HTTP, HTTPS, Short Polling, Long Polling, Web Sockets, SSE

HTTP Versions

• HTTP/0.9 (1991): Simple, supports only GET method; plain text responses with no status codes.
• HTTP/1.0 (1996): Adds support for multiple content types, headers, and status codes but limited in performance.
• HTTP/1.1 (1999):
• Persistent Connections: Multiple requests over a single connection.
• Chunked Transfer, Caching, Range Requests: Efficient data handling.
• Content Negotiation & Host Header: Supports multiple sites on the same IP.
• HTTP/2 (2015):
• Multiplexing: Interleaves multiple requests and responses over a single connection.
• Header Compression: Reduces header size with binary framing.
• HTTP/3 (2020): Built on QUIC (Quick UDP Internet Connections) developed by Google; faster, reduced latency with improved congestion control.

HTTP Methods

GET: Retrieves data; no side effects on the server. - Idempotent

POST: Submits data to create new resources or process form data. - Not Idempotent PUT: Updates an existing resource; idempotent. - Idempotent

DELETE: Removes a specified resource. - Idempotent

Other Methods: PATCH, HEAD, OPTIONS, TRACE, CONNECT.

HTTPS - Secure HTTP

Encryption: Ensures confidentiality and integrity using SSL/TLS protocols.

Process:

1. Client Hello: Sends supported SSL/TLS versions and cipher suites.
2. Server Hello: Server selects TLS version, cipher suite, and sends its certificate.
3. Certificate Validation: Client verifies the server's certificate.
4. Key Exchange: Both client and server exchange keys to establish a secure session.
5. Session Key Generation: Both parties generate session keys.
6. Change Cipher Spec: Both switch to encrypted communication.

Encryption Types

Symmetric Encryption (e.g., AES, DES):

• Fast but requires secure key sharing.
• Uses the same key for encryption and decryption.

Asymmetric Encryption (e.g., RSA, ECC):

• Public Key: Used for encryption, widely distributed.
• Private Key: Kept secret, used for decryption.
• Uses: Secure key exchange, digital signatures; slower but secure.

RealTime Communication and Data Exchange

Short Polling

• Client sends HTTP GET requests to the server at regular intervals.
• Server responds immediately with data or an empty response if no new data is available.

Example code:

FUNCTION FetchData:
		MAKE HTTP GET request to server
		IF response status is 200:
				PROCESS response data
		ELSE:
				HANDLE error

FUNCTION InitiateShortPolling:
		LOOP forever:
				CALL FetchData
				WAIT for a fixed time interval (e.g., 5 seconds)

Drawbacks:

• Inefficient resource use.
• Frequent and unnecessary requests.
• High latency and increased server load.
• Generates high network traffic.
• Not truly realtime; depends on polling intervals.

Long Polling

• Reduces latency and server load by keeping the request open until new data is available or a timeout occurs.
• Server waits for new data and sends it when available and Client immediately sends a new request to maintain the connection.

Example code:

FUNCTION FetchData:
		MAKE HTTP GET request to server
		IF response status is 200:
			PROCESS response data
			CALL FetchData // Immediately initiate the next request
		ELSE IF response status indicates no new data:
				CALL FetchData // Retry after receiving no new data
		ELSE:
				HANDLE error

FUNCTION InitiateLongPolling:
		CALL FetchData

CALL InitiateLongPolling

Advantages:

• Near realtime communication.
• Reduces unnecessary traffic compared to short polling.

Limitations:

• Still requires clientinitiated requests.
• Higher serverside memory use for open connections.

WebSockets

Enables fullduplex, bidirectional communication over a persistent TCP connection.

Process:

1. Handshake: Client sends an HTTP request to upgrade the connection to WebSocket. Headers: Upgrade: websocket Connection: upgrade
2. Server Response: Server replies with HTTP 101 (Switching Protocols) and establishes the WebSocket connection.
3. Data Transmission: Data sent as frames (header + payload), supporting text or binary formats.
4. Heartbeat/KeepAlive: Keeps the connection alive and prevents closure due to inactivity.
5. Connection Closure: Either party can initiate closure by sending a "close" frame.

Advantages:

• Persistent connection minimizes latency.
• Reduces network traffic by eliminating frequent reconnections.
• Scalable and efficient for realtime use cases like chat apps, collaborative tools, and dashboards.

ServerSent Events (SSE)

A unidirectional protocol where the server pushes continuous event streams to the client over a single HTTP connection.

Process:

1. Connection Establishment: Client initiates an HTTP GET request with the header: Accept: text/eventstream
2. Event Stream: Server sends data in a predefined SSE format.
3. Data Streaming: Server continuously pushes events to the client as new data becomes available.
4. Client Handling: Client listens for specific event types and processes received data.
5. Connection Termination: Either the client or server can close the connection.

Advantages:

• Lightweight and efficient for servertoclient updates.
• Ideal for realtime notifications and updates (e.g., stock prices, live scores).

Limitations:

• Unidirectional (servertoclient only).
• Requires reliable serverclient connectivity.