CIS 371

Exploring HTTP

Winter 2023
Based on an assignment originally developed by Prof. Engelsma.

Objective

The objective of this lab is to help the student develop a deeper understanding of the HTTP protocol. Upon completion of this homework the student will You may work in pairs, if you wish.

Please submit typed answers.

Hands-on with HTTP

We're going to explore the HTTP protocol first-hand by examining its behavior when we interact with the various websites. We will use Chrome's Developer Tools to examine the underlying HTTP behavior. (Other web browsers have tools similar to Chrome's Developer Tools.)
Step 1:
Familiarize yourself with the built-in developer features in Chrome, or equivalent features in other browsers. (From the Chrome menu, go to More Tools -> Developer Tools. If you have trouble see this diagram.)
Step 2:
Open a private browsing window. (This step is important.)
Step 3:
Open the Developer Tools, click on the "Network" tab, and check the "Disable cache" box.
Step 4:
With Developer Tools open, click on the tab labeled "Network", then load the page https://kurmasgvsu.github.io/Humor/engin.html Important: Make sure you are using https not http
Step 5:
Select and expand the HTTP message labeled "engin.html". Make sure the Headers tab is selected, then look through the General section for the Status Code
  1. What browser and operating system are you using?
  2. What is the Status Code; and what does it signify?
  3. What would the status code be if you mis-typed "engin"?
  4. Test your answer to the previous question by trying to fetch https://kurmasgvsu.github.io/Humor/enign.html (notice the misspelling).
Step 6:

Examine the request headers for your call to https://kurmasgvsu.github.io/Humor/engin.html.

  1. Are request headers sent by the browser or the web server?
  2. What is the value of the User-Agent header?
  3. What is the purpose of the User-Agent header?
  4. Why does the User-Agent value appear to list several different web browsers? (Hint: See this Stack Overflow post: https://stackoverflow.com/questions/4024230/strange-user-agent-with-google-chrome.)
  5. Visit the page using a couple other browsers (Safari, Firefox, Chrome, IE, etc.) and report the different User-Agent strings used.
  6. What is the value of the Accept header?
  7. What is the purpose of the Accept header?
  8. What is the purpose of the "q" parameter in the "Accept" value? (Hint: Look here.)
Step 7:
Now, examine the response headers for your call to https://kurmasgvsu.github.io/Humor/engin.html.
  1. What is the value of the Content-Type header?
  2. What is the purpose of the Content-Type header?
  3. List the other response headers and briefly describe their purpose.
Step 8:
View the actual payload of the HTTP response by clicking on the "Response" tab.
  1. What kind of data was received? Does it match the Content-Type header?
Step 9:
Visit https://kurmasgvsu.github.io/Images/buzz1.jpg.
  1. What is the Content-Type?
Step 10:
Uncheck the "Disable Cache" box and reload https://kurmasgvsu.github.io/Humor/engin.html.
  1. What is the status code? (If the Status Code is still 200, try refreshing again.)
  2. What is the purpose of this status code? What is the benefit of returning this code instead of 200?
  3. What additional request headers did the browser send.
  4. What does the value for If-None-Match represent?
  5. Where did the browser get this value?
Step 11:
Load the page http://kurmasgvsu.github.io/Humor/engin.html Notice that you are using http instead of https
  1. What is the status code? What does this status code indicate?
  2. What previously unseen response header did the server return when you requested the "http" page?
  3. How did your browser respond to this code?

Updated Monday, 26 December 2022, 11:04 AM

W3c Validation