Based on an assignment originally developed by Prof. Engelsma.
Objective
The objective of this lab is to help the student develop a deeper understanding of the HTTP protocol. Upon
completion of this homework the student will
- understand the basic mechanics of the HTTP protocol from both a client and server perspective
You may work in pairs, if you wish.
Hands-on with HTTP
We're going to explore the HTTP protocol first-hand by examining its behavior when we interact with the various
websites. We will use Chrome's Developer Tools to examine the underlying HTTP behavior. (Other web browsers have
tools similar to Chrome's Developer Tools.)
- Step 1:
- Familiarize yourself with the built-in developer features in Chrome, or equivalent features in other
browsers. (From the Chrome menu, go to More Tools -> Developer Tools. If you have trouble see this diagram.)
- Step 2:
- Open a private browsing window. (This step is important.)
- Step 3:
- Open the Developer Tools, click on the "Network" tab, and check the "Disable cache" box.
- Step 4:
-
With Developer Tools open, click on the tab labeled "Network", then load the
page
https://cis.gvsu.edu/~kurmasz/Humor/engin.html
Important: Make sure you are using https
not
http
- Step 5:
-
-
What browser and operating system are you using?
-
What is the Status Code; and what does it signify?
-
What would the status code be if you mis-typed "
engin
"?
-
Test your answer to the previous question by trying to fetch
https://cis.gvsu.edu/~kurmasz/Humor/enign.html
(notice the misspelling).
- Step 6:
-
-
Are request headers sent by the browser or the web server?
-
What is the value of the
User-Agent
header?
-
What is the purpose of the
User-Agent
header?
-
Why does the
User-Agent
value appear to list several different web
browsers? (Hint: See this Stack Overflow post:
stackoverflow.com/questions/4024230/strange-user-agent-with-google-chrome
.)
-
Visit the page using a couple other browsers (Safari, Firefox, Chrome, IE, etc.)
and report the different
User-Agent
strings used.
-
What is the value of the
Accept
header?
-
What is the purpose of the
Accept
header?
-
What is the purpose of the "
q
" parameter?
(Hint: Look
here.)
- Step 7:
-
Now, examine the response headers for your call to
https://cis.gvsu.edu/~kurmasz/Humor/engin.html
.
-
What is the value of the
Content-Type
header?
-
What is the purpose of the
Content-Type
header?
-
List the other response headers and briefly describe their purpose.
- Step 8:
- View the actual payload of the HTTP response by clicking on the "Response" tab.
-
What kind of data was received? Does it match the
Content-Type
header?
- Step 9:
-
Visit
https://cis.gvsu.edu/~kurmasz/Images/buzz1.jpg
.
-
What is the
Content-Type?
- Step 10:
- Uncheck the "Disable Cache" box and reload
https://cis.gvsu.edu/~kurmasz/Humor/engin.html
.
-
What is the status code? (If the Status Code is still 200, try refreshing again.)
-
What is the purpose of this status code? What is the benefit of returning this
code instead of 200?
-
What additional request headers did the browser send.
-
What does the value for
If-None-Match
represent?
-
Where did the browser get this value?
- Step 11:
- Load the
page
http://cis.gvsu.edu/~kurmasz/Humor/engin.html
Notice that you are
using http
instead of https
-
What is the status code? What does this status code indicate?
-
What previously unseen response header did the server return when you requested the
"
http
" page?
-
How did your browser respond to this code?
- Step 12:
- Load the
page
https://cis.gvsu.edu/~kurmasz/Images
This URL does not end with a slash.
-
What is the status code? What does this status code indicate?
-
What is the value of the
Location
response header?
-
What is difference between the status code returned for the
http
page
in question 23 from question 26?
(Take note of how this trailing slash is handled --- especially if you are writing a web server!)
Updated Thursday, 23 January 2020, 3:14 PM