Knowledge on HTTP Requests


HTTP REQUESTS


HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers.
A web browser for example, may be the client and an application running on a computer hosting a  website may be the server. The client submits an HTTP request message to the server. The server, which provides resources such as HTML files and other content, or performs other functions on behalf of the client, returns a response message to the client. The response contains completion status information about the request and may also contain requested content in its message body.

Request Methods:

HTTP defines to indicate the desired action to be performed on the identified resource.

Safe methods
Some of the methods (for example, HEAD, GET, OPTIONS and TRACE) are, by convention, defined as safe, which means they are intended only for information retrieval and should not change the state of the server. In other words, they should not have side effects

TRACE METHOD:
The TRACE method can be used as part of a class of attacks known as cross-site tracing; for that reason, common security advice is for it to be disabled in the server configuration. Microsoft IIS supports a proprietary "TRACK" method, which behaves similarly, and which is likewise recommended to be disabled.

IENUMERABLE

IEnumerable is an interface that defines one method GetEnumerator which returns an IEnumerator interface, this allows readonly access to a collection then collection that implements IEnumerable can be used with a for-each statement.

HTTP 0.9 had a single method: GET.
HTTP 1.0 had the methods: GET, HEAD, and POST.
HTTP 1.1, the current version, has the methods: GET, HEAD, POST, OPTIONS, PUT, DELETE, TRACE, and CONNECT.


GET
GET requests are the most common and widely used methods in APIs and websites. Simply put, the GET method is used to retreive data from a server at the specified resource. If  you have an API with a /GetOrganizations endpoint. Making a GET request to that endpoint should return a list of all available organizations.
  • Check that a valid GET request returns a 200 status code.
POST
In web services, POST requests are used to send data to the API sever to create or update a resource. The data sent to the server is stored in the request body of the HTTP request. When you fill out the inputs in a form and hit Send, that data is put in the response body of the request and sent to the server. This may be JSON, XML, or query parameters
POST request is non-idempotent means sending an identical POST request multiple times may further affect state or cause further side effects. (Idempotence refers to the state of the system after the request has completed)

PUT

Simlar to POST, PUT requests are used to send data to the API to create or update a resource. The difference is that PUT requests are idempotent. That is, calling the same PUT request multiple times will always produce the same result. In contrast, calling a POST request repeatedly make have side effects of creating the same resource multiple times.
Check for these things when testing PUT requests:
  • Repeatedly calling a PUT request always returns the same result (idempotent).
  • After updating a resource with a PUT request, a GET request for that resource should return the new data.
  • PUT requests should fail if invalid data is supplied in the request -- nothing should be updated.

DELETE

The DELETE method is exactly as it sounds: delete the resource at the specified URL. This method is one of the more common in RESTful APIs so it's good to know how it works.
If a new user is created with a POST request to /users, and it can be retrieved with a GETrequest to / Organization /{{ organizationId }}, then making a DELETE request to /users/{{ organizationId }} will completely remove that user.

HEAD

The HEAD method is almost identical to GETexcept without the response body. In other words, if GET /users returns a list of users, then HEAD /users will make the same request but won't get back the list of users.
HEAD requests are useful for checking what a GET request will return before actually making a GET request
(This is useful for retrieving meta-information written in response headers, without having to transport the entire content.)

OPTIONS

asks for a list of the HTTP methods that a specific server will accept.
This can be used to check the functionality of a web server by requesting '*' instead of a specific resource.

TRACE

Simply sends back whatever is sent to it. The only value in TRACE is that if you get back content different from what you sent, you can see what changes things like proxies might have made to it while passing through them. (changes or additions have been made by intermediate servers.)

CONNECT

Asks to establish a TCP/IP connection tunneled through HTTP. This would allow you to connect through web server to other services -- handy if you works somewhere that blocks everything but web traffic. 


PATCH

The PATCH method applies partial modifications to a resource.[
it is similar to POST and PUT. The difference with PATCH is that you only apply partial modifications to the resource.
The difference between PATCH and PUT, is that a PATCH request is non-idempotent (like a POST request).
To expand on partial modification, say you're API has a /users/{{userid}} endpoint, and a user has a username. With a PATCH request, you may only need to send the updated usernamein the request body.
This is all about HTTP Requests.
Learn More-

Comments

Post a Comment

Popular posts from this blog

Sending Email using smtp || Mailkit in ASP.Net

HOW TO SEND EMAIL USING SMTP || MAILKIT IN ASP.NET WEBFORMS, ASP.NET Core USING C# If we need your application to send email to specific mail id, either for Login confirmation or any other purpose. You can use .NET namespace “system.web.mail” which allows users to send smtp mails. SMTP runs on port no 25 is   t he default port, but it may vary different Mail Servers . What is SMTP ? SMTP ( simple mail transfer protocol ) is an electronic standard for email transmission. When you receive an email in your inbox, most likely it is being sent from an SMTP. Below are a few good SMTP alternatives which you might want to look into. §   SparkPost  (free up to 100,000 emails per month) §   Mailgun  (free up to 10,000 emails per month) §   Mailjet  (free up to 6,000 emails per month) §   Amazon SES §   SendGrid Sending mail in ASP.NET (C#) using System; using System.Windows.Forms; using System.Net.Mail; n...
Read more