Network - HTTP

About

• Explanation .

• Random Cat Facts .

• Connection via request, discontinuous.

• Not ideal for real-time things, since it can overload the server and have latency.

• Uses TCP as the transport protocol in the vast majority of cases.

HTTP (Hypertext Transfer Protocol)

• HTTP is the basic protocol used to transfer data between a browser and a web server. When you access a site that uses HTTP your URL starts with http:// .

• With HTTP all information exchanged between the browser and the server is transmitted in clear text. That means anyone intercepting the connection (for example on a public Wi-Fi) can view or manipulate the transmitted data.

• Does not require security certificates; any site can use HTTP without verification.

HTTPS (Hypertext Transfer Protocol Secure)

• HTTPS is the secure version of HTTP. Sites that use HTTPS have URLs that start with https://  and normally show a padlock icon in the browser address bar.

• HTTPS uses the SSL  or TLS  protocols to encrypt the information sent and received. That means the data is scrambled and can only be read by the intended recipient.

Strategies

HTTP/1.1

• Message delimitation is done via headers and content length.

• Server and client use the Content-Length  field to specify the exact size of the message body. This field tells the receiver how many bytes to read for the message.

• If the message size is not known in advance the server can use chunked transfer encoding, where data is split into variable-sized chunks and each chunk is prefixed with its size in hexadecimal.

• In the header:

Content-Length: 1234

HTTP/2.0

• Introduces stream multiplexing which means multiple messages can be sent at the same time using the same channel.

• HTTP/2 uses frames to send data pieces. Each frame has a header with information about the data type and payload size.

• Each message is associated with a Stream ID which allows multiple requests/responses to flow concurrently without interfering with each other.

• Head of Line Blocking: In HTTP/2 requests/responses are split into frames and frames from different requests can be sent simultaneously.

HTTP/3.0 (QUIC)

• HTTP/3 is an evolution of HTTP/2 built on the QUIC protocol, developed to improve performance and reduce latency.

• QUIC replaces TCP with UDP to provide greater agility and uses frames to send data packets. Messages are split into frames and QUIC handles multiplexing of these messages.

• HTTP/3 does not depend on the Content-Length  header. Instead QUIC splits data into small packets and sends them independently, controlling flow via multiplexed data streams.

• Data Frames: QUIC uses data frames and each frame contains the payload size and a Stream ID that lets the server organize messages correctly.

Structure

• Example:

POST /api/v1/users HTTP/1.1
Host: www.example.com
Content-Type: application/json
Content-Length: 56

{
    "name": "João",
    "email": "joao@exemplo.com"
}

Header

• Contains metadata about the communication such as content type, encoding, content length, cookies, etc.

• Host: www.example.com

  • Defines the server to which the request is being sent.

• Content-Type: application/json

  • Indicates that the payload is in JSON format.

• Content-Length: 56

  • Indicates that the message body has 56 bytes.

Body

• Contains the actual data being sent. Can be an HTML page, a file, JSON, etc.

• { "name": "João", "email": "joao@exemplo.com" }

  • This is the actual content of the request. In this case the payload is a JSON object representing the user information to be created on the server.

RESTful (Representational State Transfer) / REST API

• A REST API is a specific type of API that uses a set of conventions and best practices to facilitate communication between client and server.

• REST is designed to be scalable and can be easily used in distributed web applications.

• RESTful describes an implementation that follows this concept. In other words, an API is RESTful if it follows REST principles.

• Resources Represented by URLs :

  • Resources (data or system entities such as users, products, etc.) are identified by URLs (Uniform Resource Locators).

  • Example:

    • /users :

      • Represents the collection of users.

    • /users/1 :

      • Represents a specific user with ID 1.

• Data Representations :

  • Resource data can be represented in different formats such as JSON, XML, HTML, etc.

  • Client and server negotiate representation using HTTP headers like Content-Type  and Accept .

• Stateless :

  • Each request to the server must contain all information needed to be processed.

  • The server does not maintain client state between requests which makes the system more scalable.

• HATEOAS (Hypermedia as the Engine of Application State) :

  • Optional but part of the REST idea. Resources include links to other resources or related actions guiding the client on what to do next.

  • Example:

  {
    "id": 1,
    "name": "John Doe",
    "links": {
      "self": "/users/1",
      "posts": "/users/1/posts"
    }
  }
  

• Layers :

  • REST architecture allows separation into layers like proxies, load balancers and caches without the clients noticing.

Queries

• .

  • Queries for /oi  will be:

  {
      msg: 'aaaaaaa',
      test: 123
  }
  

CRUD Operations (Create, Read, Update, Delete)

• Represent the basic actions that can be performed on resources, and each of them is mapped to specific HTTP methods in a REST API.

• Each operation on resources uses standard HTTP methods.

• GET :

  • Retrieves data from a resource.

• POST :

  • Creates a new resource.

• PUT  or PATCH :

  • Updates an existing resource.

• DELETE :

  • Removes a resource.

Principles

• Client-Server

  • The architecture should separate the user interface (client) from data storage logic (server). This allows both to evolve independently.

• Stateless

  • Each client request to the server must contain all the information necessary to understand and process the request.

• Cacheable

  • Responses should be explicitly marked as cacheable or non-cacheable. This improves performance by allowing responses to be stored and reused.

• Layered System

  • The architecture can be composed of multiple layers, such as intermediaries, proxies and gateways, which can facilitate scalability and security without the client knowing about these layers.

• Uniform Interface

  • The interface between client and server should be standardized, making communication easier. This includes using URIs to identify resources and HTTP methods to operate on them.

• Resources

  • REST APIs treat everything as a resource identified by a URL. Operations on these resources are performed using HTTP methods (GET, POST, PUT, DELETE, etc.).

• Representations

  • Resources can be represented in different formats, such as JSON or XML.

Headers

• List of Headers .

• Explanation .

Benefits

• Simple design and usage.

• Language and platform independent.

• Easily scalable and extensible.

• Leverages native HTTP features like caching and access control.

Examples

• List all books:

  • Request :

    • GET /books

  • Response :

    [
      {"id": 1, "title": "Book A"},
      {"id": 2, "title": "Book B"}
    ]
    

• Get details of a specific book:

  • Request :

    • GET /books/1

  • Response :

    {"id": 1, "title": "Book A", "author": "Author X"}
    

Debug

• Insomnia .

  • Felt a bit simpler to use than Postman.

• Postman .

  • .

Implementation

In Godot

• Quick usage tutorial .

  • Builds an app to fetch 'random cat facts'.

HTTPClient

• Usage example .

HTTPRequest

• *Considerations:

  • The node needs to be instanced in the SceneTree. It must be a child of another node.

• Multiple Requests:

  • You have to wait for a request to finish before sending another one.

  • Making multiple requests at once requires one node per request.

  • A common strategy is to create and delete HTTPRequest nodes at runtime as needed.

TLS/SSL Certificates

• "It is often desired to use TLS connections (also known as SSL connections) for communications to avoid 'man in the middle' attacks. Godot has a connection wrapper, StreamPeerTLS, which can take a regular connection and add security around it. The HTTPClient and HTTPRequest classes also support HTTPS using this same wrapper."

• TLS/SSL Certificates .

Examples

• Using Rest-APIs with Raspberry Pi, Arduino, ESP32 and Web .

• Sending and receiving from a site (1) .

• Sending and receiving from a site (2) .

  • Slightly better explanation.

In Python

• Use 'Flask'.

Example

from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/todos', methods=['GET'])
def get_todos():
    return jsonify([{"id": 1, "title": "Buy milk", "completed": False}])

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=<port>)