HTTP Request/Response Cycle
Marline Khavele
Posted on June 20, 2023
This is the interaction between the client which in this case is our browser and the server, where the client sends an HTTP request to the server and the server responds with an HTTP Response which is a status code.
The main components of the HTTP Response Cycle are:
- Client: This is the web browser that initiates the request.
- Server: This can be a computer on the internet that is responsible for processing a request and generating a response through an HTTP protocol.
- Request: A client sends an HTTP request, The request contains a request method describing what action is requested and the address pointing to the resource plus information about the client, The client can also send information to the server and is packaged in the request as a payload.
- Response:This is the literal response to the request it contains status code information about how the response was handled, plus data requested if the information was successful.
- status codes:These are Numerical codes in the range of 100 to 500 describing what type. of response, the server sent back to the client for example 200 OK and 404 Not Found.
From the image above we see the Client initiates a HTTP request to the server, This information is sent over the network and it reaches the server. The server receives the request, process it, and generates an appropriate response.
Request header
Below is an example of an HTTP header, It can also contain a payload of data such as form submission or uploading files but for this example, we have none at the moment. All this information is passed via HTTP and the browser waits patiently for the response.
GET
Example of a Request header.
Host:jsonplaceholder.typicode.com
User-Agent:PostmanRuntime/7.32.2
Accept:*/*
Accept-Encoding: gzip, deflate, br
Connection:keep-alive
Response header
If there is a server at the requested address specified in the request header it will return a response even if it is a 404 but in this example, the status is 200 OK.
Example of how a Response header.
Date: Tue, 20 Jun 2023 16:12:14 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
X-Ratelimit-Limit: 1000
X-Ratelimit-Remaining: 997
X-Ratelimit-Reset: 1687192684
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Cache-Control: max-age=43200
Pragma: no-cache
Expires: -1
X-Content-Type-Options: nosniff
Etag: W/"c9-5HqU0syvAt5kRuunEKDW0ay10ZE"
Via: 1.1 vegur
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pstM2R0QCYmQuSL%2B%2FT7oUR8Ksi09ZE8IFvLZTUtikjdJsUI%2F68ift8YFhT%2BNWmQvqM8XT6IZLlrKOF5GR4iFp4XI1TZvF12qSKeljPIL%2B4A%2FgZ%2Bco3vupMYkm08F2%2FYuU1iV74pQzSslunm20WA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7da54acd081c19af-FRA
Content-Encoding: br
HTTP status Message
Here we are going to discuss some common HTTP response status codes:
1XX Information: Status codes of this format are informational and rarely encountered, They inform the client of the status of the server.
102 - Processing, tells the client to wait for the server to finish.
100 - Continue and the server has received the request headers and is ready for the rest of the request body.
2xx Success: Codes with this format are for success messages.
200 - The request was successful.
201 - Created and it was successful.
204 - The server processed the request and returned no content.
3XX Redirection: The client is provided with a new URL to follow to get to the requested resource.
301 - Moved permanently tells the client to use the new URI for all future requests.
302/303 - Found at this other URI means temporarily redirected.
307 - Temporary redirect
308 - Permanent redirect
4XX Client error: This signals client errors
400 - Bad request meaning the request is malformed or too large.
401 - Unauthorized the client lacks proper credentials to access the requested resource.
403 - Forbidden means the request is refused by the server.
404 - Not Found meaning the resource does not exist.
405 - Method not allowed is when you try to use GET on a resource that uses POST for example.
5XX Server error: signals server errors.
500 - Internal Server Error means something went wrong on the server.
502 - Bad gateway the server received an invalid response from where it was trying to connect.
503 - Service unavailable encountered when the server is overloaded or temporarily unavailable.
Example of a request.
import requests
def main():
url = "http://earthquake.usgs.gov/earthquakes/feed/v1.0/summary/2.5_day.geojson"
response = requests.get(url)
print(response.status_code) # Print the response status code
print(response.headers) # Print the response headers
print(response.text)
if __name__ == "__main__":
main()
The above code block illustrates the HTTP response cycle. we have used a package called requests from Python to help us in getting the data that we need, In this case, we want to see the headers,status_code, and the actual response.
200
{'Content-Type': 'application/json; charset=utf-8', 'Transfer-Encoding': 'chunked', 'Connection': 'keep-alive', 'Date': 'Tue, 20 Jun 2023 12:45:09 GMT', 'Server': 'Apache', 'Cache-Control': 'public, max-age=60', 'Expires': 'Tue, 20 Jun 2023 12:46:09 GMT', 'Last-Modified': 'Tue, 20 Jun 2023 12:45:09 GMT', 'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Methods': '*', 'Access-Control-Allow-Headers': 'accept,origin,authorization,content-type', 'X-Frame-Options': 'SAMEORIGIN', 'X-Content-Type-Options': 'nosniff', 'X-XSS-Protection': '1', 'Strict-Transport-Security': 'max-age=31536000', 'Vary': 'Accept-Encoding', 'X-Cache': 'Hit from cloudfront', 'Via': '1.1 96d2df8d2655bf1d48c2f4e4db090ae6.cloudfront.net (CloudFront)', 'X-Amz-Cf-Pop': 'TXL50-P1', 'X-Amz-Cf-Id': 'G8XIDr6k96Vtx5jV50Up6TEMz24o_q5hea8C-Cv4agzibaScZJ-ntQ==', 'Age': '39'}
{"type":"FeatureCollection","metadata":{"generated":1687265109000,"url":"https://earthquake.usgs.gov/earthquakes/feed/v1.0/summary/2.5_day.geojson","title":"USGS Magnitude 2.5+ Earthquakes, Past Day","status":200,"api":"1.10.3","count":37},"features":[{"type":"Feature","properties":{"mag":3.48,"place":"122 km N of Suárez, Puerto Rico","time":1687259666390,"updated":1687263668876,"tz":null,"url":"https://earthquake.usgs.gov/earthquakes/eventpage/pr2023171003","detail":"https://earthquake.usgs.gov/earthquakes/feed/v1.0/detail/pr2023171003.geojson","felt":null,"cdi":null,"mmi":null,"alert":null,"status":"reviewed","tsunami":0,"sig":186,"net":"pr","code":"2023171003","ids":",pr2023171003,","sources":",pr,","types":",origin,phase-data,","nst":12,"dmin":1.2585,"rms":0.33,"gap":281,"magType":"md","type":"earthquake","title":"M 3.5 - 122 km N of Suárez, Puerto Rico"},"geometry":{"type":"Point","coordinates":[-65.7848,19.5316,47]},"id":"pr2023171003"},
{"type":"Feature","properties":{"mag":4.7,"place":"Potosi, Bolivia","time":1687251870487,"updated":1687254026040,"tz":null,"url":"https://earthquake.usgs.gov/earthquakes/eventpage/us7000k9tr","detail":"https://earthquake.usgs.gov/earthquakes/feed/v1.0/detail/us7000k9tr.geojson","felt":null,"cdi":null,"mmi":null,"alert":null,"status":"reviewed","tsunami":0,"sig":340,"net":"us","code":"7000k9tr","ids":",us7000k9tr,","sources":",us,","types":",origin,phase-data,","nst":24,"dmin":0.711,"rms":0.62,"gap":84,"magType":"mb","type":"earthquake","title":"M 4.7 - Potosi, Bolivia"},"geometry":{"type":"Point","coordinates":[-67.7983,-22.331,176.354]},"id":"us7000k9tr"},
Error handling in HTTP Response Cycle, This can be a 404,401 indicating a resource wasn’t found or authorized. With such an error message we can extract relevant information about the error and take the appropriate steps and actions.
HTTP response cycle gives us a mechanism of effective error handling, The allows the client and the server to communicate and handle errors well.
{
"error": {
"code": 404,
"message": "The requested resource was not found."
}
}
Posted on June 20, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.