If you enter an Internet address in your web browser and shortly afterwards a website is displayed, your browser has communicated with the web server via HTTP. Figuratively speaking, HTTP is the language in which your web browser speaks to the web server to tell it what is requested. HTTP defines two types of messages for communication between clients and servers. These are either requests or responses. The requests made by the clients consist of ASCII text – starting with a method, optionally followed by further information (request headers). According to HTTP 1.1, servers must support at least the GET and HEAD methods. With GET, clients request the current display of a complete resource – for example, an HTML document. Meanwhile, HEAD only expects the status line and header. However, the available methods are not limited to simply calling up websites. Other methods of handling objects include POST, PUT, DELETE, TRACE, CONNECT, and OPTIONS. Servers expect incoming requests, process them, and finally respond with a response. A returned status code indicates how successfully the request was carried out. For example, the value 200 stands for OK, i.e. a successful operation.
HTTP and HTTPS: what is the difference?
HTTP is used to load websites from the server into your web browser. The HTTPS (Hypertext Transfer Protocol Secure) has the same task but does this in encrypted form and can thus establish a tap-proof connection between the operator of the website and your browser. The HTTPS process is supported by all browsers and is therefore a security technology that does not have to be installed separately. Everyone in your network can monitor your surfing behavior on HTTP websites with a little effort. With HTTPS websites, however, the connections are encrypted. You can recognize an HTTPS page by the fact that on the one hand the said writing is at the top of the address line of the browser, on the other hand by the locked lock (see picture) Common websites only use the HTTP method. However, when it comes to personal data, such as in online banking or in online shops, these have HTTPS encryption.
A website on which you must enter sensitive data such as your account details should be encrypted via HTTPS. Otherwise it is very likely that it is a dubious provider.