how a web server respond to the right client over HTTP as HTTP is a stateless Protocol. i mean to say that there would be multiple request and response at web server, and a client get its respective response.
During the process of a single http request a socket connection is kept open (if none of the endpoints abandon in that period of time).
The stateless term means that between multiple requests from the same client the protocol alone doesn't do anything for you to keep track of any state.
Related
Just a simple question:
what is the difference between a request and a command in protocols like HTML or SMTP?
Can it be that requests await a response?
Or that one is from the client side and the other from the server side?
Thanks in advance!
Similar to http, smtp requests can contain multiple commands e.g. the TLS command to enabled encryption
E.g. HELO, BYE
Ftp is similar to Smtp, where a single connection (request) exchanges multiple commands (PASV... EXIT) before the connection is closed.
The main difference is the request response for http can usually be visualized as 1 request to 1 response however when you look at how the TLS encryption is applied over http you then see similar commands being exchanged between client and server before the final response is returned to the client.
In short http separates the noise of the commands by encompassing them into the header portions of the request and response.
An example of http commands without encryption would be chucked transfer encoding where the server send a part of the response after the headers in chunks which must be put back together at the client side.
Suppose there is a web server that hosts arbitrary user-controlled content under some paths - public IPFS gateways are the example that got me thinking about this. Is it possible for that server to prevent pages that it serves from installing service workers on clients (and thus spoofing content for non-user-controlled paths)?
There's some helpful info in the service worker specification:
An HTTP request to fetch a service worker's script resource will
include the following header:
Service-Worker Indicates this request is a service worker's script
resource request.
Note: This header helps administrators log the requests and detect
threats.
If you'd like to make sure that your web server doesn't allow any service worker registrations, one approach would be to check for the Service-Worker header on incoming requests and have your web server return an appropriate HTTP error response (anything 4xx or 5xx would workâmaybe 403 or 412?) whenever you detect that.
I'm trying to get the post data from TIdHTTPProxyServer, using OnHTTPBeforeCommand or OnHTTPDocument events but all is useless.
How can I do that?
BTW, I'm using Indy 10, but other solutions (with synapse, for example) will be cool.
Thanks in advance.
POST data is not available in the OnHTTPBeforeCommand event, as it has not been read from the socket yet. Only the HTTP headers are available in that event.
POST data is available in the OnHTTPDocument event, but only under the following conditions:
the POST request uses a non-zero Content-Length header (as TIdHTTPProxyServer does not yet support the Transfer-Encoding header to handle compressed/chunked HTTP messages).
the TIdHTTPProxyServerContext.TransferMode property is tmFullDocument when the OnHTTPBeforeCommand event exits. By default, the TransferMode is set to the same value as the TIdHTTPProxyServer.DefaultTransferMode property, which is tmFullDocument by default.
the client sends the POST request directly to TIdHTTPProxyServer, specifying a full URL as the target. If the client instead sends a CONNECT request directly to TIdHTTPProxyServer to establish a tunnel to the target server and then sends the POST request through the tunnel to the target server (for instance, when establishing SSL sessions for HTTPS requests), TIdHTTPProxyServer does not expose access to that data. It is a straight pass-through from one socket to another.
I am trying my hand in server applications using Indy Internet tools.
My client sends Post data (XML) in Unicode format.
Can I convey my preference to client (HTTP Client). I prefer Text. In general can a HTTP server send its preferences to its Clients?
Thanks for any hint or help.
The problem with this is the fact, that with only one POST the server has no way to respond, until the client has already sent the data.
The solution is to make two calls: One where the client asks for the server preferences and another to send the data. The OPTIONS HTTP method can be used for this scenario.
You can handle both requests on the same URL: If the clients makes an OPTIONS request the server responds with the configuration data. (via response headers) Then the client can make a POST request on the same URL and the server handles the data appropriately.
For further information see HTTP methods and HTTP headers, especially the Accept header.
I need to program a stateless server to execute remote methods. The client uses REST with a JSON parameter to pass the method name and its parameters. After servicing the result the session is closed. I have to use Indy10, TCP/IP as protocol, and therefore look at using IdHTTPServer.
Large result sets are chunked by Indy10 and sent to the client in parts.
My problem now is:
The methods on the server provide progress information if they take longer to produce the results. These are short messages. How can I write back to the client?
So far I have used writeflush on the server, but the client waited for the request to end before handing back the full resultset, including the progress information. What can I do to display/process such progress information on the client and yet keep the connection open to receive further data on the same request?
On the client side instead of the regular HTTP client component TIdHTTP you can instead use Indy class TIdTCPClientCustom in unit IdTCPClient to send the request and process the response.
This class gives total control over the processing of the server responses. I used the TIdTelnet class as a starting point to implement a client for a message broker messaging protocol, and found it stable and reliable for both text and binary data.
In the receiving thread, the incoming data can be read up to delimiters and parsed into chunks (for the progress information) and immediately processed.