HTTP
HTTP
HTTP (Hypertext Transfer Protocol) is an application-layer protocol for distributed, collaborative, hypermedia information systems. It is the foundation of data communication on the World Wide Web, where hypertext documents (such as HTML) are transferred between web servers and clients (typically web browsers). HTTP follows a client-server model: a client sends a request message to a server, which then returns a response message containing requested resources (e.g., web pages, images, videos) or status information.
HTTP is designed as a stateless protocol, meaning each request-response pair is independent; the server does not retain session information between requests. However, mechanisms such as cookies and session identifiers are used to simulate stateful behavior. The protocol operates over TCP/IP (typically port 80) and, when secured via TLS or SSL, becomes HTTPS (port 443).
History
The HTTP protocol was initially developed by Tim Berners-Lee at CERN in 1989 as part of the World Wide Web project. The first documented version, HTTP/0.9, was a simple one-line protocol with no headers, only allowing a GET request for a resource. In 1996, the Internet Engineering Task Force (IETF) standardized HTTP/1.0 (RFC 1945), introducing metadata via headers, status codes, and content-type negotiation. A more robust version, HTTP/1.1, was published in 1997 (RFC 2068, later updated by RFC 2616 in 1999 and RFC 7230–7235 in 2014), adding persistent connections, chunked transfer encoding, caching directives, and virtual hosting.
HTTP/2 was standardized in 2015 (RFC 7540), based on Google's SPDY protocol, introducing multiplexed streams, header compression (HPACK), and server push to reduce latency. The latest major version, HTTP/3, published in 2022 (RFC 9114), runs over QUIC (a transport protocol built on UDP) to further minimize connection establishment overhead and eliminate head-of-line blocking.
Features
- Request methods: HTTP defines several methods (also called verbs) such as GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS, and TRACE, each with specific semantics for resource manipulation.
- Status codes: Responses include three‑digit status codes (e.g., 200 OK, 404 Not Found, 500 Internal Server Error) that indicate the outcome of the request.
- Headers: Both requests and responses carry metadata in headers (e.g., Content-Type, Cache-Control, Authorization) controlling caching, authentication, content negotiation, and more.
- Statelessness: Each request is independent; no saved context on the server by default.
- Cache control: HTTP supports caching of responses via headers like Expires, Cache-Control, and ETag to improve performance.
- Content negotiation: Clients and servers can negotiate representation formats (e.g., HTML vs. JSON) using Accept headers.
- Secure variant: HTTPS (HTTP over TLS) provides encryption, authentication, and integrity protection.
Versions
- HTTP/0.9 (1991) – simple one‑line protocol.
- HTTP/1.0 (1996) – introduced headers, status codes, and separate connections.
- HTTP/1.1 (1997) – persistent connections, chunked encoding, virtual hosting, caching improvements.
- HTTP/2 (2015) – multiplexing, header compression, server push.
- HTTP/3 (2022) – QUIC transport, reduced latency, improved performance.
See also
- World Wide Web
- Hypertext Transfer Protocol Secure (HTTPS)
- REST (Representational State Transfer)
- WebSocket