If a user requests a HTML web page that consists of some text and three images. For this page, will the client send one HTTP request message and receive four HTTP response messages from the server? or will client have to send separate HTTP request message for each of the three images?
The client requests one resource at a time. It first gets the HTML response. It then parses that response and finds references to images in there. It then goes to fetch those images in separate requests; or perhaps gets them from a local cache if it already has them.
Note that in HTTP/2, the server can proactively send the images together with the initial HTML response if it anticipates that the client will ask for them anyway. That shortens the roundtrip time considerably, but also means the client will receive a large response whether it has already cached the images or not.
The client sends the connection request, and then when the server accepts the request, the server sends the web page to the client in small packages, when the client receives the response from the server the web page is displayed.
I hope this resolves the doubt.
Related
Given the following situation:
Server receives API request from client A.
Server starts processing API request
Server receives API request from client B.
(What happens here?)
What happens in step 4?
My understanding is that, since the server is busy processing the first request, it won't even respond to the second request. To expand: I am picturing the application idle waiting for a request, but when it receives the first request (from client A), the application starts processing it and therefore is unable to even receive the second request.
I am assuming this is incorrect, but if someone can provide a detailed explanation of what happens in this situation, that would be very enlightening.
I sniffed the network traffic coming out of an app that displays real time data. I am trying to get access to the api to display the same real time data on a website that I am working on currently. I was able to view the get request and the response using fiddler and I then sent a get request directly using the url. However, my get request was blocked by CORs policy. I'm a beginner and would like to know how to access the API.
If the server that's hosting the API doesn't supply COR headers that explicitly allow this, you're not going to be able to make these requests via your browser. I'd recommend making the requests on your server instead of in the browser, because that's not bound by CORs settings.
There is a website and I want to access their backend api. I found a request which gives me json response, but when I change some parameters in the url, response is not changing, it's the same. I am not sure about the other parameters, but this one parameter that I want to use should change the response, but it's not.
Furthermore, when I monitor network tab in developer tools in chrome, and I send the request for the whole website, request that I want to use is listed and the response has the data I want, but when I copy that URL and send the request myself (isolated from the website) I am getting different response.
I've tried with two different locations over VPN and clearing chrome cache and it didn't work. Is there a way for this request to give the same response when caught while whole website is loading and when triggered manually?
I solved this problem by setting the appropriate request header. There was a request header that changed the api response.
Most JWT tutorials I've seen say that you can attach it to the headers with AJAX. How do you attach the token on the initial page load?
For example, if a user goes to the base URL '/' and they don't have a token then show them the page. If they do have a token, redirect them to their profile page.
Edit:
I'm returning the generated token with a jquery ajax success function then redirecting the user. When the user gets to the home page ('/'), I'd like the access token to be sent via http headers to my server. Then the server can handle the request. However, anytime the user returns (if they close the browser and go to "mywebsite.com" or any other page), I'd like the server to be able to access the token. Are http headers the best way to do this?
success: function(token){
localStorage.setItem("token", token);
window.location.href('/');
}
If my application was a Single Page App (SPA), I could just use ajax all of the time, but it's not.
You cannot achieve what you want with HTTP headers. HTTP headers are something which are sent when a request is made to the server. In your case, you want to remember something about the client even if they close their website and come back later. The easiest to do that is through cookies.
Basically generate the JWT token for the client and send it to the client as a cookie. This logic will be written on the server side and there are many libraries available to do this depending on the technology you have chosen for server side. Then everytime the client makes a request to your server, browsers make sure that the stored cookies are sent.
I was thinking that I needed more secure ways to transfer data between my app and my server on Heroku. I'm worried about MITM attacks. Then I noticed that the web server uses an https address. Does this mean that the JSON I'm sending to the server is automatically encrypted? What about when the server sends JSON back to the client?
If the link the JSON request goes to starts with https then yes. JSON is just content sent over http/https and responses are sent over the same method as the query.
However, if you are on a webpage and there is an ajax call made in the background, then maybe not.
In all cases, it depends on where the http get request goes to: if it starts with https then you are fine.
It sounds like your saying the request for json data is made over https, in wich case you are fine.