When I started with web development, I was dreadfully curious about knowing how a website gets delivered from server to web browser. I came to know, that It happens through various network layers, Then I explored HTTP which you generally see before the name of any website in your chrome browser URL bar. So basically HTTP is an application layer protocol that helps web-based applications, communicate with web browsers or we can say that HTTP is a messenger of the web.
HTTP was designed for fetching HTML pages but along with the time it continuously evolved and with lots of improvement, now a days it is used for transferring a variety of data like images, videos, audio, and documents. etc
now let’s discuss a few most important features of HTTP
1-HTTP is connectionless: after making the request, the client disconnect from the server, then when the response is ready the server re-establish the connection again and delivers the response
2-HTTP is stateless: the client and server know about each other just during the current request, if it closes, and the two computers want to connect again, they need to provide information to each other, and the connection is handled as the very first one.
HTTP handles two types of methods.
- request
- response
1. Request
Method- Tells what to do
URI-
- Uniform resource identifier
- It is a set of readable characters
- and a way to locate the resource
Header- Specifies some information and the rules for example the server
2. Response
status code-
It tells the client if the request succeeded or failed2
eg. 200 ok, 404 not found
Now let’s understand what is the meaning of S in HTTPS, So very simply S represents secure, which means that the content travelling between the server to the browser is encrypted so that no one can penetrate or steal the data travelling between the server and the browser
This security is much needed while online payment and logging into some websites, Now we will dig a bit deeper into this security protocol or you can say that now we will understand how things work in this encryption.
So firstly this encryption is achieved by SSL/TLS certificate provided by a third-party CA (certification authority) like Godaddy, cloud flare, sectigo .etc to the websites and an SSL certificate stays inside our browser which is used for matching and verifying the approved certificate which our website is carrying. (you can check out your browser SSL by clicking)
Now let’s understand SSL/TLS
The complete form of SSL is a secure socket layer and TLS is Transport layer security which is of 2 Type
SSL Encryption
1- Asymmetric
2- Symmetric
1 Asymmetric
In Asymmetric encryption, encryption happens with the browser’s public key but decryption happens with the server’s private key. This kind of encryption is achieved by two types of keys that’s why it is known as an asymmetric method. (for understanding, encryption key exchange refer to this video)
2 Symmetric
In symmetric encryption, both encryption & decryption occurs with the same key, that’s why this method is known as a symmetric method. for understanding, encryption key exchange refer to this video
While SSL encryption, both symmetric and asymmetric method works combine to give more security
For understanding a bit deeper and regarding any confusion, feel free to ask in the comment box, I will be happy to help you regarding this topic. I generally reply within 24hr
After Exploring a Lot of things about HTTP and HTTPS, I explored APIs which also fascinated me to deep dive into it and write a blog about it, So stay tuned for it, But if you are aware of APIs you must, Try out this no-code API testing tool, It reduces your effort while API testing. (GITHUB LINK)
