W
WebDevGuide
🌐

HTTP/HTTPS

Request/response cycle, methods, status codes, headers, and TLS encryption

What is HTTP?

The foundation of data communication on the web

HTTP (HyperText Transfer Protocol) is the foundation of data communication on the World Wide Web. When you visit a website, your browser sends an HTTP request to a server, which processes it and sends back an HTTP response.

This request-response cycle is the core of how web applications work. Understanding it deeply will help you debug issues, optimize performance, and design better APIs.

Request-Response Cycle

How client and server communicate

HTTP Request-Response Flow

Watch how data flows between client and server

Client (Browser)
Request → ← Response
Server (Web Server)
Ready: Client is ready to make a request
HTTP Request
GET /api/users HTTP/1.1
Host: example.com
Accept: application/json
Authorization: Bearer token123
User-Agent: Mozilla/5.0
HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: max-age=3600

{"users": [...]}

HTTP Methods

Different types of requests for different operations

CRUD Operations Mapping

Each method serves a specific purpose in RESTful APIs

Click on a method to see details

CRUD to HTTP Methods Mapping

Create
POST
Read
GET
Update
PUT / PATCH
Delete
DELETE
💡

Why does idempotency matter?

Idempotent methods are safe to retry. If a network error occurs, you can safely resend a GET, PUT, or DELETE request without causing duplicates. POST is not idempotent - retrying might create duplicate records.

Status Codes

Server responses categorized by meaning

1xx
Informational
2xx
Success
3xx
Redirection
4xx
Client Error
5xx
Server Error
🎯

Common Interview Question

"What's the difference between 401 and 403?"
401 means "Who are you?" (authentication missing/invalid).
403 means "I know who you are, but you can't do this" (authorization failed).

Common Headers

Metadata that controls request and response behavior

Request Header
Response Header
Both

TLS/SSL Handshake

How HTTPS establishes a secure connection

The TLS Handshake Process

Before any HTTP data is sent, client and server establish encryption

Client
Client Hello
Server
Client Hello

Client sends supported TLS versions, cipher suites, and a random number

Asymmetric Encryption

Used during handshake. Public key encrypts, private key decrypts. Slower but secure for key exchange.

Symmetric Encryption

Used after handshake. Same key for encrypt/decrypt. Fast, efficient for data transfer.

🔐

Why HTTPS Matters

  • Encryption: Data cannot be read by eavesdroppers
  • Authentication: Proves you're talking to the real server
  • Integrity: Data cannot be modified in transit

Key Terms to Remember

Master these terms for technical interviews