HTTP (Hypertext Transfer Protocol) is the protocol responsible for delivering web content / HTML, images, scripts, and other resources between a client (usually a browser) and a web server. It operates over TCP port 80 and communicates in cleartext, making it vulnerable to interception and inspection.

To counter this, HTTPS (HTTP Secure) wraps HTTP inside a TLS (Transport Layer Security) tunnel, providing encryption, integrity, and authentication. It operates over TCP port 443.

Layer: Application (OSI Layer 7)

Ports: HTTP – TCP/80, HTTPS – TCP/443

Encryption: None (HTTP), Encrypted via TLS (HTTPS)

HTTP Workflow

HTTP is a stateless, text-based protocol that follows a request-response model.

Example Client Actions:

1. DNS resolution of the domain name (e.g., example.com)

2. Establish TCP 3-way handshake with the server on port 80

3. Send HTTP request:

   GET /index.html HTTP/1.1
   Host: example.com
   

4. Server sends HTTP response with headers and content.

HTTP Structure

Request Format:

GET /path HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0

Response Format:

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 234

Followed by the HTML body.