wiki/HowtoHTTP.md

# Howto HTTP

Le procotole HTTP (HyperText Transfer Protocol) est un protocole client/serveur de niveau 7 s'appuyant par convention sur la couche de transport TCP et le port 80. Sa version sécurisée est HTTPS qui s'appuye en plus sur la couche [SSL/TLS](HowtoSSL).

## Comprendre les différentes versions de HTTP grâce à telnet

### HTTP/1.0

La version la plus simple, ll'entête `Host:` est facultatif :

~~~
$ telnet www.debian.org 80
Trying 5.153.231.4...
Connected to www.debian.org.
Escape character is '^]'.
GET / HTTP/1.0

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2016 02:09:37 GMT
Server: Apache
Last-Modified: Fri, 08 Jan 2016 22:27:31 GMT
ETag: "1d8-528da17d9b160"
Accept-Ranges: bytes
Content-Length: 472
Vary: Accept-Encoding
X-Clacks-Overhead: GNU Terry Pratchett
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
[...]
Connection closed by foreign host.
~~~

### HTTP/1.1

L'entête `Host:` est obligatoire :

~~~
$ telnet www.debian.org 80
Trying 5.153.231.4...
Connected to www.debian.org.
Escape character is '^]'.
GET / HTTP/1.1
Host: www.debian.org

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2016 02:11:37 GMT
Server: Apache
Content-Location: index.en.html
Vary: negotiate,accept-language,Accept-Encoding
TCN: choice
Last-Modified: Tue, 04 Oct 2016 15:27:56 GMT
ETag: "3baf-53e0bb4711c9f"
Accept-Ranges: bytes
Content-Length: 15279
Cache-Control: max-age=86400
Expires: Thu, 06 Oct 2016 02:11:37 GMT
X-Clacks-Overhead: GNU Terry Pratchett
Connection: close
Content-Type: text/html
Content-Language: en

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
[...]
Connection closed by foreign host.
~~~

### HTTPS

On gère le tunnel SSL avec `openssl` puis tout est en clair :

~~~
$ openssl s_client -host www.debian.org -port 443
CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
verify return:1
depth=0 OU = Domain Control Validated, OU = Gandi Standard SSL, CN = debian.org
verify return:1
---
Certificate chain
 0 s:/OU=Domain Control Validated/OU=Gandi Standard SSL/CN=debian.org
   i:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2
 1 s:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2
[...]
    Start Time: 1475633567
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
GET / HTTP/1.0

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2016 02:12:56 GMT
Server: Apache
[...]
~~~

### HTTP/2.0

<https://fr.wikipedia.org/wiki/Hypertext_Transfer_Protocol/2>


## Outils

### HEAD/GET/POST

~~~
# apt install libwww-perl
~~~~

Voir <http://gcolpart.evolix.net/blog21/faire-du-postgethead-en-ligne-de-commande/>

### cURL

Voir [TipsCurl]()

### ab : apache bench

~~~
# apt install apache2-utils
~~~


Utilisation :

~~~{.bash}
$ ab -n 1000 -c 100 -l http://127.0.0.1/helloworld.txt
~~~

* `-n` : nombre de requêtes
* `-c` : nombre de requêtes effectuées en simultané
* `-l` : option importante qui tolère la variation de la réponse du serveur (si non, les requêtes seront notées en *Failed requests*)
* `-k` : active le HTTP KeepAlive
init 2016-10-05 04:16:20 +02:00			`# Howto HTTP`

Ajout d'infos sur ab 2016-11-03 23:08:08 +01:00			`Le procotole HTTP (HyperText Transfer Protocol) est un protocole client/serveur de niveau 7 s'appuyant par convention sur la couche de transport TCP et le port 80. Sa version sécurisée est HTTPS qui s'appuye en plus sur la couche [SSL/TLS](HowtoSSL).`

			`## Comprendre les différentes versions de HTTP grâce à telnet`
init 2016-10-05 04:16:20 +02:00
			`### HTTP/1.0`

Ajout d'infos sur ab 2016-11-03 23:08:08 +01:00			La version la plus simple, ll'entête `Host:` est facultatif :
init 2016-10-05 04:16:20 +02:00
			`~~~`
			`$ telnet www.debian.org 80`
			`Trying 5.153.231.4...`
			`Connected to www.debian.org.`
			`Escape character is '^]'.`
			`GET / HTTP/1.0`

			`HTTP/1.1 200 OK`
			`Date: Wed, 05 Oct 2016 02:09:37 GMT`
			`Server: Apache`
			`Last-Modified: Fri, 08 Jan 2016 22:27:31 GMT`
			`ETag: "1d8-528da17d9b160"`
			`Accept-Ranges: bytes`
			`Content-Length: 472`
			`Vary: Accept-Encoding`
			`X-Clacks-Overhead: GNU Terry Pratchett`
			`Connection: close`
			`Content-Type: text/html`

			`<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">`
			`<HTML>`
			`[...]`
			`Connection closed by foreign host.`
			`~~~`

			`### HTTP/1.1`

Ajout d'infos sur ab 2016-11-03 23:08:08 +01:00			L'entête `Host:` est obligatoire :
init 2016-10-05 04:16:20 +02:00
			`~~~`
			`$ telnet www.debian.org 80`
			`Trying 5.153.231.4...`
			`Connected to www.debian.org.`
			`Escape character is '^]'.`
			`GET / HTTP/1.1`
			`Host: www.debian.org`

			`HTTP/1.1 200 OK`
			`Date: Wed, 05 Oct 2016 02:11:37 GMT`
			`Server: Apache`
			`Content-Location: index.en.html`
			`Vary: negotiate,accept-language,Accept-Encoding`
			`TCN: choice`
			`Last-Modified: Tue, 04 Oct 2016 15:27:56 GMT`
			`ETag: "3baf-53e0bb4711c9f"`
			`Accept-Ranges: bytes`
			`Content-Length: 15279`
			`Cache-Control: max-age=86400`
			`Expires: Thu, 06 Oct 2016 02:11:37 GMT`
			`X-Clacks-Overhead: GNU Terry Pratchett`
			`Connection: close`
			`Content-Type: text/html`
			`Content-Language: en`

			`<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">`
			`<html lang="en">`
			`[...]`
			`Connection closed by foreign host.`
			`~~~`

			`### HTTPS`

			On gère le tunnel SSL avec `openssl` puis tout est en clair :

			`~~~`
			`$ openssl s_client -host www.debian.org -port 443`
			`CONNECTED(00000003)`
			`depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root`
			`verify return:1`
			`depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority`
			`verify return:1`
			`depth=1 C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2`
			`verify return:1`
			`depth=0 OU = Domain Control Validated, OU = Gandi Standard SSL, CN = debian.org`
			`verify return:1`
			`---`
			`Certificate chain`
			`0 s:/OU=Domain Control Validated/OU=Gandi Standard SSL/CN=debian.org`
			`i:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2`
			`1 s:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2`
			`[...]`
			`Start Time: 1475633567`
			`Timeout : 300 (sec)`
			`Verify return code: 0 (ok)`
			`---`
			`GET / HTTP/1.0`

			`HTTP/1.1 200 OK`
			`Date: Wed, 05 Oct 2016 02:12:56 GMT`
			`Server: Apache`
			`[...]`
			`~~~`

Ajout d'infos sur ab 2016-11-03 23:08:08 +01:00			`### HTTP/2.0`

			`<https://fr.wikipedia.org/wiki/Hypertext_Transfer_Protocol/2>`


			`## Outils`

			`### HEAD/GET/POST`

			`~~~`
			`# apt install libwww-perl`
			`~~~~`

			`Voir <http://gcolpart.evolix.net/blog21/faire-du-postgethead-en-ligne-de-commande/>`

			`### cURL`

			`Voir [TipsCurl]()`

			`### ab : apache bench`

			`~~~`
			`# apt install apache2-utils`
			`~~~`


			`Utilisation :`

			`~~~{.bash}`
			`$ ab -n 1000 -c 100 -l http://127.0.0.1/helloworld.txt`
			`~~~`
init 2016-10-05 04:16:20 +02:00
Ajout d'infos sur ab 2016-11-03 23:08:08 +01:00			* `-n` : nombre de requêtes
			* `-c` : nombre de requêtes effectuées en simultané
			* `-l` : option importante qui tolère la variation de la réponse du serveur (si non, les requêtes seront notées en Failed requests)
ajout option -k pour ab 2016-11-04 02:05:11 +01:00			* `-k` : active le HTTP KeepAlive