You are here » » Web Api » Basics of Web API- HTTP

Monday, May 15, 2023

Basics of Web API- HTTP

Hyer-Text Transfer Protocol(HTTP)

  • HTTP(Hyer-Text Transfer Protocol) is a communication protocol on the web that is used to transmit data.
  • Extensible using Headers to send/receive extra information
  • Stateless, doesn’t maintain state unless using HTTP cookies to maintain the communication session or state.

HTTPS

S stands for secure, which means communication between client and server will happen via a secure channel using SSL\TLS encryption protocol.

TLS is the successor of SSL. TLS v1.3 is the latest version. The minimum recommended version of TLS is TLS v1.2, which the website should use to maintain a secure website.

HTTP Request Methods

  1. GET-Used to retrieve data. We can pass the parameter via query string to retrieve data based on the parameter.
  2. POST-Used to submit data within request body. This is usually used to pass personal or confidential data.
  3. PUT-Used to edit record to resource server without creating new record.
  4. DELETE-Used to delete a record in resource server.

Other methods are PATCH, OPTIONS, HEAD, TUNNEL, TRACE.

Content Types

  1. Plain-Data will be sent ‘as-is’ in plain text without any encryption, serialization or encoding.
  2. json-Data will be serialize in JSON format when sent from POST or PUT request body.
  3. form-url-encoded-This is represented as key-value pair of request parameter that are sent as request body.
  4. form-data-Used when uploading form fields that includes file upload. It uploads data in multiple parts. Use it when sending binary or large payload.

HTTP Headers

Http Headers are collection of Key-value pairs of meta data that can be passed with each request and response. Http Headers are categorized by context:

  1. Request Headers-Contain more information about the resource to be fetched, or about the client requesting the resource, like Accept-Language, Authorization
  2. Response Headers-Contain additional information about the response, like its location or about the server providing it, like Connection, Server, Location, Age.
  3. Representaton Headers-Contain information about the body of the resource, like content-type, content-language.
  4. Payload Headers-Contain representation-independent information about payload data, like content-length, transfer-encoding.

HTTP Statuses

Represents the Staus of the RESTfull service after HTTP request completed. Status codes are represented as 3 digit where the first digit represents category.

  1. 1xx-Request received and under processing.
  2. 2xx-Request Successfull
  3. 3xx-Redirection.
  4. 4xx-Invalid request from client, invalid or incomplete data.
  5. 5xx-Serve side errors like Api crash, misconfiguration, app pool shutdown.

HTTP Cookies

A cookie is small data passed from server to user’s browser using set-cookie response header. Used to maintain state or session between multiple HTTP communication. Cookie mainly used for session management, tracking and personalization.

Cookies can be restricted by using Secure Attribute or HTTpOnly attribute, this is used to prevent cross-site scripting attack(XSS)

Find out more about HTTP.

Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
^ Scroll to Top