Crimson Security Group
we yearn security.....
How the web browser communicates with web server?
Web browsers like Internet Explorer, Firefox, Chrome and Safari
rank among the most popular network applications in the world. People
use them for basic information browsing but also for various other needs
including online shopping and casual gaming. Web servers supply content to Web browsers via Internet network connections. Web browsers and Web servers together function as a client-server system.
Web browsers and servers communicate via TCP/IP. HTTP is the standard application protocol on top of TCP/IP supporting Web browser requests and server responses. Hyper Text Transfer Protocol (HTTP) is a protocol used for transferring web pages.
Let us understand what is an OSI layer and TCP/IP layer, and what are the differences between them..
Reference: http://www.studytonight.com/computer-networks/reference-models
Now its good time to understand TCP/IP protocol suite, Means which protocols
are using in which layer.Communications between computers on a network is done through protocol
suits. The most widely used and most widely available protocol suite is
TCP/IP protocol suite.
Reference : http://www.thegeekstuff.com/2011/11/tcp-ip-fundamentals
Now let us understand what is socket and how client/server socket interaction
happens.
In the above diagram, server created a socket and waiting for incoming request(means listening state) then client connect to that socket by creating a client socket.Why i am explainng these concept is, we have to understand about socket creation.Let us consider on example...
http://www.example.com
Here, HTTP is protocol which uses port 80 and www.example.com nothing but domain which contains IP address.
Socket = IP address(www.example.com) + Port(HTTP/80)
Normally when we are accessing any domains it will create socket,we can check it by using commands, who are connected to our system
Now we need to understand what is DNS ?
Domain Name Servers (DNS) are the Internet's equivalent of a phone book.
Simple meaning of DNS is converting domains to IP address or IP address to domain.DNS is implemented using two software components: the DNS server and the
DNS client (or resolver). Both components are run as background service
applications.Network resources are identified by numeric IP addresses, but these IP
addresses are difficult for network users to remember. The DNS database
contains records that map user-friendly alphanumeric names for network
resources to the IP address used by those resources for communication.
How DNS works ?
Reference link : http://dyn.com/blog/dns-why-its-important-how-it-works/
Now we reach our destiny.....how web browser connect to web server...
Step 1 :
The user specifies what domain and port to connect to. Say that
the user want to visit www.example.com . He/she then types the URL
www.example.com in the browser . Then Browser
will in this case default to the HTTP protocol, and default to port 80.
If the user wanted to connect to another port, he or she had to write
the port number.
Step 2 :
The browser must now know what IP to connect to. This is not
special for the communication between the web client and web server. The
DNS name is just a name, which is translated into an IP. This is IP is
then used to connect to the server.
The browser will ask the local system for this IP. The system will then
find the IP in one or another way. It will first see if it is cached in
the local machine (for Windows it could also use the hosts file). If
it is not, it will ask the DNS server specified in the network settings
(probably your ISP's DNS server). If this DNS server does not have this
cached, it will ask the top level DNS server.
Step 3 :
The client connects to the server. This is done using the IP and
port only. The DNS name (www.example.com) is not in any way used to make
this connection. So far, there is only a connection, the server still
does not know what to do.
Step 4 :
GET /index.html HTTP/1.1
This requests ask for the file index.html. A request like this does not specify any host header. So if the web server is configured so that a host header is required, the web server does not know what to do with this request. The server should in this case reply with a "400 Bad Request". A valid request looks like:
GET /index.html HTTP/1.1
Host: www.example.com
Step 5 :
The server examines the request message, and takes action.Then web server will use the host header sent to see if there is something
matching that host header. If there is, it will serve index.html from
the home folder of that website.
It's time for demonstration....
I am using telnet (client or web browser) as requesting,server (www.example.com) as giving response..
Request through telnet protocol ....
-----------------------------------------------------------
telnet example.com 80 <ENTER>
GET /index.html HTTP/1.1 <ENTER>
------------------------------------------------------------------
In the above request, Telnet will find out the IP to connect to.We then ask for the file "index.html" using the HTTP protocol and version 1.1 of the protocol.
HTTP/1.1 200 OK
Content-Length: 55
Content-Type: text/html
Last-Modified: Sat, 07 Mar 2005 21:24:38 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 07 Mar 2004 21:39:43 GMT
In the above response, 200 OK it's an status code meaning of it is resource is available...
No comments:
Post a Comment