1
00:00:00,330 --> 00:00:02,460
Hypertext transfer protocol.

2
00:00:02,490 --> 00:00:05,430
Http is an application protocol.

3
00:00:05,790 --> 00:00:12,270
Hypertext is basically structured text that uses logical links between nodes containing text.

4
00:00:12,940 --> 00:00:18,130
And Http is the protocol to exchange or transfer hypertext.

5
00:00:18,940 --> 00:00:22,960
So Http is a stateless protocol.

6
00:00:23,350 --> 00:00:27,820
That means no information is retained by either sender or receiver.

7
00:00:27,850 --> 00:00:33,370
It functions as a request response protocol in the client server computing model.

8
00:00:34,300 --> 00:00:40,120
A web browser, for example, may be the client and an application running on a computer that's hosting

9
00:00:40,120 --> 00:00:41,950
a website may be the server.

10
00:00:42,940 --> 00:00:47,230
The client submits an Http request message to the server.

11
00:00:47,930 --> 00:00:53,990
The server which provides resources such as HTML files and other content.

12
00:00:54,290 --> 00:00:56,270
Returns a message to the client.

13
00:00:57,140 --> 00:01:03,440
The response contains completion status information about the request and may also contain requested

14
00:01:03,440 --> 00:01:05,480
content in its message body.

15
00:01:06,090 --> 00:01:11,040
So the most used Http request is get.

16
00:01:11,870 --> 00:01:15,950
A get request is designed to request server resources.

17
00:01:16,620 --> 00:01:22,320
With this type of request, the parameters are sent to the server inside the URL.

18
00:01:23,850 --> 00:01:29,550
A post request is designed to request server resources as well as a get request.

19
00:01:29,880 --> 00:01:37,200
Unlike a get request, parameters are sent to the server inside the body of the request instead of the

20
00:01:37,200 --> 00:01:37,710
URL.

21
00:01:38,770 --> 00:01:44,380
Well, you know, it's still possible to send the parameters inside the URL, but if you use a post

22
00:01:44,380 --> 00:01:50,530
request, it's better to send parameters inside the body then inside the URL.

23
00:01:51,360 --> 00:01:55,770
So what's the advantage of sending parameters inside the body instead of the URL?

24
00:01:56,810 --> 00:02:02,360
Almost always the traffic between the server and the client is logged on the server side.

25
00:02:02,960 --> 00:02:05,990
Such log files usually contain the URL.

26
00:02:06,710 --> 00:02:12,710
If you send the parameters in the URL, they are saved as clear text in your log files.

27
00:02:12,710 --> 00:02:19,010
So anyone who can see the log files can also see your sensitive parameters.

28
00:02:19,280 --> 00:02:22,520
You should use post request to send sensitive data.

29
00:02:23,820 --> 00:02:30,270
But please note that it's not enough for the privacy of the traffic because any man in the middle who

30
00:02:30,270 --> 00:02:36,540
listens to the network will see the parameters even though they are inside the body of the request message.

31
00:02:36,810 --> 00:02:41,520
So you should encrypt your traffic always.

32
00:02:42,870 --> 00:02:49,200
Now the server which provides resources such as HTML files and other content, returns a response message

33
00:02:49,200 --> 00:02:49,980
to the client.

34
00:02:50,960 --> 00:02:57,350
The response contains completion status information about the request and may also contain requested

35
00:02:57,350 --> 00:02:59,240
content in its message body.

36
00:03:00,030 --> 00:03:06,180
So every response has a three digit response status code such as 200.

37
00:03:06,180 --> 00:03:06,690
Okay.

38
00:03:06,720 --> 00:03:08,220
302 found.

39
00:03:08,220 --> 00:03:09,030
ET cetera.