HTTP 1.1 — HTTP Protocol

The HTTP 1.1 protocol extends the capabilities of the previous version and adds virtual hosts. Now we'll see what we need it for and how it works.

The previous version requires only the request line. There we describe which path on the site we want to look at. But there's no mention of the site as such. We connect via telnet to a specific IP address. From this, we can conclude that the domain name is not important when we use HTTP 1.0.

Indeed, this version was created when everyone believed that one IP would correspond to one site. Naturally, this could not last long, because the internet grew rapidly.

So HTTP 1.1 introduced virtual hosts. Just one minor detail appeared in implementation in the HTTP protocol. In addition to the request line, a header called host became mandatory.

It determines which domain should be returned from this IP address:

HEAD / HTTP/1.1
host: hexlet.io

Sometimes there are some default elements in the behavior of HTTP and servers, which can, among other things, correct user errors.

You can make an HTTP 1.1 request without specifying a host and get something in response. Ideally, such a request should not pass at all, but often web servers give the site given in the default settings.

For example, Nginx has a default site. But this isn't really how requests should be made. It doesn't comply with the standard. You must always specify the host, otherwise, there'll be no guaranteed response. It might be one response today and a different response tomorrow. Some libraries may not work like this at all.

Virtual hosts are an integral attribute of HTTP 1.1, so they cannot be ignored.

Now we can make a GET request using version 1.1. Let's see what it will return to us:

telnet google.com 80

GET / HTTP/1.1
host: google.com

HTTP/1.1 301 Moved Permanently
Location: http://www.google.com/
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Feb 2020 06:06:40 GMT
Expires: Sun, 29 Mar 2020 06:06:40 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 219
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>

As we already know, there are many different codes. As a result, we received an answer that was different from 200.

There's another interesting thing introduced in HTTP 1.1. After executing the request, we didn't come out of telnet and ended up in bash. It means the connection hasn't been closed, and we can continue to enter data.

Let's make a HEAD request for the same domain:

HEAD / HTTP/1.1
host: google.com

HTTP/1.1 301 Moved Permanently
Location: http://www.google.com/
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Feb 2020 06:11:31 GMT
Expires: Sun, 29 Mar 2020 06:11:31 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 219
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

We got a response again, but without the body. It happened because we used the HEAD, not the GET request.

HTTP 1.1 introduces another default concept called keep-alive. It means that we have an open TCP connection over that HTTP is running through. Moreover, by default, all web servers should behave this way.

The purposes of introducing this feature are:

• To reduce resource usage and CPU load
• To open fewer TCP connections because establishing each TCP connection takes some time
• To reduce latency

When we open a website, several resources are usually loaded from one domain. Here keep-alive allows you to open and use a single connection that won't be closed until explicitly specified, or if there's a timeout. The timeout depends on the browser and web server.

We can also state that we want to close the connection. To do so, you should pass another header after establishing a connection and passing standard headers. It's called connection: close.

Then keep-alive will be disabled, and after receiving a response, we'll see a message saying that the host has closed the connection: Connection closed by foreign host.

Recommended materials

1. HTTP 1.1 Standard
2. Wikipedia / HTTP persistent connection