https://chengl.com/tags/http/Recent content in HTTP on Random MusingsHugoen-usCheng LongSun, 30 Jul 2017 09:32:10 +0000https://chengl.com/post/be-wary-of-go-http-client/Sat, 25 Mar 2017 09:30:00 +0000https://chengl.com/post/be-wary-of-go-http-client/<p>Recently, I found out an interesting problem in Go. The problem can be reduced to a simple client request to a HTTP server.</p> <p>Suppose we have a HTTP server, which serves only one rooted path <code>/foo/</code>.</p> <pre><code>package main import ( &quot;io&quot; &quot;log&quot; &quot;net/http&quot; &quot;net/http/httputil&quot; ) func handleFoo(w http.ResponseWriter, req *http.Request) { // request details dump, _ := httputil.DumpRequest(req, true) log.Println(string(dump)) if auth := req.Header.Get(&quot;Authorization&quot;); auth != &quot;Bearer GoodToken&quot; { http.Error(w, &quot;401 Unauthorized&quot;, http.StatusUnauthorized) return } io.WriteString(w, &quot;Hello World!&quot;) } func main() { http.HandleFunc(&quot;/foo/&quot;, handleFoo) log.Fatal(http.ListenAndServe(&quot;:12345&quot;, nil)) } </code></pre> <p><code>handleFoo</code> simplily verifies that correct token is sent in the <code>Authorization</code> header. Otherwise, it returns <code>401 Unauthorized</code>.</p>https://chengl.com/post/http2/Mon, 14 Mar 2016 08:53:00 +0000https://chengl.com/post/http2/<h3 id="what-is-http2-and-why">What is HTTP/2 and Why</h3> <p><a href="https://tools.ietf.org/html/rfc2068">HTTP/1.1</a> has been serving most part of the Web since 1997. As websites get more and more sophisticated and resource intensive, it starts to show its limitations, e.g. one outstanding request per TCP connection. So its next-generation emerged: <a href="http://http2.github.io/">HTTP/2</a>.</p> <p><a href="http://http2.github.io/faq/">HTTP/2 FAQ</a> does a great job explaining the background and specifications. Highly recommended. Here is an executive summary, HTTP/2:</p> <ul> <li>is specifically designed to improve performance</li> <li>is based on <a href="http://tools.ietf.org/html/draft-mbelshe-httpbis-spdy-00">SPDY</a></li> <li>is binary, instead of textual</li> <li>is fully multiplexed, instead of ordered and blocking</li> <li>can therefore use one connection for parallelism</li> <li>uses header compression to reduce overhead</li> <li>allows servers to push responses proactively into client caches</li> <li>is backward-compatible, designed to be drop-in replacement for HTTP/1.1</li> <li>is <a href="http://caniuse.com/#search=http%2F2">supported by most broswers over TLS</a></li> </ul> <p>HttpWatch <a href="https://blog.httpwatch.com/2015/01/16/a-simple-performance-comparison-of-https-spdy-and-http2/">reported</a> good performance improvement by using HTTP/2.</p>https://chengl.com/post/http2/Mon, 14 Mar 2016 08:53:00 +0000https://chengl.com/post/http2/<h3 id="what-is-http2-and-why">What is HTTP/2 and Why</h3> <p><a href="https://tools.ietf.org/html/rfc2068">HTTP/1.1</a> has been serving most part of the Web since 1997. As websites get more and more sophisticated and resource intensive, it starts to show its limitations, e.g. one outstanding request per TCP connection. So its next-generation emerged: <a href="http://http2.github.io/">HTTP/2</a>.</p> <p><a href="http://http2.github.io/faq/">HTTP/2 FAQ</a> does a great job explaining the background and specifications. Highly recommended. Here is an executive summary, HTTP/2:</p> <ul> <li>is specifically designed to improve performance</li> <li>is based on <a href="http://tools.ietf.org/html/draft-mbelshe-httpbis-spdy-00">SPDY</a></li> <li>is binary, instead of textual</li> <li>is fully multiplexed, instead of ordered and blocking</li> <li>can therefore use one connection for parallelism</li> <li>uses header compression to reduce overhead</li> <li>allows servers to push responses proactively into client caches</li> <li>is backward-compatible, designed to be drop-in replacement for HTTP/1.1</li> <li>is <a href="http://caniuse.com/#search=http%2F2">supported by most broswers over TLS</a></li> </ul> <p>HttpWatch <a href="https://blog.httpwatch.com/2015/01/16/a-simple-performance-comparison-of-https-spdy-and-http2/">reported</a> good performance improvement by using HTTP/2.</p>