Interview questions can be easy to answer if you are prepared enough to answer the follow-up questions. It becomes very much important to make a set of questions related to the respective topic so that you can answer any question that comes your way. As we are discussing HTTP Interview Questions, the first question we come across is what HTTP is and how we answer it.
HTTP Interview Questions
- What is HTTP?
HTTP stands for hypertext transfer protocol that is majorly applicable and responsible for handling the request and responses over the internet. These requests and responses are done between the web server and web browser. HTTP comes under application layer protocol which is the top layer over TCP. It helps in transferring data between two endpoints like client and server. It supports the content which is in formats like HTML, CSS, JSON, etc.
- Features of HTTP?
HTTP basic features are:
- It is connectionless: The connectionless approach is that where the browser sends the request and the client disconnects to the server. After disconnecting, the client awaits a response.
- It is media independent: This approach specifies that any kind of content related to media can be sent if it is supported by the server and the client (the data content).
- It is stateless: Since it is connectionless it makes it stateless too. Client and server are aware of each other during the current state only and then after they forget the information regarding each other.
Architecture of HTTP
For easy understanding, here is the architecture of HTTP which depicts where it stands:
In the above figure, HTTP is the bridge between client and server.
- What are HTTP request methods?
Get and post methods are the most common request methods of HTTP. Other than getting and posting, Head, Put, Delete, Connect, Trace, Patch and Options are other request methods.
- Get request: This method is for requesting or retrieving the data from a specific source. It can only be used to get data, not to mutate it.
- Head request: It is identical to the Get method but the only difference is, it returns only the (header) of getting data.
- Post request: It asks the server to accept the info attached to the body. It is a kind of getting method with extra information sent with the request.
- Put request: This method is for updating and replacing the existing data or creating a new one.
- Delete request: This method is for deleting the resource from the requested URL.
- Connect request: This method is for connecting the server with the requested URL.
- Trace request: This method is for requesting loopbacks of the requested message. This is for testing and troubleshooting.
- Patch request: This request method is for partial changes in the existing resource.
- Options request This method requests for the list of HTTP methods to which the requested Uri can respond.
- Status code in HTTP and what are they?
When the client requests to the server for something then it returns status codes like 200(if everything is ok) else 404(page not found) or it can be other status codes too.
HTTP’s status code can be divided into five categories:
- Information based response: If the request is received and continued for processing then the response code can be in the form of 1xx like:
- 103(early hints)
- Successful based response: If the request is successful then the response code will be in the form of 2xx like:
- Redirection based response: What are the actions that have to be taken to meet the request and the response code will be in the form of 3xx like:
- 300(multiple choices)
- 301(moved permanently)
- Client error based response: If the request has bad syntax then the response code will be in the form of 4xx like:
- 400(bad request)
- 402(payment required)
- 404(not found)
- Server error based response: If the server is not able to fulfill the request then the response code will be in the form of 5xx like:
- 500(internal error)
- 501(not implemented)
- 502(bad gateway)
- 503(service unavailable)
- 504(gateway timeout)
- What do you mean by HTTP response?
When a browser sends requests to the server, then the server responds to the client, and that response is called HTTP response. The response that the client gets, offers different resources of the request, and later it also notifies that request has been completed or not.
HTTP’s response can have the following data:
- Status of the response i.e., a status line
- Header fields of the response
- The message body of a response.
- What is HTTPS?
HTTPS is hypertext transfer protocol secure. This is also an HTTP version but an extended one. It tells the browser to provide encryption to the TLS(transfer layer security) to secure the traffic while transferring the data. This is how it makes the connection secure.
- The difference between HTTP and HTTPS?
The differences between HTTP and HTTPS are:
- HTTPS provides encryption and it uses TLS but HTTP does not.
- HTTPS is more secure than HTTP as it provides encryption.
- HTTP based websites use HTTP as http:// but in case of HttpS it uses HTTPS as https://.
- What are 400 errors?
400 is an error which is a status code of HTTP. It implies that the request of the client can’t be satisfied because of some error on the client-side.
- There are messages which follow 400 errors: ‘bad request’, ‘not found’, ‘unauthorized’.
- If a client makes a request which can’t be accessed then the client gets a 400 error.
- These error messages are not common, which is why it makes it easy to catch someone off guard.
- The other reason for this error message can be a syntactical error or semantic error from the client side.
- What is a 500 error?
This error occurs when a website experiences server overloading.
- This status code is seen when too many requests of the same kind at the same time create traffic at the server-side.
- This status code can also be seen when there is any hardware failure.
- When the server runs out of storage then also this message can be seen.
- This specifies internal server errors too.
- What are HTTP content negotiations?
There are generally three kinds of HTTP content negotiations:
- Server-driven negotiation: In this negotiation process, the server chooses the best responses using the algorithm server-side. The decision-making becomes easy based on messages on the header field of the request.
- Agent-driven negotiation: In this negotiation, the agent optimizes the response after getting the response from a server.
- Transparent negotiation: Server-driven and agent-driven negotiation combine for transparent negotiation.
- What are the Header fields and their types in HTTP?
The header field is the medium between the client and server to exchange information of request and response. Header fields are of four types:
- General header: This includes messages of request and response both and applicable to both.
- Client request header: This header is only applicable to the request messages.
- Server response header: This header is only applicable to response messages.
- Entity header: Information of the entity-body is contained in this header.
- How does HTTPS authenticate web servers?
To verify the person or machine is called authentication.
- There is no identity verification in HTTP. It’s completely based on trust. It works based on priorities, not on security. On the modern internet, authentication becomes essential.
- So here comes the use of HTTPS. As id confirms the identity of a person, there is a private key to confirm the identity of the server. When a client tries to navigate to any website then the private key should match to the public key on the website’s SSL certificate which ensures the host of the website.
- This helps in blocking the attacks such as DNS Hijacking, On path attacks, etc.
- What do you mean by the Idempotent method?
When the same request is asked so many times but there is no change in results then this is called the idempotent method. Put and Delete methods come under idempotent only.
- What do you mean by safe methods?
When the state of a server does not change by any HTTP method they are considered as safe. In that case, only read operations are done. So Head, Get, Options, and Trace are called safe methods as they don’t mutate the message.
- What do you mean by Uri?
Uri stands for uniform resource identifier.
- It is generally used to get the identification of some resources on the web or by web.
- Uris can be used to identify objects such as real persons and any place.
- There are other Uris that are used to retrieve the information and locate resources over a network.
- These locators are called URLs (uniform resource locators) as well.
The syntax of Uri contains five components
Uri = scheme:[//authority]path[?query][#fragment]