The Hypertext Transfer Protocol, commonly referred to as HTTP is the delivery mechanism of the World Wide Web, allowing web browsers to connect to web servers to view pages. In most organizations, HTTP represents, by far, the highest percentage of traffic seen going across the wire.
HTTP is most commonly used to browse web pages on a web server using a web browser like Google Chrome, Internet Explorer and Firefox. Communication begins with a three way handshake between the client and say the CNN Web server www.cnn.com with IP address 157.166.239.177 .
Once communication is established, the first packet is marked as a HTTP packet from the client to the server. The HTTP packet is delivered over TCP to the server's port 80, the standard port for HTTP communication (8080 is also commonly used).
HTTP packets are identified by one of eight different request methods, which indicate the packet's transmitter will perform on the receiver. This packet identifies this method as GET, it's request Uniform Resource Indicator (URI) as / , and the request version as HTTP 1.1 . This information tells us that the client is sending a request to download (GET) the root web directory (/) of the web server using version 1.1 of HTTP.
Next, the client sends information about itself to the web server. This information includes things such as the user agent (browser) being used, languages accepted by the browser (Accept-Languages), and cookie information. The server can use this information to determine which data to return to the client in order to ensure compatibility.
When the server receives the HTTP GET request, it responds with a TCP ACK, acknowledging the packet, and begins transmitting the requested data. HTTP is used only to issue application layer commands between the client and server. When it's time to transfer data, application layer control is not seen, except for at the beginning and end of the data stream.
In Wireshark, all these packets are shown and can be seen as TCP segments, rather than as HTTP packets, although HTTP is still responsible for their transmission.
Once the data is transferred, a reassembled stream of the data is sent.
HTTP uses a number of predefined response codes to indicate the results of a request method. For example, response code 200 which indicates a successful request method. The packet also includes a timestamp and some additional information about the encoding of the content and configuration parameters of the server. When the client receives this packet, the transaction is complete.
HTTP is most commonly used to browse web pages on a web server using a web browser like Google Chrome, Internet Explorer and Firefox. Communication begins with a three way handshake between the client and say the CNN Web server www.cnn.com with IP address 157.166.239.177 .
Once communication is established, the first packet is marked as a HTTP packet from the client to the server. The HTTP packet is delivered over TCP to the server's port 80, the standard port for HTTP communication (8080 is also commonly used).
HTTP packets are identified by one of eight different request methods, which indicate the packet's transmitter will perform on the receiver. This packet identifies this method as GET, it's request Uniform Resource Indicator (URI) as / , and the request version as HTTP 1.1 . This information tells us that the client is sending a request to download (GET) the root web directory (/) of the web server using version 1.1 of HTTP.
Next, the client sends information about itself to the web server. This information includes things such as the user agent (browser) being used, languages accepted by the browser (Accept-Languages), and cookie information. The server can use this information to determine which data to return to the client in order to ensure compatibility.
When the server receives the HTTP GET request, it responds with a TCP ACK, acknowledging the packet, and begins transmitting the requested data. HTTP is used only to issue application layer commands between the client and server. When it's time to transfer data, application layer control is not seen, except for at the beginning and end of the data stream.
In Wireshark, all these packets are shown and can be seen as TCP segments, rather than as HTTP packets, although HTTP is still responsible for their transmission.
Once the data is transferred, a reassembled stream of the data is sent.
HTTP uses a number of predefined response codes to indicate the results of a request method. For example, response code 200 which indicates a successful request method. The packet also includes a timestamp and some additional information about the encoding of the content and configuration parameters of the server. When the client receives this packet, the transaction is complete.
No comments:
Post a Comment