TCP/IP Protocol: Hypertext Transfer Protocol (HTTP) The Hypertext Transfer Protocol (HTTP) is the most widely used protocol of the TCP/IP suite. HTTP is based in the TCP/IP Application Layer and is used to transfer Hypertext Markup Language (HTML) files, image files, query results and other communications. Most people recognize HTTP from the address bar of their browser. It precedes web addresses to show it is the protocol being used for the transfer of the web page. An example could be http://www.linux.org. NOTE: Some browsers may hide the “http://” portion of the address. It may only be displayed when it is https://. HTTPS is the secured HTTP which is used on sites which require encryption for entering a password. Example sites would be banks, Amazon, Ebay, etc. When you see “https://” at the beginning of the web address, you know the information being transferred to and from the web site is encrypted. When you make a request for a web page, such as http://www.linux.org, your system makes a connection to the web server. Once connected, your system makes a request for the page. Once the Web Server is ready with the response it sends the requested information. HTTP can allow any media type as long as the client system has information to handle the data type properly. For example, an MP3 file should be played as an audio file by a specific application installed on the client system. The media types are controlled by the Multi-purpose Internet Mail Extensions (MIME) type list on a system. MIME information is in the /usr/share/mime/ folder. NOTE: MIME was originally used for e-mail attachments to allow a system to be able to handle specific attachments. MIME was then used to perform the same task for files attached in HTML code. An example of a MIME file for the Advanced Audio Coding (AAC) files follows from the aac.xml file: Code: <?xml version="1.0" encoding="utf-8"?> <mime-type xmlns="http://www.freedesktop.org/standards/shared-mime-info" type="audio/aac"> <!--Created automatically by update-mime-database. DO NOT EDIT!--> <comment xml:lang="ast">AAC audio</comment> <comment xml:lang="bs">AAC audio</comment> <comment xml:lang="de">AAC-Audio</comment> <comment xml:lang="en_AU">AAC audio</comment> <comment xml:lang="en_GB">AAC audio</comment> <comment xml:lang="es">Sonido AAC</comment> <comment xml:lang="it">Audio AAC</comment> <comment xml:lang="pt_BR">Áudio AAC</comment> <comment xml:lang="uk">звукові дані AAC</comment> <comment xml:lang="zh_TW">AAC 音訊</comment> <acronym>AAC</acronym> <expanded-acronym>Advanced Audio Coding</expanded-acronym> <glob pattern="*.aac"/> <comment>AAC sound</comment> <glob pattern="*.aac"/> </mime-type> These are global files for all users to determine file types. In the folder ~/.local.share.mime/ are the personal customized xml files for your current user profile. Once the information is sent from the Web Server to the Client the connection is broken. Every object on a web page is opened by a new connection. For instance, a web page with text and five images would require a minimum of six connections. One connection would be for the HTML code and one for each image. Advertisements linked from other web sites would require more connections. NOTE: The command-line program NETSTAT can be used to list all open connections to your local system. When a client browser makes a request, the following information will be sent to the web server: Method – type of request URI – web address Protocol Version – version of HTTP Header Information – things such as client information (language, etc.) Body – the payload of a query file, data or output The server on the other hand can respond with the following: Protocol Version – version of HTTP Message – Success or error Header Information - things such as server information (language, etc.) Body – the payload of a query file, data or output The Methods are as follows: GET – retrieve a file HEAD – retrieves only header information POST – places information on the Web Server, such as uploading text or an image PUT – replaces information on the Web Server with new information DELETE – remove specified files or data CONNECT – establish connection to site OPTIONS – lists options for communication connections TRACE – determine route to target A Server may give a numeric response as follows. Each number grouping has specific definitions, but the first digit has a more general meaning as listed: 1xx – Information 2xx – Success 3xx – Redirection 4xx – Client Error 5xx – Server Error You may have heard the term “HTTP Proxy”. An HTTP Proxy, or simply Proxy is a server which accepts HTTP requests from a client, forwards the request to the Web Server as if the Proxy Server were making the request. When the Proxy Server receives the requested page, it then forwards the files to your system. In this manner, the Web Server believes the Client accessing it is the Proxy Server, not the client system. This method can allow access to a web site by a user without the web site tracking your system. NOTE: Because of the nature of the Proxy Servers, there can be a great amount of lag time between your page request and when you receive the page. Usually, Proxy Servers are used to access illegal sites so that your IP Address is not tracked as being a visitor. There are some legal uses, but the purpose of using a Proxy is usually for more illegal uses. Keep in mind that some companies use a Proxy Server to allow their employees access to the Internet. The Internet connection is only open to the Proxy Server and all client systems must go through the Proxy. In this way, the Proxy tracks all requests to the Internet by each employee system. The Proxy can also be set to block specific web addresses and disallow access to the sites. I mentioned previously about HTTPS, or Hypertext Transfer Protocol Secure. HTTPS uses Secure Sockets Layer (SSL) to encrypt information being sent and retrieved between the client and web server. Usually, all data transferred between client and the web server is in plain text. Passwords, credit card numbers and any personal data should be encrypted so clients on the Internet cannot easily view the data. Any time you are on a web site that is a****g for personal information, look at the address bar to see if the address starts with https://. If the address does not have the https://, the do not send the data since anyone watching on the Internet can see the information being sent.