HTTP Basics
Understanding the fundamental protocol that powers the web
Introduction to HTTP
HTTP (Hypertext Transfer Protocol) is the foundation of data communication on the World Wide Web. It is an application layer protocol that standardizes how clients and servers communicate. Every time you open a web page, your browser sends HTTP requests to web servers, which respond with HTTP responses containing the requested resources.
HTTP follows a client-server model where:
- Clients (typically web browsers) send requests to access resources
- Servers process these requests and return appropriate responses
Key Characteristics of HTTP
Stateless
Each request from client to server must contain all information needed to understand and process the request. The server doesn't retain session information between requests.
Connectionless
After a request/response cycle completes, the connection between client and server is closed. Each request establishes a new connection.
Media Independent
HTTP can transfer any type of data as long as both client and server know how to handle it. Content types are specified in headers.
Text-Based
HTTP messages are human-readable text, making them easy to inspect and debug. This also makes HTTP flexible and extensible.
HTTP Components
An HTTP request consists of:
- Request Line: Contains the HTTP method, URL, and protocol version
- Headers: Metadata about the request (e.g., Accept, User-Agent)
- Body: Optional data sent to the server (common in POST requests)
GET /index.html HTTP/1.1 Host: www.example.com User-Agent: Mozilla/5.0 Accept: text/html Connection: keep-alive
HTTP Versions
HTTP/1.0 (1996)
First standardized version
- One request per connection
- Basic headers
- Limited caching capabilities
HTTP/1.1 (1997)
Major improvement, still widely used
- Persistent connections
- Pipelining (multiple requests without waiting)
- Host header (virtual hosting)
- Enhanced caching
- Content negotiation
HTTP/2 (2015)
Performance-focused revision
- Multiplexing (parallel requests over one connection)
- Header compression
- Server push
- Binary protocol (not text-based)
- Stream prioritization
HTTP/3 (2022)
Latest version using QUIC protocol
- Built on QUIC instead of TCP
- Improved connection migration
- Reduced latency
- Better loss recovery
- TLS 1.3 by default
HTTP vs HTTPS
HTTP (Insecure)
- Data transmitted in plaintext
- Vulnerable to eavesdropping and man-in-the-middle attacks
- No authentication of the server
- No data integrity verification
- Uses port 80 by default
- URLs begin with
http://
HTTPS (Secure)
- Data encrypted using TLS/SSL
- Protected against eavesdropping and tampering
- Server authentication via certificates
- Data integrity guaranteed
- Uses port 443 by default
- URLs begin with
https:// - Required for many modern web features
Security Note: Modern browsers mark HTTP sites as "Not Secure" and increasingly restrict features on non-HTTPS sites. Always use HTTPS for production websites, especially those handling sensitive information.
HTTP Request/Response Examples
Example 1: Simple GET Request
Request:
GET /index.html HTTP/1.1 Host: www.example.com User-Agent: Mozilla/5.0 Accept: text/html Connection: keep-alive
Response:
HTTP/1.1 200 OK Date: Mon, 23 May 2023 22:38:34 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 138 Server: Apache/2.4.1 <!DOCTYPE html> <html> <head> <title>Example Page</title> </head> <body> <h1>Hello, World!</h1> </body> </html>
Example 2: POST Request with JSON Data
Request:
POST /api/users HTTP/1.1
Host: api.example.com
Content-Type: application/json
Content-Length: 64
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
{
"name": "John Doe",
"email": "john@example.com",
"role": "user"
}Response:
HTTP/1.1 201 Created
Date: Mon, 23 May 2023 22:40:12 GMT
Content-Type: application/json
Content-Length: 121
Location: /api/users/42
{
"id": 42,
"name": "John Doe",
"email": "john@example.com",
"role": "user",
"created_at": "2023-05-23T22:40:12Z"
}Tools and Resources
Interactive HTTP Request Builder
Build and visualize HTTP requests
Our interactive tool allows you to construct HTTP requests and see how they're formatted. You can also simulate responses to understand the complete request/response cycle.
Try the HTTP Request BuilderHTTP Headers Explorer
Learn about common HTTP headers
Explore common HTTP request and response headers, their purposes, and how they affect web communication.
Explore HTTP HeadersExternal Resources
- MDN Web Docs: HTTP - Comprehensive documentation on HTTP
- HTTP Working Group - Official HTTP protocol documentation
- httpbin - A simple HTTP request & response service for testing