1HTTPCS 640, Lecture 9Lecture outlinez Overview of httpz Http message formatsz Web cachingHyperText Transfer Protocolz The web’s application level protocolz HTTP 1.0 (RFC 1945), HTTP 1.1 (2068)z Runs on top of TCP, uses well-known port 80z Request-response interactionz Stateless: there is no per-session state at the server (requests treated independently)z Protocols that maintain state are complexz Managing state adds complexityz If server/client crashes, their views of “state” may be inconsistent, must be reconciled2http exampleUser enters URL www.someSchool.edu/someDept/index.html1a. browser initiates TCP connection to http server (process) at port 80 of www.someSchool.edu. 2. browser sends http request message(containing URL) into TCP connection socket1b. http server at host www.someSchool.eduwaiting for TCP connection at port 80. “accepts”connection, notifying client3. http server receives request, forms response messagewith requested object (someDepart/index.html), sends message into sockettimehttp example (cont.)5. http client receives response message containing html file, displays html. Parsing html file, finds 10 referenced jpeg objects6. Steps 1-5 repeated for each of 10 jpeg objects4. http server closes TCP connection. timeHTTP/1.0 Network Interactionz Clients make requests to port 80 on serversz Uses DNS to resolve server namez Clients use separate TCP connection for each URLz Some browsers open multiple TCP connectionsz Netscape default = 4z Server returns HTML pagez Many types of servers with a variety of implementationsz Apache – open sourcez IIS (Internet Information Services) – Microsoftz Client parses pagez Requests embedded objects3HTTP/1.1 Enhancementsz HTTP/1.0 is a “stop and wait” protocolz Separate TCP connection for each filez Connect setup and tear down is incurred for each filez Inefficient use of packetsz Server must maintain many connections in TIME_WAITz Mogul and Padmanabhan studied these issues in ’95z Resulted in HTTP/1.1 specification focused on performance enhancementsz Persistent connectionsz Pipeliningz Enhanced caching optionsz Support for compressionLecture outlinez Overview of httpz Http message formatsz Web cachinghttp message format: requestz Two types of http messages: request, responsez http request message:z ASCII (human-readable format)GET /somedir/page.html HTTP/1.0 User-agent: Mozilla/4.0 Accept: text/html, image/gif,image/jpeg Accept-language:fr(extra carriage return, line feed)request line(GET, POST, HEAD commands)headerlinesCarriage return, line feed indicates end of message4http message format: requestSending data to server (forms)z As part of URL, using the GET commandz File name followed by ?z Fields separated by &z = between each field and its valuez URL-encoding: %3d for =, %26 for &, etc.z Should be used only when idempotent (causes no persistent changes in application state at server)z Inside request body using POSTz Can also be used for non-form data (e.g. XML)http msg. format: responseHTTP/1.0 200 OK Date: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …Content-Length: 6821 Content-Type: text/htmldata data data data data …status line(protocolstatus codestatus phrase)headerlinesdata, e.g., requestedhtml file5http response status codes200 OKz Request succeeded, requested object later in this message301 Moved Permanentlyz Requested object moved, new location specified later in this message (Location:)400 Bad Requestz Request message not understood by server404 Not Foundz Requested document not found on this serverStart of first line in response from server to client.Try out http (client side)1. Telnet to your favorite Web server:Opens TCP connection to port 80(default http server port) at www.cs.wisc.edu.Anything typed in sent to port 80 at www.cs.wisc.edu/telnet www.cs.wisc.edu 802. Type in a GET http request:GET /~estan/examples/ HTTP/1.0By typing this in (hit carriagereturn twice), you sendthis minimal (but complete) GET request to http server3. Look at response message sent by http server!User-server interaction: authenticationz Authentication: control of access to server contentz Authorization credentials: typically name, passwordz Http stateless – client must present authorization credentials in each requestz Authorization: header line in each requestz If no Authorization:header, server refuses access, sends WWW-Authenticate:header line in responseclientserverusual http request msg401: authorization req.WWW-Authenticate:usual http request msg+Authorization: cred.usual http response msgusual http request msg+Authorization: cred.usual http response msgtime6Cookies: keeping statez Server-generated string later used for:z Authenticationz Remembering user preferences, previous choicesz Server sends “cookie” to client in responsez Client presents cookie in later requestsz Privacy concernsclientserverusual http request msgusual http response +Set-cookie: name=valusual http request msgCookie: name=valusual http response msgusual http request msgCookie: name=valusual http response msgcookie-spectificactioncookie-spectificactionLecture outlinez Overview of httpz Http message formatsz Web cachingConditional GET: client-side cachingz Goal is not to send object if client has up-to-date cached versionz Client specifies date of cached copy in requestIf-modified-since: <date>z Server response contains no object if cached copy is up-to-date: HTTP/1.0 304 Not Modifiedhttp request msgIf-modified-since: <date>http responseHTTP/1.0 304 Not Modifiedobject not modifiedhttp request msgIf-modified-since: <date>http responseHTTP/1.1 200 OK<data>object modified7Web Caches (proxy server)z User sets browser: Web accesses via web cachez Client sends all http requests to web cachez If object in web cache, it is returned to client z Otherwise web cache requests object from origin server, then returns object to clientGoal: satisfy client request without involving origin serverclientProxyserverclienthttp requesthttp requesthttp responsehttp responsehttp requesthttp responseorigin serverorigin serverWhy Web Caching?z Assuming cache close to clientz Advantagesz Smaller response timez Decrease traffic to distant servers (uplink often bottleneck)z Disadvantagesz Introduces new point of failurez Some overhead on missesz Does not work with dynamic personalized contentz Decreasing popularityoriginserverspublicInternetinstitutionalnetwork100 Mbps LAN1.5 Mbps access
View Full Document
Unlocking...