Please note, this is a STATIC archive of website developer.mozilla.org from 03 Nov 2016, cach3.com does not collect or store any user information, there is no "phishing" involved.

Revision 1108201 of HTTP Messages

  • Revision slug: Web/HTTP/Messages
  • Revision title: HTTP Messages
  • Revision id: 1108201
  • Created:
  • Creator: DarrenLester
  • Is current revision? No
  • Comment Grammar fixes
Tags: 

Revision Content
{{HTTPSidebar}}

HTTP messages are how data is exchanged between a server and a client. There are two types of messages: requests sent by the client to trigger an action on the server, and responses, the answer of the server.

HTTP messages are composed of textual information encoded in ASCII, and spanning over multiple lines. In HTTP/1.1 and earlier versions of the protocol, these messages were directly sent over the connection. In HTTP/2, the human-readable message is mangled into HTTP frames allowing optimizations and better performance.

Web developers, or webmasters, rarely craft the textual HTTP messages themselves: the piece of software, a browser, a proxy, or a Web server, are in charge of that. They control it through config files (for proxies or servers), through APIs (for browsers), or through other interfaces.

From a user-, script-, or server- generated event, an HTTP/1.x msg is generated, and if HTTP/2 is in use, it is binary framed into an HTTP/2 stream, then sent.

The HTTP/2 binary framing mechanism has been designed so that it doesn't need any adaptation of the APIs or config files used: it is mostly transparent for the user controlling the equipment.

Both, HTTP requests and responses, share a similar structure and are composed of:

  1. A start-line that describes the requests to be performed, or its status that is a success or a failure. This start-line is always a single line.
  2. An optional set of HTTP headers specifying the request, or describing the body included in the message.
  3. A blank line indicating that all meta-information for the request have been sent.
  4. An optional body that contains data associated with the request (like the content of an HTML form), or the document associated with a response. The presence of the body and its size is defined by the start-line and the HTTP headers.

The start-line and the HTTP headers are called the head of the requests, in opposition to the payload, the body.

Requests and responses share a common structure in HTTP

HTTP Requests

Start line

HTTP requests are messages sent by the client to initiate an action on the server. Their start-line contains of three elements:

  1. An HTTP method, a verb (like {{HTTPMethod("GET")}}, {{HTTPMethod("PUT")}} or {{HTTPMethod("POST")}}) or a noun (like {{HTTPMethod("HEAD")}} or {{HTTPMethod("OPTIONS")}}), that describes the action to be performed. For example, GET indicates that a resource should be fetched or POST means that data is pushed to the server (that may create or modify a resource, or generate a temporary document to send back).
  2. The request target, usually a {{glossary("URL")}}, or only the absolute path part of it as the protocol, port, and domain are defined by the context most of the time. The format of this request target varies between the different HTTP methods. It can be
    • An absolute path, eventually followed by a '?' and a query string. This is the most common form, called origin form, and is used with GET, POST, HEAD, and OPTIONS methods.
      POST / HTTP 1.1
      GET /background.png HTTP/1.0
      HEAD /test.html?query=alibaba HTTP/1.1
      OPTIONS /anypage.html HTTP/1.0
    • A complete URL, the absolute form, mostly used with GET when connected to a proxy.
      GET https://developer.mozilla.org/en-US/docs/Web/HTTP/Messages HTTP/1.1
    • The authority component of an URL, that is the domain name and optionally the port (prefixed by a ':'), called the authority form. It is only used with CONNECT when setting up an HTTP tunnel.
      CONNECT developer.mozilla.org:80 HTTP/1.1
    • The asterisk form, a simple asterisk ('*') used with OPTIONS and representing the server as a whole.
      OPTIONS * HTTP/1.1
  3. The HTTP version, that defines the structure of the rest of the message, and acts as an indicator of the version to use for the response.

Headers

HTTP headers in a request follow the basic structure of any HTTP header: a case-insensitive string followed by a colon (':') and a value whose structure depends upon the header. The whole header, including the value, consists of one single line, that can be quite long.

There are numerous request headers available. They can be divided in several groups:

  • General headers, like {{HTTPHeader("Via")}},  apply to the message as a whole.
  • Request headers, like {{HTTPHeader("User-Agent")}}, {{HTTPHeader("Accept-Type")}}, modify the request by specifying it further (like {{HTTPHeader("Accept-Language")}}), by giving context (like {{HTTPHeader("Referer")}}), by conditionally restricting it (like {{HTTPHeader("If-None")}}).
  • Entity headers, like {{HTTPHeader("Content-Length")}} that applies to the body of the request. Obviously there is no such header transmitted when there is no body in the request.

Example of headers in an HTTP request

Body

The last part of a request is its body. Not all requests have one: requests fetching resources, like GET or HEAD usually don't need any, DELETE or OPTIONS neither. Some requests send data to the server in order to update it: this is often the case of POST requests (that can have HTML form data).

Bodies can be broadly divided into two categories:

  • Single-resource bodies consisting of one single file, defined by the two headers: {{HTTPHeader("Content-Type")}} and {{HTTPHeader("Content-Length")}}.
  • Multiple-resource bodies consisting of a multipart body, each containing a different bit of information. This is typically used in association with HTML Forms.

HTTP Responses

Status line

The start line of an HTTP response, called the status line, contains the following information:

  1. The protocol version, usually HTTP/1.1.
  2. A status code indicating success or failure of the request. Common status code are {{HTTPStatus("200")}}, {{HTTPStatus("404")}}, or {{HTTPStatus("302")}}
  3. A status text, purely informational, that is a textual short description of the status code, helping humans to understand HTTP messages.

A typical status line looks like: HTTP/1.1 404 Not Found.

Headers

HTTP headers for request follow the basic structure of any header: a case-insensitive string followed by a colon (':') and a value whose structure depends upon the type of the header. The whole header, including the value, stands in one single line.

There are numerous request headers available. They can be divided in several groups:

  • General headers, like {{HTTPHeader("Via")}},  apply to the message as a whole.
  • Response headers, like {{HTTPHeader("Vary")}} and {{HTTPHeader("Accept-Ranges")}}, give additional information about the server that don't fit in the status line.
  • Entity headers, like {{HTTPHeader("Content-Length")}}, apply to the body of the request. Obviously there is no such headers transmitted when there is no body in the request.

Example of headers in an HTTP response

Body

The last part of a response is the body. Not all responses have one: responses with status code like {{HTTPStatus("201")}} or {{HTTPStatus("204")}} usually don't have any.

Bodies can be broadly divided into three categories:

  • Single-resource bodies consisting of a single file of known length, defined by the two headers: {{HTTPHeader("Content-Type")}} and {{HTTPHeader("Content-Length")}}.
  • Single-resource bodies consisting of a single file of unknown length, encoded by chunks with {{HTTPHeader("Transfer-Encoding")}} set to chunked.
  • Multiple-resource bodies consisting of a multipart body, each containing a different bit of information. These are pretty rare.

HTTP/2 Frames

HTTP/1.x messages have a few drawbacks for performance:

  • Headers, unlike bodies, are uncompressed.
  • Headers are often very similar from one message to the next one, but they are still repeated on the wire.
  • No multiplexing can be done. Several connections are opened to the same server: warm TCP connections are more performant than cold ones.

HTTP/2 introduces an extra step: it divides HTTP/1.x messages in frames that are embedded in a stream. Data and header frames are separated, allowing for header compression. Several streams can be combined together, a process called multiplexing, allowing the underlying TCP connection to be more efficient.

HTTP/2 modify the HTTP message to divide them in frames (part of a single stream), allowing for more optimization.

HTTP frames are transparent for Web developers. It is an extra step between HTTP/1.1 messages and the underlying transport protocol. No change is needed in the APIs used by Web developers; as soon as they are available both in the browser and in the server, HTTP/2 is switched on and used.

Conclusion

HTTP messages are the key in controlling HTTP; their structure is simple and they are very extensible. The HTTP/2 framing mechanism adds a new intermediate layer between the HTTP/1.x syntax and the underlying transport protocol but doesn't fundamentally modify it: it builds on the existing proven mechanisms.

Revision Source

 
<div>{{HTTPSidebar}}</div>

<p class="summary">HTTP messages are how data is exchanged between a&nbsp;server and a client. There are two types of messages: <em>requests</em> sent by the client to trigger an action on the server, and <em>responses</em>, the answer of the server.</p>

<p>HTTP messages are composed of textual information encoded in ASCII, and spanning over multiple lines. In HTTP/1.1 and earlier versions of the protocol, these messages were directly sent over the connection. In HTTP/2, the human-readable message is mangled into HTTP frames allowing optimizations and better performance.</p>

<p>Web developers, or webmasters, rarely craft the textual HTTP messages themselves: the piece of software, a browser, a proxy, or a Web server, are in charge of that. They control it through config files (for proxies or servers), through APIs (for browsers), or through other interfaces.</p>

<p><img alt="From a user-, script-, or server- generated event, an HTTP/1.x msg is generated, and if HTTP/2 is in use, it is binary framed into an HTTP/2 stream, then sent." src="https://mdn.mozillademos.org/files/13715/HTTPMsg.png" style="height:350px; width:764px" /></p>

<p>The HTTP/2 binary framing mechanism has been designed so that it doesn't need any adaptation of the APIs or config files used: it is mostly transparent for the user controlling the equipment.</p>

<p>Both, HTTP requests and responses, share a similar structure and are composed of:</p>

<ol>
 <li>A <em>start-line</em> that describes the requests to be performed, or its status that is a success or a failure. This start-line is always a single line.</li>
 <li>An optional set of <em>HTTP headers</em> specifying the request, or describing the body included in the message.</li>
 <li>A blank line indicating that all meta-information for the request have been sent.</li>
 <li>An optional <em>body</em> that contains data associated with the request (like the content of an HTML form), or the document associated with a response. The presence of the body and its size is defined by the start-line and the HTTP headers.</li>
</ol>

<p>The start-line and the HTTP headers are called the <em>head</em> of the requests, in opposition to the payload, the <em>body</em>.</p>

<p><img alt="Requests and responses share a common structure in HTTP" src="https://mdn.mozillademos.org/files/13697/HTTPMsgStructure.png" /></p>

<h2 id="HTTP_Requests">HTTP Requests</h2>

<h3 id="Start_line">Start line</h3>

<p>HTTP requests are messages sent by the client to initiate an action on the server. Their <em>start-line</em> contains of three elements:</p>

<ol>
 <li>An <em><a href="/en-US/docs/Web/HTTP/Methods">HTTP method</a></em>, a verb (like {{HTTPMethod("GET")}}, {{HTTPMethod("PUT")}}&nbsp;or {{HTTPMethod("POST")}}) or a noun (like {{HTTPMethod("HEAD")}}&nbsp;or {{HTTPMethod("OPTIONS")}}), that describes the action to be performed. For example, <code>GET</code> indicates that a resource should be fetched or <code>POST</code> means that data is pushed to the server (that may create or modify a resource, or generate a temporary document to send back).</li>
 <li>The <em>request target</em>, usually a {{glossary("URL")}}, or only the absolute path part of it as the protocol, port, and domain are defined by the context most of the time. The format of this request target varies between the different HTTP methods. It can be
  <ul>
   <li>An absolute path, eventually followed by a <code>'?'</code> and a query string. This is the most common form, called <em>origin form</em>, and is used with <code>GET</code>, <code>POST</code>, <code>HEAD</code>, and <code>OPTIONS</code> methods.<br />
    <code>POST / HTTP 1.1<br />
    GET /background.png HTTP/1.0<br />
    HEAD /test.html?query=alibaba HTTP/1.1<br />
    OPTIONS /anypage.html HTTP/1.0</code></li>
   <li>A complete URL, the <em>absolute form</em>, mostly used with <code>GET</code> when connected to a proxy.<br />
    <code>GET https://developer.mozilla.org/en-US/docs/Web/HTTP/Messages HTTP/1.1</code></li>
   <li>The authority component of an URL, that is the domain name and optionally the port (prefixed by a <code>':'</code>), called the <em>authority form</em>. It is only used with <code>CONNECT</code> when setting up an HTTP tunnel.<br />
    <code>CONNECT developer.mozilla.org:80 HTTP/1.1</code></li>
   <li>The <em>asterisk form</em>, a simple asterisk (<code>'*'</code>) used with <code>OPTIONS</code> and representing the server as a whole.<br />
    <code>OPTIONS * HTTP/1.1</code></li>
  </ul>
 </li>
 <li>The <em>HTTP version</em>, that defines the structure of the rest of the message, and acts as an indicator of the version to use for the response.</li>
</ol>

<h3 id="Headers">Headers</h3>

<p><a href="/en-US/docs/Web/HTTP/Headers">HTTP headers</a> in a request follow the basic structure of any HTTP header: a case-insensitive string followed by a colon (<code>':'</code>) and a value whose structure depends upon the header. The whole header, including the value, consists of one single line, that can be quite long.</p>

<p>There are numerous request headers available. They can be divided in several groups:</p>

<ul>
 <li><em>General headers</em>, like {{HTTPHeader("Via")}},&nbsp; apply to the message as a whole.</li>
 <li><em>Request headers</em>, like {{HTTPHeader("User-Agent")}}, {{HTTPHeader("Accept-Type")}}, modify the request by specifying it further (like {{HTTPHeader("Accept-Language")}}), by giving context (like {{HTTPHeader("Referer")}}), by conditionally restricting it (like {{HTTPHeader("If-None")}}).</li>
 <li><em>Entity headers</em>, like {{HTTPHeader("Content-Length")}} that applies to the body of the request. Obviously there is no such header transmitted when there is no body in the request.</li>
</ul>

<p><img alt="Example of headers in an HTTP request" src="https://mdn.mozillademos.org/files/13721/HTTPRequestsHEader.png" style="height:280px; width:872px" /></p>

<h3 id="Body">Body</h3>

<p>The last part of a request is its body. Not all requests have one: requests fetching resources, like <code>GET</code> or <code>HEAD</code> usually don't need any, <code>DELETE</code> or <code>OPTIONS</code> neither. Some requests send data to the server in order to update it: this is often the case of <code>POST</code> requests (that can have HTML form data).</p>

<p>Bodies can be broadly divided into two categories:</p>

<ul>
 <li>Single-resource bodies consisting of one single file, defined by the two headers: {{HTTPHeader("Content-Type")}} and {{HTTPHeader("Content-Length")}}.</li>
 <li><a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types#multipartform-data">Multiple-resource bodies</a> consisting of a multipart body, each containing a different bit of information. This is typically used in association with <a href="/en-US/docs/Web/Guide/HTML/Forms">HTML Forms</a>.</li>
</ul>

<h2 id="HTTP_Responses">HTTP Responses</h2>

<h3 id="Status_line">Status line</h3>

<p>The start line of an HTTP response, called the <em>status line</em>, contains the following information:</p>

<ol>
 <li>The <em>protocol version</em>, usually <code>HTTP/1.1</code>.</li>
 <li>A <em>status code</em> indicating success or failure of the request. Common status code are {{HTTPStatus("200")}}, {{HTTPStatus("404")}}, or {{HTTPStatus("302")}}</li>
 <li>A <em>status text</em>, purely informational, that is a textual short description of the status code, helping humans to understand HTTP messages.</li>
</ol>

<p>A typical status line looks like: <code>HTTP/1.1 404 Not Found.</code></p>

<h3 id="Headers_2">Headers</h3>

<p><a href="/en-US/docs/Web/HTTP/Headers">HTTP headers</a> for request follow the basic structure of any header: a case-insensitive string followed by a colon (<code>':'</code>) and a value whose structure depends upon the type of the header. The whole header, including the value, stands in one single line.</p>

<p>There are numerous request headers available. They can be divided in several groups:</p>

<ul>
 <li><em>General headers</em>, like {{HTTPHeader("Via")}},&nbsp; apply to the message as a whole.</li>
 <li><em>Response headers</em>, like {{HTTPHeader("Vary")}} and {{HTTPHeader("Accept-Ranges")}}, give additional information about the server that don't fit in the status line.</li>
 <li><em>Entity headers</em>, like {{HTTPHeader("Content-Length")}}, apply to the body of the request. Obviously there is no such headers transmitted when there is no body in the request.</li>
</ul>

<p><img alt="Example of headers in an HTTP response" src="https://mdn.mozillademos.org/files/13723/HTTP_Response_headers.png" style="height:344px; width:805px" /></p>

<h3 id="Body_2">Body</h3>

<p>The last part of a response is the body. Not all responses have one: responses with status code like {{HTTPStatus("201")}} or {{HTTPStatus("204")}} usually don't have any.</p>

<p>Bodies can be broadly divided into three categories:</p>

<ul>
 <li>Single-resource bodies consisting of a single file of known length, defined by the two headers: {{HTTPHeader("Content-Type")}} and {{HTTPHeader("Content-Length")}}.</li>
 <li>Single-resource bodies consisting of a single file of unknown length, encoded by chunks with {{HTTPHeader("Transfer-Encoding")}} set to <code>chunked</code>.</li>
 <li><a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types#multipartform-data">Multiple-resource bodies</a> consisting of a multipart body, each containing a different bit of information. These are pretty rare.</li>
</ul>

<h2 id="HTTP2_Frames">HTTP/2 Frames</h2>

<p>HTTP/1.x messages have a few drawbacks for performance:</p>

<ul>
 <li>Headers, unlike bodies, are uncompressed.</li>
 <li>Headers are often very similar from one message to the next one, but they are still repeated on the wire.</li>
 <li>No multiplexing can be done. Several connections are opened to the same server: warm TCP connections are more performant than cold ones.</li>
</ul>

<p>HTTP/2 introduces an extra step: it divides HTTP/1.x messages in frames that are embedded in a stream. Data and header frames are separated, allowing for header compression. Several streams can be combined together, a process called <em>multiplexing</em>, allowing the underlying TCP connection to be more efficient.</p>

<p><img alt="HTTP/2 modify the HTTP message to divide them in frames (part of a single stream), allowing for more optimization." src="https://mdn.mozillademos.org/files/13713/Binary_framing.png" style="height:667px; width:736px" /></p>

<p>HTTP frames are transparent for Web developers. It is an extra step between HTTP/1.1 messages and the underlying transport protocol. No change is needed in the APIs used by Web developers; as soon as they are available both in the browser and in the server, HTTP/2 is switched on and used.</p>

<h2 id="Conclusion">Conclusion</h2>

<p>HTTP messages are the key in controlling HTTP; their structure is simple and they are very extensible. The HTTP/2 framing mechanism adds a new intermediate layer between the HTTP/1.x syntax and the underlying transport protocol but doesn't fundamentally modify it: it builds on the existing proven mechanisms.</p>
Revert to this revision