From an engineering point of view, networks typically consider the OSI model or the TCP/IP model to define and organize their operation. These models, in turn, contemplate different layers, such as the network layer, the transport layer, and the application layer.
Each network layer has particular protocols that implement a myriad of functionalities. Examples are the IP at the network layer, TCP and UDP at the transport layer, and HTTP at the application layer.
These protocols evolve, thus being updated and extended over time. So, it is natural that network protocols have multiple versions.
In this context, this tutorial holistically explores the HTTP application protocol. First, we’ll have a brief review of application protocols. Thus, we’ll study the general purposes of HTTP. Finally, we’ll see the main differences among the HTTP versions and compare them in a systematic summary.
2. Application Layer Protocols
Application layer protocols refer to an abstract network layer providing end-to-end communication between different computational applications. It is the 7th layer of the OSI model and the 4th layer of the TCP/IP model.
In practice, the application layer is the closest layer to the user. So, it is in the application layer that, for example, clients of e-mail, streams, and browsers operate.
Furthermore, there are three principals architectures employed to build application-layer systems:
- Client-Server: the main characteristic of the client-server architecture is to have multiple clients requesting and receiving services from a centralized server
- Peer-to-Peer: the peer-to-peer architecture considers a collection of independent computers connected in the network that collaborate to execute an operation
- Hybrid: an architecture that employs both servers and peers to execute operations
Naturally, the application layer uses the functionalities of the lower layers. For example, application protocols assume that other layers tackle the communication with the correct destination computer connected in the network.
Finally, some examples of popular application layer protocols are HTTP, FTP, TELNET, POP, DNS, and SMTP.
3. The Hypertext Transfer Protocol
HTTP is an application protocol (layer 7 OSI and layer 4 TCP/IP) employed to create distributed hypermedia systems. Since it operates on the application layer, it is agnostic of several networking aspects, such as addressing and transmission.
Historically, HTTP emerged as a simple protocol to enable communication between clients and servers over the Internet. From its release, HTTP became one of the most relevant protocols to exchange information on the World Wide Web.
In this way, HTTP has been used on the Internet since the ’90s. The first release of HTTP (0.9) was much limited. This version only enabled clients to request information from a server using a single operation: GET.
The first HTTP release only supported transmitting ASCII data. However, in the following releases, this support expanded to other data types.
HTTP relies on TCP/IP to work. It means that HTTP is a connection-based protocol. In such a way, we can understand an HTTP session as a sequence of message exchanges between a server connected to a client.
In the following subsections, we’ll explore each released version of HTTP, from 1.0 to 3.0, focusing on their particular characteristics and novelty compared to the previously released version.
3.1. HTTP Version 1.0
As previously presented, the first version of HTTP only allowed getting information from a server. However, it became insufficient as the Internet evolved and new functionalities arose.
In this context, version 1.0 of HTTP was released in 1996, about five years after version 0.9.
Version 1.0 of HTTP brings several new utilities. Let’s see some of them:
- Header: only the method and the resource name composed an HTTP 0.9 request. HTTP 1.0, in turn, introduced the HTTP header, thus allowing the transmission of metadata that made the protocol flexible and extensible
- Versioning: the HTTP requests explicitly informs the employed version, appending it in the request line
- Status code: HTTP responses now contain a status code, thus enabling the receiver to check the request processing status (successful or failed)
- Content-type: thanks to the HTTP header, in specific to the Content-Type field, HTTP can transmit other documents types than a plain HTML file
- New methods: besides GET, HTTP 1.0 provides two new methods (POST and HEAD)
In summary, HTTP 1.0 got much more robust than the 0.9 version. The most responsible for the protocol improvements are the HTTP header and the new HTTP methods.
So, the HTTP header enabled clients to send and receive different file types and exchange relevant metadata. The new methods, in turn, enabled the clients to both recover only the metadata about a document (HEAD) and transfer data from the client to the server (POST).
3.2. HTTP Version 1.1
Version 1.1 of HTTP was released in 1997, only one year after the previous version 1.0. HTTP 1.1 is an enhancement of HTTP 1.0, providing several extensions.
Among the most relevant enhancements, we can cite the following:
- Host header: HTTP 1.0 does not officially require the host header. HTTP 1.1 requires it by the specification. The host header is specially important to route messages through proxy servers, allowing to distinguish domains that point to the same IP
- Persistent connections: in HTTP 1.0, each request/response pair requires opening a new connection. In HTTP 1.1, it is possible to execute several requests using a single connection
- Continue status: to avoid servers refusing unprocessable requests, now clients can first send only the request headers and check if they receive a continue status code (100)
- New methods: besides the already available methods of HTTP 1.0, the 1.1 version added six extra methods: PUT, PATCH, DELETE, CONNECT, TRACE, and OPTIONS
In addition to the highlighted enhancements, there are many others introduced in version 1.1 of HTTP, such as compression and decompression, multi-language support, and byte-range transfers.
Specifically, the new methods represented a real improvement in using HTTP. The PUT methods got in charge of replacing already existing resources. The PATCH method updates particular data of an already existing resource. On the other hand, DELETE removes an already existing resource.
The HTTP CONNECT can create a tunnel through a proxy server. TRACE executes a loopback test in the path from a client to the destination server. Finally, OPTIONS returns information about the available communications options with the server.
3.3. HTTP Version 2.0
HTTP version 2.0 was officially released in 2015, about eighteen years after the HTTP 1.1. Particularly, HTTP 2.0 focused on improving the protocol performance.
To do that, HTTP 2.0 implemented several features to improve connections and data exchange. Let’s see some of them:
- Request multiplexing: HTTP 1.1 is a sequential protocol. So, we can send a single request at a time. HTTP 2.0, in turn, allows to send requests and receive responses asynchronously. In this way, we can do multiple requests at the same time using a single connection
- Request prioritization: with HTTP 2.0, we can set a numeric prioritization in a batch of requests. Thus, we can be explicit in which order we expect the responses, such as getting a webpage CSS before its JS files
- Automatic compressing: in the previous version of HTTP (1.1), we must explicitly require the compression of requests and responses. HTTP 2.0, however, executes a GZip compression automatically
- Connection reset: a functionality that allows closing a connection between a server and a client for some reason, thus immediately opening a new one
- Server push: to avoid a server receiving lots of requests, HTTP 2.0 introduced a server push functionality. With that, the server tries to predict the resources that will be requested soon. So, the server proactively pushes these resources to the client cache
Furthermore, HTTP 2.0 became a binary protocol, replacing the previous HTTP plain text versions. In summary, we can see HTTP 2.0 as a patch of enhancements to solve the problems and limitations of the last HTTP versions.
3.4. HTTP Version 3.0
HTTP 3.0 is an Internet-Draft, different from the previous HTTP versions, which were/are Request For Comments (RFC) documents of the Internet Engineering Task Force (IETF). Its first draft was published in 2020.
The main difference between HTTP 2.0 and HTTP 3.0 is the employed transport layer protocol. In HTTP 2.0, we have TCP connections with or not TLS (HTTPS and HTTP). HTTP 3.0, in turn, is designed over QUIC (Quick UDP Internet Connections).
QUIC, in short, is a transport layer protocol with native multiplexing and built-in encryption. QUIC provides a quick handshake process, besides being able to mitigate latency problems in lossy and slow connections.
In addition to the potential benefits inherited from QUIC, another relevant characteristic of HTTP 3.0 is that it always creates encrypted connections. So, it is similar to always employing HTTPS in current HTTP 2.0.
4. Systematic Summary
Currently, HTTP is a really relevant protocol, supporting multiple systems executing on the Internet. First released in 1991, this protocol had several updates, going through several versions.
From the first release (version 0.9) to the release of HTTP 2.0, we had multiple enhancements on the functionalities of HTTP, besides extensions in the protocol to add new methods and features.
Examples of such enhancements and novelties were the protocol header (1.0), status codes (1.0), persistent connections (1.1), request multiplexing (2.0), and server push (2.0).
Besides the new features previously cited, we also had the introduction of new methods in addition to the standard GET: POST (1.0), HEAD (1.0), PUT (1.1), PATCH (1.1), DELETE (1.1), CONNECT (1.1), TRACE (1.1), and OPTIONS (1.1).
In HTTP 3.0, however, the main novelty here is not a particular new feature. Actually, HTTP 3.0 replaces the transport layer protocol employed by HTTP from its first version, TCP, with a new one: QUIC.
By replacing TCP with QUIC, the HTTP developers expect, among other improvements, to achieve native and standard encryption (there are no more HTTP and HTTPS, every HTTP communication is encrypted) and fast establishment of connections.
The image next summarizes the evolution of HTTP from its first release (version 0.9) to its last proposal (version 3.0):
In this tutorial, we learned about HTTP. In special, we focused on exploring the HTTP protocol evolution through its different versions. Initially, we studied broad definitions of application layer protocols. So, we investigated HTTP, understanding its features in each available version. Finally, we reviewed all the presented concepts in a systematic summary.
From a simple plain text protocol enabling web browsing in its first versions, HTTP became a powerful binary protocol that supports several different systems nowadays. So, we can conclude that HTTP plays a crucial role on the current World Wide Web.