Making the Most of HTTP In Your Apps

8/14/2019 Making the Most of HTTP In Your Apps

1/63

Making the Most of

HTTP In Your AppsBen Ramsey php|tek 22 May 2009


2/63

Why HTTP?


3/63

Because you are aWeb developer.


4/63

HTTP is the Web.


5/63

Thats all I have tosay about that.


6/63

Some properties ofHTTP...


7/63

A client-server architecture

Atomic

Cacheable A uniform interface

Layered

Code on demand


8/63

Now, what doesthat sound like?


9/63

REST!


10/63

And, thats all I have

to say about that,too.


11/63

Our focus today...


12/63

Methods

Status Codes

Playing with raw HTTP

HTTP in PHP


13/63

Defining safe &

idempotentmethods


14/63

Safe methods

GET & HEAD should not take action

other than retrieval

These are considered safe

Allows agents to represent POST, PUT, &DELETE in a special way


15/63

Idempotence

Side-effects of N > 0 identical requests is

the same as for a single request GET, HEAD, PUT and DELETE share this

property

OPTIONS and TRACE are inherentlyidempotent


16/63

Methods


17/63

Retrieval of information

Transfers a representation of a resourcefrom the server to the client

Safe

Idempotent

GET


18/63

HEAD

Identical to GET, except...

Returns only the headers, not the body

Useful for getting details about aresource representation before retrievingthe full representation

Safe

Idempotent


19/63

POST

The body content should be accepted as

a new subordinate of the resource Append, annotate, paste after

Not safe

Non-idempotent


20/63

PUT

Opposite of GET

Storage of information Transfers a representation of a resource

from the client to the server

Not safe Idempotent


21/63

DELETE

Requests that the resource identified beremoved from public access

Not safe

Idempotent


22/63

Other methods

OPTIONS

TRACE

CONNECT


23/63

Status codes


24/63

Informational (1xx)

Successful (2xx)

Redirection (3xx)

Client error (4xx)

Server error (5xx)


25/63

Informational (1xx)


26/63

100 Continue


27/63

1. Client sends a request without a bodyand includes the Expect: 100-continueheader and all other headers

2. Server determines whether it will acceptthe request and responds with 100Continue (or a 4xx code on error)

3. Client sends the request again with thebody and without the Expect header


28/63

POST /content/videos HTTP/1.1Host: example.orgContent-Type: video/mp4Content-Length: 115910000Authorization: Basic bWFkZTp5b3VfbG9vaw==

Expect: 100-continue


29/63

HTTP/1.1 413 Request Entity Too LargeDate: Thu, 21 May 2009 23:05:15 GMTServer: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2X-Powered-By: PHP/5.3.0RC2Content-Length: 0

Connection: closeContent-Type: text/html

Failure state


30/63

HTTP/1.1 100 ContinueDate: Thu, 21 May 2009 23:05:15 GMTServer: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2X-Powered-By: PHP/5.3.0RC2Content-Length: 0Content-Type: text/html

Success state


31/63


{binary video data}


32/63

HTTP/1.1 201 CreatedDate: Thu, 21 May 2009 23:05:34 GMTServer: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2X-Powered-By: PHP/5.3.0RC2Content-Length: 119Content-Type: text/htmlLocation: http://example.org/content/videos/1234

Video uploaded! Go here to see it.


33/63

Successful (2xx)


34/63

200 OKGET /content/videos/1234 HTTP/1.1Host: example.org

HTTP/1.x 200 OKDate: Thu, 21 May 2009 23:08:35 GMT

Server: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2X-Powered-By: PHP/5.3.0RC2Content-Type: video/mp4Content-Length: 115910000

{binary data}


35/63

201 Created


{binary video data}


36/63

201 Created

HTTP/1.x 201 CreatedDate: Thu, 21 May 2009 23:05:34 GMTServer: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2X-Powered-By: PHP/5.3.0RC2Content-Length: 119Content-Type: text/htmlLocation: http://example.org/content/videos/1234

Video uploaded! Go here to see it.


37/63

202 Accepted

HTTP/1.x 202 Accepted

Date: Thu, 21 May 2009 23:05:34 GMTServer: Apache/2.2.11 (Unix) DAV/2 PHP/5.3.0RC2X-Powered-By: PHP/5.3.0RC2Content-Length: 137Content-Type: text/htmlLocation:

http://example.org/content/videos/1234/status

Video processing! Check here for the status.


38/63

204 No Content

DELETE /content/videos/1234 HTTP/1.1Host: example.orgAuthorization: Basic bWFkZTp5b3VfbG9vaw==


39/63

204 No Content

HTTP/1.x 204 No ContentDate: Thu, 21 May 2009 23:28:34 GMT


40/63

205 Reset Content

The server has fulfilled the request andthe user agent SHOULD reset the

document view which caused the requestto be sent. This response is primarilyintended to allow input for actions to takeplace via user input, followed by a clearing

of the form in which the input is given sothat the user can easily initiate anotherin ut action.


41/63

206 Partial Content

Used when requests are made for

ranges of bytes from a resource

Determine whether a server supportsrange requests by checking for the

Accept-Ranges header with HEAD


42/63

HEAD /2390/2253727548_a413c88ab3_s.jpgHTTP/1.1Host: farm3.static.flickr.com


43/63

HTTP/1.0 200 OKDate: Mon, 05 May 2008 00:33:14 GMTServer: Apache/2.0.52 (Red Hat)Accept-Ranges: bytesContent-Length: 3980Content-Type: image/jpeg


44/63

GET /2390/2253727548_a413c88ab3_s.jpg HTTP/1.1Host: farm3.static.flickr.comRange: bytes=0-999


45/63

HTTP/1.0 206 Partial ContentDate: Mon, 05 May 2008 00:36:57 GMTServer: Apache/2.0.52 (Red Hat)Accept-Ranges: bytesContent-Length: 1000Content-Range: bytes 0-999/3980Content-Type: image/jpeg

{binary data}


46/63

Redirection (3xx)


47/63

303 See Other

The response to your request can befound at another URL identified by the

Location header

The client should make a GET requeston that URL

The Location is not a substitute for thisURL

307 T


48/63

307 Temporary

Redirect The resource resides temporarily at the

URL identified by the Location

The Location may change, so dontupdate your links

If the request is not GET or HEAD, thenyou must allow the user to confirm theaction


49/63

302 Found

The resource has been found at anotherURL identified by the Location header

The new URL might be temporary, so theclient should continue to use this URL

Redirections SHOULD be confirmed bythe user (in practice, browsers dontrespect this)

301 M d


50/63

301 Moved

Permanently The resource has moved permanently to

the URL indicated by the Locationheader

You should update your links accordingly

Great for forcing search engines, etc. toindex the new URL instead of this one


51/63

Client error (4xx)


52/63

400 Bad Request

401 Unauthorized / 403 Forbidden

404 Not Found

405 Method Not Allowed

410 Gone


53/63

411 Length Required

413 Request Entity Too Large

415 Unsupported Media Type

416 Requested Range Not Satisfiable


54/63

Server error (5xx)


55/63

500 Internal Server Error

503 Service Unavailable


56/63

Manipulating rawHTTP


57/63


58/63


59/63


60/63


61/63

Using HTTP in PHP


62/63

header() function

http://php.net/header

Client URL library (cURL)http://php.net/curl

Streamshttp://php.net/streams

HTTP extension (pecl/http)http://php.net/http
http://php.net/streamshttp://php.net/curlhttp://php.net/headerhttp://php.net/httphttp://php.net/httphttp://php.net/streamshttp://php.net/streamshttp://php.net/curlhttp://php.net/curlhttp://php.net/headerhttp://php.net/header


63/63

Questions?

Slides posted at benramsey.com

Rate this talk at joind.in/213 Read the HTTP spec at

tools.ietf.org/html/rfc2616

My company is Schematicschematic.com
http://schematic.com/http://tools.ietf.org/html/rfc2616http://schematic.com/http://schematic.com/http://tools.ietf.org/html/rfc2616http://tools.ietf.org/html/rfc2616http://joind.in/213http://joind.in/213http://benramsey.com/archives/phptek2009/http://benramsey.com/archives/phptek2009/

Documents

Making the Most of HTTP In Your Apps