What HTTP Protocol controls
Caching – HTTP allows the server to instruct proxies and clients about the cacheable information, and the client to guide intermediate cache proxies about the stored document.
Origin Constraint – HTTP implements the Same Origin Policy (SOP) and can also provide a way of loosening SOP by using the CORS Headers to allow access to resources for other origins.
Authentication – the HTTP Protocol provides an Authentication Mechanism to implement HTTP Security for communication throughout the web.
Proxying and tunneling of the servers or clients often located on intranets and hiding their authentic IP addresses from other computers.
Sessions - Using HTTP Cookies allows linking requests with the state of the server to create Sessions.
How HTTP Protocol works
The HTTP protocol provides the users with a way to interact with web resources by transferring hypertext messages between clients and servers. A client sends an HTTP request to the web; on receiving it, the server runs an application to process the request and returns an HTTP response to the browser.
An example of sending a GET request to the server to retrieve a resource.
The server negotiates the connection and responds:
Files and other data the HTTP protocol delivers are called resources and identified by a URL. HTTP Methods indicate how the intended action performs on the identified resource.
HTTP takes place through TCP/IP sockets. A secure version of HTTP, HTTPS transmits data with the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) methods.
HTTP has a special kind of server response that changes the destination of the request, the HTTP Redirect. Redirection starts with a redirect response the server sends to the client. The response of the HTTP Redirect has status code 3xx and a Location header mentioning the new URL.
HTTP Protocol features
HTTP is simple: HTTP messages are human-readable; the HTTP Protocol provides lighter testing for developers and reduced complicacy for newcomers.
HTTP is extensible: HTTP Headers make the protocol easy to extend and practice. A client and a server can even agree about a new header's semantics to introduce new functionality.
HTTP is a Stateless Protocol: HTTP executes each command separately. To overcome this shortage, HTTP clients can use session cookies.
HTTP Protocol Versions
HTTP 0.9 — the One-line Protocol
А simple client-server, request-response, Telenet-friendly protocol; request nature: single-line; supported HTTP methods: GET; response type: hypertext only; connection nature: terminated immediately after the response; no HTTP headers, no status/error codes, no URLs, no versioning.
HTTP 1.0 — Building extensibility
А browser-friendly protocol; header fields include rich metadata about both request and response, such as HTTP version number, status code, and content type; the Content-Type header provides the ability to transmit files other than plain HTML files; supported methods: GET, HEAD, POST; connection nature: terminated immediately after the response.
For both HTTP 0.9 and HTTP 1.0 major problem is establishing a new connection for each request.
HTTP 1.1 — The standardized protocol
Differences and advantages in comparison HTTP 1.0 vs HTTP 1.1 are significant. HTTP 1.1 has persistent and pipelined connections, chunked transfers, compression /decompression, content negotiations, virtual hosting; supported methods are GET, HEAD, POST, PUT, DELETE, TRACE, and OPTIONS; connection nature: long-lived.
HTTP 2.0 and the future
А more efficient expression of HTTP's semantics "on the wire" is now supported by virtually all web browsers and web servers over TLS using an Application-Layer Protocol Negotiation (ALPN) extension. Modern enhancements like HTTP 2.0 have changed the way that the traditional HTTP works.