Web Engineering and HTTP Methods Quiz

Questions and Answers

Which HTTP methods are considered to be safe?

• GET, HEAD, OPTIONS, TRACE (correct)
• PUT, DELETE, TRACE, PATCH
• POST, PATCH, DELETE, PUT
• GET, POST, OPTIONS, TRACE

What defines an idempotent request?

• The request results are always unique irrespective of the number of calls.
• Multiple identical requests have the same side effects as a single request. (correct)
• The request alters the state of the resource every time it is made.
• It can only be executed once without changing the resource state.

Which statement is true about the HTTP methods POST and PATCH?

• Both methods are non-idempotent and may alter the resource state. (correct)
• Both methods are idempotent and safe.
• Both methods are safe and do not require user accountability.
• Both methods are used for retrieving resources.

What does the URI in a PUT request identify?

The entity enclosed within the request. (C)

Which of the following headers indicates the estimated age of the entity?

Age (C)

When should you use the GET method?

For safe interactions with the server. (D)

Which header field specifies whether the server can handle partial requests?

Accept-Ranges (A)

In the structure of an HTTP response message, what comes after the status-line?

General-header (D)

Which statement accurately differentiates the Web from the Internet?

The Web allows for resource retrieval, while the Internet facilitates interconnected networks. (D)

What role does the Transport layer play in the TCP/IP model?

It allows sources and targets to converse. (B)

What is a characteristic of Internet Service Providers (ISPs)?

ISPs provide direct access to end-users with a fully digital network. (B)

What is the primary purpose of Internet Exchange Points (IXPs)?

To facilitate peering among ISP networks. (C)

Which option describes the influence of the last mile on user-perceived bandwidth?

The last mile can limit user access speed to digital or analog connections. (B)

What is a significant challenge in computer science related to web engineering?

Cache invalidation and naming things. (B)

What does the Internet layer's role involve in the TCP/IP model?

It allows hosts to inject packets into various networks. (D)

What concept is illustrated by the phrase 'not an actual network but a collection of heterogeneous networks'?

The Internet comprises various independent network types. (B)

What is the primary purpose of a Uniform Resource Identifier (URI)?

To provide a universal addressing scheme for resources. (A)

Which of the following statements is true about URLs?

A URL can uniquely identify a resource's primary access mechanism. (B)

What does a URN signify about a resource?

It provides a logical address for a resource regardless of where it is stored. (D)

What is the default port number commonly used by the HTTP protocol?

80 (A)

What is meant by 'connection oriented' in the context of HTTP?

HTTP does not track the state between requests and responses. (C)

What are query components used for in a URI?

To provide additional parameters for accessing the resource. (A)

How does HTTP achieve reliability?

Through the careful structuring of messages and retransmissions. (A)

Which of these represents a hierarchical structure in URI schemes?

The path that indicates specific semantics. (C)

What is the primary function of a proxy in the HTTP protocol?

To act on behalf of an origin server and forward requests. (B)

Which role in HTTP acts as an intermediary that translates requests?

Gateway (D)

What distinguishes a tunnel from other roles in HTTP?

It simply routes messages without examining their content. (C)

Which HTTP role is responsible for processing requests and sending responses?

Origin Server (A)

In the client-server architectural pattern, why is the client also referred to as a User Agent?

It is a program that submits requests to the server. (C)

What is the primary benefit of caching for content providers?

Reduces network bandwidth usage (C)

What mechanism is essential for ensuring that cached copies remain up to date?

Cache invalidation (B)

How does the HTTP mechanism ensure cache consistency?

Through timestamps for expiry and validity checking (C)

What does semantic transparency imply in the context of HTTP?

The use of cache should not change the response from the origin server (B)

What does the expiry model for cache correctness define about cached responses?

Responses are called fresh until their defined lifetime is exceeded (A)

Which of the following is NOT an exception for serving outdated responses from the cache?

Server initiates an update process (B)

What is the purpose of the 'Age' response header field in caching?

To track the time a resource has been cached (C)

What is a challenge associated with maintaining cache consistency?

Changing resources on the origin server results in outdated cached copies (B)

Which of the following statements regarding the cache with zero lifetime is correct?

Responses expire immediately and are never fresh (C)

What can happen if the clocks of caches and origin servers are not synchronized?

Cache consistency may be compromised (B)

What is the primary purpose of the Date header field in response messages?

To indicate when the response was generated by the server (A)

Which header field takes precedence if both Expires and Cache-Control are specified?

Cache-Control (C)

What should a server do if it wants to prevent caching of a response that changes frequently?

Specify a past date as the expiration date (D)

What does the freshness period of a cached response depend on?

The difference between Expires and Date headers (B)

In the absence of defined expiry headers, how can caches determine the validity of a response?

By evaluating the Last-Modified header (B)

Which of the following statements about Expires and Cache-Control headers is false?

They are mandatory for all HTTP responses. (D)

What happens if a cache receives a response with Cache-Control set to no-cache?

The cache may store the response but must check with the server before using it. (B)

What indicates that a cached response is still fresh?

The freshness period is longer than the age of the response. (D)

Flashcards

Client (User Agent)

A program that sends requests to a server.

Server

A program that receives and processes requests, sending a response.

Origin Server

The server containing the requested resource.

Proxy

A program that acts as an intermediary between a client and an origin server.

Gateway

A server that acts as an intermediary for another server, presenting itself as the origin server to the client.

The Internet

A global network of interconnected computer networks, forming a vast infrastructure for communication and data transfer.

The World Wide Web

A system for retrieving information using URLs, hyperlinks, and accessible resources over the internet.

TCP/IP Model

A network architecture that describes how data travels across the internet.

Points of Presence (POPs)

The part of the internet where user data enters an ISP network.

Internet eXchange Points (IXPs)

A network interconnection point where ISPs exchange traffic among themselves.

Tier 1 ISPs

Large ISPs with connections to a significant number of other ISPs, forming the backbone of the internet.

Uniform Resource Identifier (URI)

A unique identifier for a specific resource on the internet, providing a way to access it.

Hypertext Transfer Protocol (HTTP)

A protocol that allows communication between web clients and servers, facilitating the exchange of data.

Safe HTTP Request

A type of HTTP request that retrieves data from a server without changing anything on the server. Examples include browsing web pages or checking for user login information.

Idempotent Request

A request where multiple identical requests have the same result as a single request. For example, sending the same request twice won't change the outcome.

POST Request

A type of HTTP request that creates or updates data on the server. Examples include submitting online forms or posting messages to a forum.

PUT Request

A type of HTTP request that updates a specific resource on the server. It replaces the existing resource with the one provided in the request body.

DELETE Request

A type of HTTP request that deletes a specific resource from the server.

Status Line

The first line of an HTTP response message, containing the HTTP version, status code, and reason phrase.

Response Headers

A series of key-value pairs that provide additional information about the HTTP response, such as the server type, caching information, or authentication details.

Message Body

An optional part of an HTTP response, containing the actual data being returned to the client. This can be any type of content, such as text, images, videos, or files.

Uniform Resource Name (URN)

A URI that uniquely identifies a resource, independent of where it's stored, like its physical location. Think of it as the resource's logical address.

Uniform Resource Locator (URL)

A URI that identifies a resource by its access method, like its location on a network. Essentially, it's the physical address of a resource.

Stateless Communication

A specific request-response pattern with no state maintained between interactions. Each request is independent of the last one. It's a fresh start every time.

HTTP Port

The HyperText Transfer Protocol (HTTP) is based on TCP, which usually communicates on port number 80. This is like the default address where the HTTP server listens for requests.

HTTP Message Structure

HTTP messages are made of two parts: a header and a body. The header contains meta-information about the request or response, while the body carries the actual data, like HTML content or images, in a MIME format.

HTTP's reliability on TCP

HTTP is a reliable protocol, ensuring requests and responses are delivered consistently. TCP also provides connection oriented communication means it maintains a continuous connection until finished.

Date header

The header field that indicates when a response was created by the origin server.

Expires header

The header field that sets a specific date after which a cached response is considered expired.

max-age directive

A directive within the Cache-Control header that specifies the maximum age of a cached response.

no-cache directive

The server instructs the cache to never use cached responses for serving requests. Typically used when responses vary frequently.

Freshness Period

A cached response's freshness period is determined by comparing the response's age with its freshness period. It's considered fresh if the freshness period is greater than the age.

Heuristic Validity Determination

A cache relies on heuristic algorithms to determine the validity of responses when expiry information is missing. The Last-Modified header is often used for this purpose.

Cache Determined Expiry

A cache's ability to determine if a cached response is still valid using information like the Expires header or max-age directives.

Server Determined Expiry

When a server sets an expiration date or lifetime for a cached response. This is often done using the Expires header, Cache-Control directive (max-age), or a past date as expiry date for no caching.

Edge caching

The process of storing copies of resources (like website content) closer to users, reducing network traffic and server load.

What are CDNs?

Content Delivery Networks (CDNs) are collections of geographically distributed servers used for edge caching.

Benefit of edge caching: Cost reduction

Edge caching helps reduce network bandwidth usage, leading to lower costs for both content providers and users.

Benefit of edge caching: Faster load times

Edge caching decreases the time it takes for users to access content, improving their overall experience.

Benefit of edge caching: Reduced server load

Edge caching takes the load off the origin server, which reduces infrastructure costs for content providers and allows for faster serving of non-cached resources.

Challenge of edge caching: Cache invalidation

When a resource on the origin server is updated, the cached copy becomes outdated. This issue is known as cache invalidation.

Cache consistency

Ensuring that cached copies of resources remain in sync with the original ones on the origin server.

How HTTP handles cache consistency

HTTP cache consistency relies on timestamps for expiry and validity checking to ensure that cached content remains up-to-date.

Semantic Transparency in HTTP

The principle that using a cache (or any proxy server) should not affect the client or the origin server.

Expiry model for cache correctness

Each response in HTTP caching has a life-time, and responses are considered 'fresh' until that time is exceeded.

Study Notes

Web Engineering (WBCS008-05) Set 2: Foundations of the Web

• The World Wide Web is an information system to retrieve resources.
• Resources are identified by Uniform Resource Locators (URLs).
• Resources are connected to each other by (hyper)links.
• Resources are accessible over the Internet.
• Resources are mainly hypertext but also include any type of (hyper)media.

Outline

• Internet in a nutshell
• URIs
• HTTP
  • Basics
  • Caching
  • Authentication
  • Content delivery
• Web Technologies
• Software Architecture on the Web
• Foundations of the Web

What is the Web?

• The World Wide Web is an information system for retrieving resources.
• Resources are identified by Uniform Resource Locators (URLs).
• Resources are connected to each other by (hyper)links.
• The Web is accessible over the Internet.
• Resources include any type of (hyper) media but mainly hypertext.

The Internet

• The Internet is a collection of heterogeneous networks, not a single network.
• It evolved organically from predecessors, including ARPANET in the late 60s/70s and CSNET/NSFNET in the early 80s.
• The Internet has continued to evolve since the late 80s.

Global IP Traffic by Application Type (2017-2022)

• By 2022, video accounted for 82% of global IP traffic.
• Video had a 26% Compound Annual Growth Rate (CAGR) from 2017-2022.

The TCP/IP Model

• Layer: Application, Transport, Internet, Link
• Role: Contains all high-level protocols, allows sources and targets to converse, allows hosts to inject packets, interface between hosts and transmission links.
• Protocols: HTTP, SMTP, DNS, TCP, UDP, IP, ICMP, DSL, SONET, 802.11, Ethernet

Internet Architecture in a Nutshell

• Internet Service Providers (ISPs) provide connectivity.
• User-perceived bandwidth is limited by the "last mile" of the network (analog or digital).
• Points of Presence (POPs) are locations where customer packets enter the ISP network.
• ISPs peer at Internet eXchange Points (IXPs).

URIs

• Defined as references that identify abstract or physical resources.
• URIs have the form <scheme>:<authority><path>[?<query>].
• A URI can be a URL (locator), a URN (name), or both.

URI Schemes

• URL: A subset of URIs; identifies resources by their primary access mechanism (e.g., network location).
• URN: A subset of URIs; uniquely identifies a resource independent of its storage location.

HTTP in a nutshell

• HTTP is a simple request/response protocol.
• It relies on TCP (default port: 80).
• HTTP messages consist of a header and a body.
• HTTP is reliable and connection oriented.
• No state is maintained between request / response pairs.
• Connections can persist.
• Three major versions: 1.0, 1.1, 2

Roles in HTTP

• Client (or User Agent): Submits a request.
• Server: Processes a request and returns a response.
• Origin Server: Where a resource resides.
• Proxy: Acts on behalf of an origin server. May rewrite or forward requests.
• Gateway: Acts as an intermediary for another server.
• Tunnel: Acts as a blind relay between two connections (e.g., through a firewall).

HTTP Connection Management

• HTTP/1.0: One transaction per connection.
• HTTP/1.1: Multiple transactions over a persistent connection with pipelined processing.
• HTTP/2: Multiplexed requests over the same connection (highly different transport model).

Content Negotiation

• Resources are available in multiple representations (variants).
• Specific representation is chosen by negotiation mechanism.

Types of Content Negotiation

• Server-driven: Client provides headers and server delivers "best effort" response.
• Client-agent-driven: Server provides a list of variants and client chooses the best.
• Transparent: No standard support in HTTP

HTTP Messages & Methods

• HTTP messages have a structure consisting of request-line, headers, and a message body.
• Various methods for interaction, such as GET, POST, PUT, DELETE, HEAD, OPTIONS, TRACE, CONNECT.
• Specific headers provide detailed information about the request or response.

HTTP Request Messages

• request = request-line (general-header | request-header | entity-header) CRLF message-body?*
• request-line = method SP requestURI SP HTTP-Version CRLF

HTTP Request Message (cont.)

• Method specifies action e.g. 'GET', 'POST', 'PUT', 'DELETE'
• Header provides further details about the request (e.g., 'Accept', 'Host', 'If-Modified-Since', 'User-Agent')

Sample Request Headers

• Host
• If-Match
• If-Modified-Since
• User-Agent

Request URIs

• Request applies to particular resource or to server itself.
• Use absoluteURI if request is made to a proxy.
• Use abs-path if request is to origin server.
• Use authority if used by CONNECT method for tunneling.

Request Methods (supportive)

• CONNECT, HEAD, OPTIONS and TRACE.

• CONNECT: used for tunneling

• HEAD: no body but header to validate caching

• OPTIONS: to get properties of a server

• TRACE: to see response headers

Request Methods (main)

• DELETE, GET, POST, PUT, PATCH

Request Properties

• Safe Requests: Non-state-altering (e.g., GET, HEAD, OPTIONS, TRACE)
• Idempotent Requests: Side-effects of multiple identical requests remain the same (e.g., GET, HEAD, OPTIONS, PUT, DELETE when implemented correctly). POST, PATCH are not idempotent

PUT vs POST

• PUT: Semantic relation different to POST
• POST: URI in POST points to service handling entity.
• PUT: URI in PUT points to the entity itself.
• GET vs POST: GET typically used for safe interactions, possibly longer URIs in POST.

HTTP Response Messages

• response = status-line (general-header | response-header | entity-header) CRLF message-body**
• status-line = HTTP-version SP status-code SP reason-phrase CRLF

Sample Response Headers

• Age
• Server
• Accept-Ranges
• Retry-After
• WWW-Authenticate

Status Codes Categories

• 1xx: Informational
• 2xx: Success
• 3xx: Redirection
• 4xx: Client Error
• 5xx: Server Error

HTTP Caching

• Cache is storage for temporary response messages.
• Improves response time by providing copies for repeat requests.
• Client-cache (browser), separate caches on proxies
• Topology: client, server, and separate caches on proxies

Web Proxies and Caching Pipelines

• Forward proxy: External facing proxy; acts as a stand-in for origin servers (N:1 proxy to server relation).
• Reverse proxy: Internal facing proxy; usual single entry point to origin servers with load balancing and security (1:N server to proxy relation).

CDN use in practice

• Using CDN involves a server that stores copies of resources and delivers them to clients.

CDN Benefits

• Reduced latency (less hops).
• Scalability to demand.
• Increased reliability.
• Separation from data transfer.
• Security against DDoS attacks.

Source Material

• Andrew Tanenbaum and David Wetherall, Computer Networks, 5th edition
• Mozilla Developer Network

Self-evaluation Questions

• Acronyms (ISP, POP, IXP) purpose
• Definitions and relations between URI, URL, URN
• Proxy, gateway, and tunnel differences
• Conditions for safe/idempotent HTTP requests
• PUT vs POST Differences
• Proxy types and functions
• Benefits of caching
• Semantic transparency in HTTP
• How server stops proxy/client from caching response
• Cache freshness, no Expires header
• Basic Authentication
• How CDNs work and benefits

Next Lecture: REST

Appendix: A Short History of the Internet

• ARPANET (distributed switching system for US DoD)
• ARPANET successors (CSNET/NSFNET, ANSNET)
• TCP/IP model (invented and adopted to deal with internetwork communication)

Description

Test your knowledge on web engineering concepts and HTTP methods with this quiz. Explore the definitions of safe HTTP methods, idempotent requests, and the structure of HTTP response messages. Additionally, learn about the roles of different layers in the TCP/IP model and the characteristics of Internet Service Providers.