Description
HTTP (Hypertext Transfer Protocol) is an application-layer protocol used for transmitting hypermedia documents, such as HTML, over the web. It forms the foundation of data communication for the World Wide Web, enabling web browsers and servers to communicate using request-response protocols.
HTTP defines how messages are formatted and transmitted, and what actions web servers and browsers should take in response to various commands. Every time you visit a website, your browser sends HTTP requests to the web server and receives HTTP responses.
Key Characteristics
- Stateless: Each request is independent; the server does not retain information about previous interactions.
- Text-based: Human-readable format using plain text.
- Flexible: Supports multiple content types (HTML, JSON, images, etc.).
- Extensible: Allows for additional headers and methods.
- Connectionless (by default): Each connection is established and closed per request, although HTTP/1.1 introduced keep-alive and HTTP/2 multiplexes requests.
HTTP Request Structure
An HTTP request typically includes:
- Request Line (method, URL, HTTP version)
- Headers (metadata)
- Optional Body (for POST/PUT requests)
Example Request:
GET /index.html HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0
Accept: text/htmlHTTP Response Structure
An HTTP response consists of:
- Status Line (protocol version, status code, reason phrase)
- Headers (metadata)
- Body (content)
Example Response:
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1256
<html>...</html>HTTP Methods
| Method | Description |
|---|---|
| GET | Retrieve data from server |
| POST | Submit data to server |
| PUT | Update resource |
| DELETE | Delete specified resource |
| HEAD | Same as GET, but without response body |
| OPTIONS | Returns allowed methods for a resource |
| PATCH | Partially update resource |
Status Codes
HTTP status codes are grouped into five classes:
| Code Range | Meaning |
| 1xx | Informational |
| 2xx | Success |
| 3xx | Redirection |
| 4xx | Client Error |
| 5xx | Server Error |
Common Codes:
200 OK– Successful request301 Moved Permanently– Redirect400 Bad Request– Malformed request403 Forbidden– No permission404 Not Found– Resource not found500 Internal Server Error– Server malfunction
Headers
Headers allow the client and server to send metadata:
Common Request Headers:
Host: Target domainUser-Agent: Client software infoAccept: Media types supportedAuthorization: Authentication credentials
Common Response Headers:
Content-Type: Format of responseContent-Length: Size of response bodySet-Cookie: Server-sent cookieCache-Control: Caching behavior
HTTP Versions
| Version | Features |
| HTTP/1.0 | Basic request/response, no persistent connections |
| HTTP/1.1 | Persistent connections, chunked transfer encoding |
| HTTP/2 | Binary framing, multiplexing, header compression |
| HTTP/3 | Based on QUIC (UDP), improved latency and security |
Secure HTTP (HTTPS)
HTTPS is the secure version of HTTP using TLS/SSL encryption. It:
- Protects data in transit
- Authenticates the server
- Prevents tampering and eavesdropping
HTTPS is standard for all modern websites.
HTTP vs HTTPS
| Feature | HTTP | HTTPS |
| Port | 80 | 443 |
| Encryption | None | TLS/SSL |
| Secure | No | Yes |
| SEO Benefit | No | Yes |
HTTP and REST APIs
HTTP is the foundation for RESTful APIs (Representational State Transfer), where resources are represented by URIs and standard HTTP methods are used for CRUD operations:
- GET – Read
- POST – Create
- PUT – Update
- DELETE – Delete
Example:
GET /api/users/123 HTTP/1.1
Host: api.example.comTools for HTTP Debugging
- Browser Developer Tools (Network tab)
- Postman – for API testing
- curl – command-line HTTP client
- Fiddler / Wireshark – traffic inspection
Summary
HTTP is the backbone of web communication. Understanding how it works—from methods and status codes to headers and versions—empowers developers to build efficient, secure, and scalable web applications. With the rise of REST APIs, microservices, and HTTP/2/3, mastering HTTP is more relevant than ever.
