HTTP Request Message format well explained
HTTP request message contains request line, header fields and optional message data. Request line tells what type of data to be retrieved or updated at the specific web server resources. An http request header is a component of data which is routed between client and server over the internet or any packet switched network. It is sent by the client or the browser to the server to request for a specific page or data over the web server. It is important to know its use case. It is used to transport user request to server. It contains vital information such as source IP address and port number, requested data, destination server, type of data browser will accept in return (text, html, xml, etc), user browser type (mozilla, chrome, internet explorer) so that compatible data can be sent. In response to this, destination server will send a response header containing the requested data. Optional message data is data to be sent with the request-line and header.
TABLE OF CONTENT
It begins with a method token followed by Request-URI and the protocol version and ending with CRLF. The elements are separated by space SP characters.
Request-Line = Method SP Request-URI SP HTTP-Version CRLF
Method tells whether requested data in the request-uri is to be retrieved from the resource or to be created/updated to the resource. From the resource, i mean endpoint. Let us explain these methods as below
GET: It is used to retrieve the information from the server using the Request-URI.
POST: It is used to send information to the server. For example one has created an application and made it live on a web server,. Now you want to add records to that end point and save it in the database. For achieving this purpose, you will use the POST method.
HEAD: It does not return any content but used to check whether the resource has changed or what is the size or type of resource, In short it transfers the status line.
PUT: It is used to create or update resource at a particular URL known by the client. This particular URI is referred as Request-URI.
DELETE: It is used to delete the resource identified by the Request-URI. Remember client cannot be guaranteed that the operation has been carried out even though the status code from the server indicates that the action has been completed successfully.
CONNECT: It is used when you request https URL. It is used to establish a tunnel to the server identified by the given resource URI.
OPTIONS: To find which request method a server supports, OPTIONS is used. It is used to describe the communication option for the target resource. One can specify whether to communicate to the whole server or to a particular URL. To communicate over the whole server use *. Execute the below code to get to know which method google allows.
curl -X OPTIONS www.google.com -i
You will get output as
HTTP/1.1 405 Method Not Allowed Allow: GET, HEAD Date: Sun, 06 Oct 2019 08:01:06 GMT Content-Type: text/html; charset=UTF-8 Server: gws Content-Length: 1592 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN
TRACE: It echoes back to the server whatever string is sent to the server for debugging purpose.
Full form of URI is Uniform Resource Identifier. It identifies the resource on which request is applied. Let us see from below how to pass Request-URI
Request-URI = "*" | absoluteURI | abs_path | authority
* is used when the HTTP request is not applied to a particular resource but to the whole server. For example use of * with OPTIONS.
absoluteURI: This is used when the request is made to a proxy.
In short request-uri is the specific resource or end point on the server from where either the information is retrieved or is updated with the aid of methods available.
HTTP version is simply the version of HTTP and hence this part is skipped here.
CRLF: When a browser sends a request to a web server, web server response back with the response header as well as response body. HTTP response header and body are separated by a specific combination of characters called as CRLF (carriage return and line feed)
I hope Request-Line is very clear to all and now let us move to header fields. Request line along with header fields, an empty line and optional HTTP message body data forms the HTTP request message.
User-Agent: Your browser sends the user agent to any website it is connected to. It is a string which helps in identifying the browser as well as operating system to the server. Remember whenever your browser connect to a website, it includes user agent in its http header. If web browser knows the information such as which browser is sending which request or whether request is send from browser opened in mobile or not. In this way the server can send the right type of content to the browser. If you set your browser user agent to mobile user agent then server will send mobile friendly pages to your desktop browser. This is called request header as it comes from the browser to the server but not from the server to the browser. Using this in simple words, server identifies the browser. This is very important to note that it is not request response, it is a request header. Additional tokens can be added to the user-agent string by using the Registry Editor to create new string values under the Pre-Platform key or Post-Platform key.
Accept-Encoding: It tells the server encoding it supports and hence server can send the data in such form or encoding scheme. I inspect google.com and found the below accept encoding in request header
Host: It contains the domain name of the server and TCP port number on which the server is listening.
Connection: In order to make server open for multiple requests, keep-alive connection header is used. Hence need to repeatedly open and close connections is avoided.
Content-Length: It is the length of the content body in octets.
Content-Type: Most common content-type are application type (EDI-X12, octet-stream, xml, x-www-form-urlencoded, pdf ), audio type (audio/mpeg, audio/x-wav), image type (image/gif, image/jpeg, image/tiff), multipart type (multipart/mixed, multipart/form-data), text type (text/css, text/html). It is used with POST and PUT requests.
Let us see the request header for website www.aisangam.com
The request/status line and headers must all end with <CR><LF> (that is, a carriage return followed by a line feed). The empty line must consist of only <CR><LF> and no other whitespace.
HTTP Message Body is the data bytes transmitted in an HTTP transaction message immediately following the headers if there are any
In this article a simple study about HTTP request message has been covered. In broader sense HTTP message request contains request line header field, and message body. All the sections has been covered with proper explanation and screenshots.some examples has also been shown where request header is fetched using inspect element. I hope readers have enjoyed reading the article. For any queries please do email us at firstname.lastname@example.org or stay in touch on Facebook, Linkedln or reddit.