Laravel

Valeri Tandilashvili's HTTP Notes

Notes
- Git
- PHP
- CSS
- HTML
- JavaScript
- MySQL
- HTTP
- Laravel
- Sass
- jQuery
- Bootstrap
- Linux
- Node
- Composer
- Postman
- NPM
- JSON
- XML
Solutions
- Problem Solving
Resources
- Git
- Problem Solving
- HTML
- Laravel
Project solutions
- JavaScript

Applications.ge
Notes
- Git 102
- PHP 132
- CSS 126
- HTML 114
- JavaScript 62
- MySQL 175
- HTTP 8
- Laravel 71
- Sass 33
- jQuery 3
- Bootstrap 27
- Linux 30
- Node 9
- Composer 17
- Postman 17
- NPM 44
- JSON 39
- XML 23
Solutions
- Problem Solving 4
Resources
Project solutions
- JavaScript 1

Results: 8

200 OK

- Standard response for successful HTTP requests

201 Created

- The request has been fulfilled, resulting in the creation of a new resource

204 No Content

- The server successfully processed the request and is not returning any content

304 Not Modified

- Indicates that the resource has not been modified since the version specified by the request headers If-Modified-Since or If-None-Match

400 Bad Request

- The server cannot or will not process the request due to an apparent client error (e.g., malformed request syntax, too large size, invalid request message framing, or deceptive request routing)

401 Unauthorized

- Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource

403 Forbidden

- The request was a valid request, but the server is refusing to respond to it. The user might be logged in but does not have the necessary permissions for the resource

404 Not Found

- The requested resource could not be found but may be available in the future. Subsequent requests by the client are permissible

409 Conflict

- Indicates that the request could not be processed because of conflict in the request, such as an edit conflict between multiple simultaneous updates

500 Internal Server Error

- A generic error message, given when an unexpected condition was encountered and no more specific message is suitable

HTTP Request Methods CODE

GET

- Retrieves data from the server

HEAD

- Retrieves only headers (without the response body)

POST

- Submits data to the server (used to create resources)

PUT

- Updates/Replaces data on the server

PATCH

- Update/Modify data on the server (used to apply partial modifications to a resource)

DELETE

- Deletes data from the server

HTTP vs HTTPS

HTTP

stands for Hypertext Transfer Protocol. The standard (default) port for

HTTP

connection is

, but other port can also be used HTTP does not have any

security

...

HTTPS

stands for Hypertext Transfer Protocol Secure. HTTPS has a secure transfer. The standard port in

HTTPS

to transfer the information is

HTTPS protocol uses HTTP on connection encrypted by SSL or TLS (therefore it's secure)

HTTP Status Codes

1xx - Informational

- Continue

- Switching Protocols

- Processing (WebDAV) ... 2xx - Success

- OK

- Created

- Accepted

- No Content

- Partial Content ... 3xx - Redirection

- Moved Permanently

- Not Modified

- Temporary Redirect

- Permanent Redirect ... 4xx - Client Error

- Bad Request

- Unauthorized

- Payment Required

- Forbidden

- Not Found

- Method Not Allowed

- Not Acceptable

- Proxy Authentication Required

- Request Timeout

- Conflict ... 5xx - Server Error

- Internal Server Error

- Not Implemented

- Bad Gateway

- Service Unavailable

- Gateway Timeout ...

common HTTP response headers

Tells all caching mechanisms from server to client whether they may cache this object. It is measured in seconds (example: Cache-Control: max-age=3600``)

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

The type of encoding used on the data

Content-Encoding: gzip

The MIME type of this content

Content-Type: text/html; charset=UTF-8

A name for the server

Server: nginx

The date and time that the message was sent

Date: Fri, 30 Oct 2020 14:42:53 GMT

Gives the date/time after which the response is considered stale

Expires: Thu, 01 Dec 1994 16:00:00 GMT

common HTTP request headers

Media types that are acceptable for the response

Accept: text/html, application/xml,...

List of acceptable encodings (HTTP compression types)

Accept-Encoding: gzip, deflate, br

An HTTP cookie previously sent by the server with Set-Cookie (below)

Cookie: _ga=GA1.2.588481944.1592916481; _fbp=fb.1.1592916481604.1420873611; ...

The user agent string of the user agent (browser identifier string)

User-Agent: Mozilla/5.0 (Linux...

Authentication credentials for HTTP authentication

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

The email address of the user making the request

From: user@example.com

The length of the request body in octets (8-bit bytes).

Content-Length: 348

... Note:

browsers that do not support compliant compression method will download uncompressed data

general HTTP headers

Request URL

- reqeusted URL by a user

Request Method

- HTTP method that is used for the request

Status Code

- status code shows how successful the request was

Remote Address

- server address that the website is hosted to

Third party cookie example

Create third party cookie (

setcookie.php

$result = setcookie('cooname', 'V37', [
    'expires' => time() + 3600,
    'path' => '/',
    'domain' => '.sibrdzne.ge',
    'httpOnly' => true,
    'secure' => true,
    'SameSite' => 'None'
]);

Receive cookie from another domain (

getcookie.php

header('Access-Control-Allow-Origin:'.$_SERVER['HTTP_ORIGIN'] ?? '*');
header('Access-Control-Allow-Credentials:true');
echo $_COOKIE['cooname'] ?? 'no-cookie';

Pass cookie and fetch content from another domain (from console):

fetch('https://sibrdzne.ge/getcookie.php', {
    credentials:'include'
}).then(e=>e.text()).then(e=>console.log(e));

Results: 8