Author: Vladimir Pecanac

The HTTP series (Part 5): Security

If you followed along the HTTP series, you are ready now to embark on a journey of HTTP security. And a journey it will be, I promise 🙂 Many companies have been a victim to security breaches. To name just a few prominent ones: Dropbox, Linkedin, MySpace, Adobe, Sony, Forbes and many others were on the receiving end of malicious attacks. Many accounts were compromised and the chances are, at least one of those was yours 🙂 You can actually check that on Have I Been Pwned. My email address was found on 4 different websites that were victims...

Read More

The HTTP series (Part 4): Authentication mechanisms

In the previous part, we’ve talked about the different ways that websites can use to identify the visiting user. But identification itself represents just a claim. When you identify yourself, you are claiming that you are someone. But there is no proof of that. Authentication, on the other hand, is showing a proof that you are what you claim to be, like showing your personal id or typing in your password. More often than not, the websites need that proof to serve you sensitive resources. HTTP has its own authentication mechanisms that allow the servers to issue challenges and get...

Read More

The HTTP series (Part 3): Client identification

Up until now, you learned about the basic concepts and some of the architectural aspects of HTTP. This leads us to the next important subject to the HTTP: client identification. In this article, you’ll learn why client identification is important and how can Web servers identify you (your Web client). You will also get to see how that information is used and stored. This is what we have learned so far, and where we are now: The HTTP series (Part 1): Overview of the basic concepts  The HTTP series (Part 2): Architectural aspects The HTTP series (Part 3): Client...

Read More

The HTTP series (Part 2): Architectural aspects

In the first article of the series, we talked about the basic concepts of the HTTP. Now that we have some foundation to build upon, we can talk about some of the architectural aspects of the HTTP. There is more to HTTP than just sending and receiving data. HTTP cannot function by itself as an application protocol. It needs infrastructure in form of a hardware and software solutions that provide different services and make the communication over the World Wide Web possible and efficient. This is what we have learned so far, and where we are now: The HTTP series (Part...

Read More

The HTTP Reference

This article contains all the reference for my HTTP series. This reference could be helpful if you need to quickly find what some HTTP status code means. It is also some kind of cheat sheet for myself because there is a lot of information to remember by heart. So I hope it is helpful to you too. You can find the reference to the HTTP: Request Methods Status Codes Headers MIME Types Request Methods List of HTTP Request methods (verbs). Request methods MethodDescriptionHas body? CONNECTThis specification reserves the method name CONNECT for use with a proxy that can dynamically switch to...

Read More