request from a browser to a server includes the following information:

Request Method, URI, and Protocol Version

Request Headers

Request Data

Request Method, URI, and Protocol Version

A browser can request information using a number of methods. The commonly used methods include the following:

GET--Requests the specified resource (such as a document or image)

HEAD--Requests only the header information for the document

POST--Requests that the server accept some data from the browser, such as form input for a CGI program

PUT--Replaces the contents of a server's document with data from the browser

Request Headers

The browser can send headers to the server. Most are optional. Some commonly used request headers are shown in Table 6.4.

Table 6.4 Common request headers

Request header Description
Accept
The file types the browser can accept.

Authorization
Used if the browser wants to authenticate itself with a server; information such as the username and password are included.

User-agent
The name and version of the browser software.

Referer
The URL of the document where the user clicked on the link.

Host
The Internet host and port number of the resource being requested.

Request Data

If the browser has made a POST or PUT request, it sends data after the blank line following the request headers. If the browser sends a GET or HEAD request, there is no data to send.

Responses

The server's response includes the following:

HTTP Protocol Version, Status Code, and Reason Phrase

The server sends back a status code, which is a three-digit numeric code. The five categories of status codes are:

100-199 a provisional response.
200-299 a successful transaction.
300-399 the requested resource should be retrieved from a different location.
400-499 an error was caused by the browser.
500-599 a serious error occurred in the server.

Table 6.5 Common HTTP status codes

Status code Meaning
200
OK; successful transaction.

302
Found. Redirection to a new URL. The original URL has moved. This is not an error; most browsers will get the new page.

304
Use a local copy. If a browser already has a page in its cache, and the page is requested again, some browsers (such as Netscape Navigator) relay to the web server the "last-modified" timestamp on the browser's cached copy. If the copy on the server is not newer than the browser's copy, the server returns a 304 code instead of returning the page, reducing unnecessary network traffic. This is not an error.

401
Unauthorized. The user requested a document but didn't provide a valid username or password.

403
Forbidden. Access to this URL is forbidden.

404
Not found. The document requested isn't on the server. This code can also be sent if the server has been told to protect the document by telling unauthorized people that it doesn't exist.

500
Server error. A server-related error occurred. The server administrator should check the server's error log to see what happened.

Response Headers

The response headers contain information about the server and the response data. Common response headers are shown in Table 6.6

Table 6.6 Common response headers

Response header Description
Server
The name and version of the web server.

Date
The current date (in Greenwich Mean Time).

Last-modified
The date when the document was last modified.

Expires
The date when the document expires.

Content-length
The length of the data that follows (in bytes).

Content-type
The MIME type of the following data.

WWW-authenticate
Used during authentication and includes information that tells the browser software what is necessary for authentication (such as username and password).

Response Data

The server sends a blank line after the last header. It then sends the response data such as an image or an HTML page.

Table of Contents | Previous | Next | Index | Bookshelf

Last Updated: 08/12/99 14:33:17

Copyright © 1999 Netscape Communications Corporation