2. HTTP

2.1. Recap

  • DNS

  • /etc/hosts

2.2. Tooling

  • Web Inspector

  • curl

  • wget

2.3. HTTP Protocol

  • Stateless

  • Text protocol

  • HTTP and HTTPS

  • HTTP/1.1 vs. HTTP/2.0

  • URI vs URL

2.4. Status Code

2.6. q=... parameters

Accept-Language: en-US,en;q=0.9,pl;q=0.8

2.7. Request

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,pl;q=0.8
Cache-Control: max-age=0
Connection: keep-alive
Cookie: _ga=GA1.2.1711323714.1523218102; csrftoken=CwTmac4VUT7FcyFAEKkIXWCxQurIZVbU
DNT: 1
Host: python.astrotech.io
If-Modified-Since: Wed, 13 Jun 2018 00:15:11 GMT
If-None-Match: W/"5b20620f-60e2"
Referer: http://python.astrotech.io/django/django-apps.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36

2.8. Response

Connection: keep-alive
Date: Wed, 13 Jun 2018 07:21:58 GMT
ETag: "5b20620f-60e2"
Last-Modified: Wed, 13 Jun 2018 00:15:11 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Cname-TryFiles: True
X-Deity: web01
X-Served: Nginx

2.9. Sessions

  • Database

  • Cache

  • Files

  • Memory

2.10. Cookies

  • EU cookies regulation from 2009

2.11. HTTP Methods

2.12. GET vs POST

  • ?argument1=value&argument2=value

  • single argument

  • multiple arguments

  • arrays

  • files

  • multipart

  • security

2.13. POST vs. PUT

2.14. POST and CSRF

  • csrf_token

2.15. PATCH?!

2.16. OPTIONS and CORS

http_method_names = ['get', 'post', 'options']

def options(self, request, *args, **kwargs):
    response = HttpResponse(status=200)
    response['Access-Control-Allow-Origin'] = '*'
    response['Access-Control-Allow-Methods'] = ', '.join(http_method_names).upper()
    response['Access-Control-Allow-Headers'] = 'Content-Type'
    return response

2.17. HTML + JS + CSS