Chapter 14 - WEB, REST Flashcards
Http and its features
HTTP (Hypertext Transfer Protocol) is the foundation of communication on the World Wide Web. Here are some of its key features:
Statelessness: HTTP is stateless, meaning it treats each request independently, without retaining any information from previous interactions. This simplifies implementation but may require additional mechanisms like cookies or session handling for maintaining state between requests.
Client-Server Model: It operates in a client-server model where the client (typically a web browser) sends requests to the server (where websites are hosted) and receives responses in return.
Request Methods: HTTP defines various request methods or verbs, such as GET (retrieve data), POST (submit data to be processed), PUT (update a resource), DELETE (remove a resource), and more. Each method serves a specific purpose and determines the action to be performed on the server.
URI (Uniform Resource Identifier): HTTP uses URIs to identify resources on the web. A URI can be a web page, an image, a file, or any other resource that can be accessed via a web browser.
Headers: HTTP uses headers to transmit additional information with each request and response. Headers contain metadata about the message, such as content type, caching directives, authentication details, and more.
Status Codes: HTTP defines a range of status codes that indicate the outcome of a request. For instance, 200 OK signifies success, 404 Not Found indicates the requested resource is unavailable, 500 Internal Server Error denotes an issue on the server side, and so on.
Connection Handling: HTTP allows persistent connections, enabling multiple requests and responses to be sent over a single TCP connection, reducing the overhead of establishing new connections for each request.
Security: HTTP can be augmented with security protocols like HTTPS (HTTP Secure), which uses encryption (SSL/TLS) to secure data transmission between the client and the server, ensuring privacy and integrity.
Http Versions
HTTP/0.9: This was the earliest version of HTTP, introduced in 1991. It was a simple protocol used for transferring hypertext documents and only supported the GET method without headers. It didn’t include status codes or headers other than the required URL.
HTTP/1.0: This version, introduced in 1996, expanded the protocol’s capabilities significantly. It added support for various request methods (like POST, HEAD, and more), status codes (including 404 Not Found), and headers, allowing more complex transactions between clients and servers.
HTTP/1.1: Released in 1997, HTTP/1.1 brought further improvements and optimizations to the protocol. It introduced features like persistent connections (allowing multiple requests over a single TCP connection, reducing latency), chunked transfer encoding (enabling transmission of data in parts), and host headers (allowing multiple websites to be served from a single IP address). HTTP/1.1 remains widely used on the web.
HTTP/2: This major update, standardized in 2015, aimed to address the limitations of HTTP/1.1. It introduced several performance enhancements, including multiplexing (allowing multiple requests and responses to be sent concurrently over a single connection), header compression (reducing overhead), server push (allowing servers to push resources to clients proactively), and more efficient binary framing, resulting in faster page load times.
HTTP/3: This version, standardized in 2020, is a significant departure from its predecessors. It is based on Google’s QUIC protocol (Quick UDP Internet Connections) and uses UDP (User Datagram Protocol) instead of TCP (Transmission Control Protocol) for transport. HTTP/3 improves performance further by reducing latency through mechanisms like encryption by default and better handling of packet loss.
Browser?
A browser, short for web browser, is a software application used to access and navigate the World Wide Web. It acts as an interface between a user and the internet, allowing users to view websites, access web pages, and interact with various online content.
Key features and functions of a web browser include:
Rendering Web Pages: Browsers interpret HTML (Hypertext Markup Language), CSS (Cascading Style Sheets), and JavaScript code to render web pages, presenting text, images, videos, and other multimedia elements in a visually appealing format.
TCP?
TCP (Transmission Control Protocol) is one of the core protocols of the Internet Protocol Suite (commonly known as TCP/IP), providing a reliable, connection-oriented, and stream-oriented communication between devices over a network. It operates at the transport layer of the TCP/IP model and is responsible for ensuring data delivery and integrity between applications running on different devices.
Key features of TCP include:
Reliability: TCP ensures reliable data delivery by using acknowledgment mechanisms. When a device sends data over TCP, the receiving device acknowledges the receipt of each segment. If a segment is lost or not acknowledged, TCP automatically retransmits the data to ensure reliable delivery.
Connection-Oriented: TCP establishes a connection between two devices (known as a TCP connection) before transmitting data. This connection setup involves a three-way handshake process (SYN, SYN-ACK, ACK) between the sender and receiver to establish parameters for communication.
IP
IP, short for Internet Protocol, is a fundamental protocol that enables communication and data transfer across networks, including the internet. It’s a core component of the Internet Protocol Suite (TCP/IP) and is responsible for routing packets of data from a source device to a destination device in a network.
Key characteristics of IP include:
Packet Switching: IP breaks data into smaller units called packets. Each packet contains both the data being transmitted and metadata, including the sender’s and receiver’s IP addresses. These packets are independently routed across various networks and reassembled at the destination.
Addressing: IP assigns unique numerical addresses, known as IP addresses, to devices connected to a network. IPv4 (Internet Protocol version 4) uses a 32-bit address format, while IPv6 (Internet Protocol version 6) uses a 128-bit address format. IP addresses are essential for identifying and locating devices on a network.
URL?
URL stands for Uniform Resource Locator. It’s a reference or address used to identify and locate resources on the internet, such as web pages, files, images, videos, or any other content. URLs are essential for accessing specific resources hosted on web servers.
A URL consists of several components that specify the location and access method for a resource:
Scheme: It indicates the protocol or scheme used to access the resource. For example, “http://” or “https://” for web pages, “ftp://” for file transfer, “mailto://” for email addresses, etc.
Domain Name or IP Address: This part identifies the specific location of the resource. Domain names (e.g., www.example.com) or IP addresses (e.g., 192.0.2.1) are used to locate the server hosting the resource.
Port Number (optional): It specifies a port on the server to establish a connection. If not specified, the default port for the specified protocol is used (e.g., port 80 for HTTP, port 443 for HTTPS).
Path: It defines the specific location or directory structure on the server where the resource is located. For example, “/folder/page.html” refers to a web page named “page.html” inside a folder named “folder.”
Query Parameters (optional): It includes additional parameters or data that can be sent to the server. These parameters are separated from the URL by a question mark (?) and consist of key-value pairs (e.g., “?id=123&name=example”).
Fragment Identifier (optional): It points to a specific section or anchor within a resource. It is indicated by a hash symbol (#) followed by a fragment identifier (e.g., “#section2” for a specific section of a web page).
DNS?
DNS, which stands for Domain Name System, is a decentralized hierarchical naming system used to translate human-readable domain names into IP addresses. It serves as the internet’s address book, allowing users to access websites and other online services using easily understandable domain names instead of complex numerical IP addresses.
Here’s how DNS works:
Domain Names: Domain names (e.g., www.example.com) are alphanumeric labels used to identify websites or internet resources. Each domain name represents a unique location on the internet.
Proxy?
A proxy server acts as an intermediary between a user’s device (such as a computer or smartphone) and the internet.
Cache?
A cache is a hardware or software component that stores data temporarily to facilitate quicker access and retrieval. It stores copies of frequently accessed or recently used data in a location that allows for faster access compared to retrieving the same data from its original source.
Caches are utilized in various computing systems, including:
Web Browsers: Web browsers use a cache to store web pages, images, scripts, and other resources locally on a user’s device. When a user revisits a web page, the browser can retrieve some elements from the cache instead of re-downloading everything from the internet, resulting in faster page loading times.
Cookies?
Cookies are small pieces of data stored in a user’s web browser by websites they visit. They are created by web servers and are sent to the user’s browser where they are stored. Cookies serve several purposes in web browsing:
Session Management: Cookies are commonly used for session management, allowing websites to recognize users as they navigate between pages or return to the site. Session cookies are temporary and are deleted when the user closes the browser.
TLS
A TLS (Transport Layer Security) certificate, formerly known as an SSL (Secure Sockets Layer) certificate, is a digital certificate that establishes a secure encrypted connection between a web server and a web browser.
Key points about TLS certificates:
Encryption: TLS certificates use encryption algorithms to secure data transmitted over the internet. This encryption prevents unauthorized access or interception of sensitive information, such as login credentials, personal details, or financial data.
Authentication: TLS certificates also serve to authenticate the identity of a website. They are issued by trusted Certificate Authorities (CAs) after verifying the legitimacy of the requesting entity (e.g., a website or organization). When a user visits a website with a valid TLS certificate, the browser confirms the certificate’s authenticity, assuring the user of the website’s identity.
Basics of RESTful APIs
REST is an API architecture style. It stands for Representational State Transfer (REST). REST is an architectural style that defines a set of constraints to be used for creating web services. REST API is a way of accessing web services in a simple and flexible way without having any processing. REST technology is generally preferred to the more robust Simple Object Access Protocol (SOAP) technology because REST uses less bandwidth, simple and flexible making it more suitable for internet usage. It’s used to fetch or give some information from a web service. All communication done via REST API uses only HTTP protocol.
Richardson REST API Maturity Model
The Richardson Maturity Model grades RESTful API by their maturity. The REST Maturity Model is a way to grade your API according to the constraints of REST. It describes four different levels of REST (starting from 0 to 3 level). A REST API that supports hypermedia controls is classified as Level 3 in this maturity model.
Level 0 - a single URI and use a single HTTP method (typically POST)
These services have a single URI and use a single HTTP method (typically POST). This is the most primitive way of building SOA applications with a single POST method and using XML to communicate between services. Level zero of maturity does not make use of any of URI, HTTP Methods, and HATEOAS capabilities.
Level 1 - different URIs for different resources but use a single HTTP method (typically POST)
API design at Level 1 is all about using different URIs to interact with the different resources in your application but only a single HTTP verb – generally HTTP POST. These services will give each resource, available in the application, a unique URI. A unique URI separately identifies one unique resource – and that makes these REST API better than level zero.
Level 2 - different URIs and HTTP Verbs for manipulating resources
REST API of Level 2 uses different URIs and HTTP Methods, but does not use the HATEOAS. Such REST API supports several of the HTTP verbs on each exposed resource – Create, Read, Update and Delete (CRUD) operations. Here the state of resources, typically representing business entities, can be manipulated over the network.Maturity level 2 is the most popular usecase of REST principles, which advocate using different verbs based on the HTTP request methods, while the system can have multiple resources.
Level 3 - different URIs and HTTP Verbs and HATEOAS
REST API of Level 3 is the most mature level of Richardson’s model, which encourages easy discoverability. This level makes it easy for the responses to be self-descriptive by using HATEOAS. Level 3 leads the service consumers through a trail of resources, causing application state transitions as a result.
What is resource in Rest API?
Resource
The key abstraction of information in REST is a resource. Any information that can be named can be a resource: a document or image, a temporal service (e.g. “today’s weather in Los Angeles”), a collection of other resources, a non-virtual object (e.g. a person), and so on. In other words, any concept that might be identified by a URI provided by the server can be called a resource. A resource is an object with a type, associated data, relationships to other resources, and a set of methods that operate on it. It is similar to an object instance in an object-oriented programming, with the important difference that only a few standard methods are defined for the resource (corresponding to the standard HTTP GET, POST, PUT and DELETE methods), while an object instance typically has many methods. Resources can be singleton or grouped into collections.
1.Singleton and Collection Resources
For example, “customers” is a collection resource and “customer” is a singleton resource (in a banking domain).We can identify “customers” collection resource using the URI “/customers“. We can identify a single “customer” resource using the URI “/customers/{customerId}“.
2.Collection and Sub-collection Resources
A resource may contain sub-collection resources also. For example, sub-collection resource “accounts” of a particular “customer” can be identified using the URN “/customers/{customerId}/accounts” (in a banking domain). Similarly, a singleton resource “account” inside the sub-collection resource “accounts” can be identified as follows: “/customers/{customerId}/accounts/{accountId}“.
Resource state
Resource state is the current state of a resource on a server at any point in time – and it has nothing to do with the interaction between client and server. It is what we get as a response from the server as the API response. We refer to it as resource representation.