1 / 42

HTTP Response Headers

HTTP Response Headers. Vijayan Sugumaran Department of DIS Oakland University. Parts of this presentation was provided by www.coreservlets.com. Important Topics. Idea of HTTP status codes Setting status codes from servlets Common HTTP 1.1 status codes

mzook
Télécharger la présentation

HTTP Response Headers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HTTP Response Headers Vijayan Sugumaran Department of DIS Oakland University Parts of this presentation was provided by www.coreservlets.com

  2. Important Topics • Idea of HTTP status codes • Setting status codes from servlets • Common HTTP 1.1 status codes • A common front end to various Web search engines • Idea of HTTP response headers • Setting response headers from servlets • Common HTTP 1.1 response headers • Persistent servlet state and auto-reloading pages

  3. Request GET /servlet/SomeName HTTP/1.1 Host: ... Header2: ... ... HeaderN: (Blank Line) Response HTTP/1.1 200 OK Content-Type: text/html Header2: ... ... HeaderN: ... (Blank Line) <!DOCTYPE ...> <HTML> <HEAD>...</HEAD> <BODY> ... </BODY></HTML> HTTP Request/Response

  4. Generating the Server Response: HTTP Status Codes • Example HTTP 1.1 Response HTTP/1.1 200 OK Content-Type: text/html <!DOCTYPE ...> <HTML> ... </HTML> • Changing the status code lets you perform a number of tasks not otherwise possible • Forward client to another page • Indicate a missing resource • Instruct browser to use cached copy • Set status before sending document

  5. Setting Status Codes • public void setStatus(int statusCode) • Use a constant for the code, not an explicit int.Constants are in HttpServletResponse • Names derived from standard message.E.g., SC_OK, SC_NOT_FOUND, etc. • public void sendError(int code, String message) • Wraps message inside small HTML document • public void sendRedirect(String url) • Relative URLs permitted in 2.2 and later • Sets Location header also

  6. Five Categories of Status Codes • 100 – 199 • Informational codes • Client should respond with some other action • 200 – 299 • Signify that the request was successful • 300 – 399 • Used for files that have moved • Includes a Location header indicating the new address • 400 – 499 • Error by the client • 500 – 599 • Signify an error by the server

  7. Common HTTP 1.1 Status Codes • 200 (OK) • Everything is fine; document follows. • Default for servlets. • 204 (No Content) • Browser should keep displaying previous document. • 301 (Moved Permanently) • Requested document permanently moved elsewhere (indicated in Location header). • Browsers go to new location automatically.

  8. Common HTTP 1.1 Status Codes (contd.) • 302 (Found) • Requested document temporarily moved elsewhere (indicated in Location header). • Browsers go to new location automatically. • Servlets should use sendRedirect, not setStatus, when setting this header. • 401 (Unauthorized) • Browser tried to access password-protected page without proper Authorization header. • 404 (Not Found) • No such page. Servlets should use sendError to set this.

  9. Status Code Summary 1. Informational 1xx 100 Continue 101 Switching Protocols 2. Successful 2xx 200 OK 201 Created 202 Accepted 203 Non-Authoritative Information 204 No Content 205 Reset Content 206 Partial Content

  10. Status Code Summary 3. Redirection 3xx 300 Multiple Choices 301 Moved Permanently 302 Found 303 See Other 304 Not Modified 305 Use Proxy 306 (Unused) 307 Temporary Redirect

  11. Status Code Summary 4. Client Error 4xx 400 Bad Request 401 Unauthorized 402 Payment Required 403 Forbidden 404 Not Found 405 Method Not Allowed 406 Not Acceptable 407 Proxy Authentication Required 408 Request Timeout 409 Conflict 410 Gone 411 Length Required 412 Precondition Failed 413 Request Entity Too Large 414 Request-URI Too Long 415 Unsupported Media Type 416 Requested Range Not Satisfiable 417 Expectation Failed

  12. Status Code Summary 5. Server Error 5xx 500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 505 HTTP Version Not Supported URL for HTTP 1.1 Specification http://www.w3.org/Protocols/rfc2616/rfc2616.html

  13. A Servlet That Redirects Users to Browser-Specific Pages public class WrongDestination extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String userAgent = request.getHeader("User-Agent"); if ((userAgent != null) && (userAgent.indexOf("MSIE") != -1)) { response.sendRedirect("http://home.netscape.com"); } else { response.sendRedirect("http://www.microsoft.com"); } } }

  14. A Servlet That Redirects Users to Browser-Specific Pages

  15. A Front End to Various Search Engines public class SearchEngines extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String searchString = request.getParameter("searchString"); if ((searchString == null) || (searchString.length() == 0)) { reportProblem(response, "Missing search string"); return; } searchString = URLEncoder.encode(searchString); String searchEngineName = request.getParameter("searchEngine"); if ((searchEngineName == null) || (searchEngineName.length() == 0)) { reportProblem(response, "Missing search engine name"); return; }

  16. A Front End to Various Search Engines (Continued) String searchURL = SearchUtilities.makeURL(searchEngineName, searchString); if (searchURL != null) { response.sendRedirect(searchURL); } else { reportProblem(response, "Unrecognized search engine"); } } private void reportProblem(HttpServletResponse response, String message) throws IOException { response.sendError(response.SC_NOT_FOUND, message); } }

  17. A Front End to Various Search Engines (Continued) public class SearchSpec { /** Builds a URL for the results page by * simply concatenating the base URL * (http://...?someVar=") with the * URL-encoded search string (jsp+training). */ public String makeURL(String searchString) { return(baseURL + searchString); } … }

  18. Front End to Search Engines: HTML Form

  19. Front End to Search Engines: Result for Valid Data

  20. Front End to Search Engines: Result for Invalid Data

  21. Summary • Many servlet tasks can only be accomplished through use of HTTP status codes • Setting status codes: • In general, set via response.setStatus • In special cases (302 and 404), set with response.sendRedirect and response.sendError • Most important status codes • 200 (default) • 302 (forwarding; set with sendRedirect) • 401 (password needed) • 404 (not found; set with sendError)

  22. Generating the Server Response: HTTP Response Headers

  23. Agenda • Format of the HTTP response • Setting response headers • Understanding what response headers are good for • Building Excel spread sheets • Generating JPEG images dynamically • Sending incremental updates to the browser

  24. Request GET /servlet/SomeName HTTP/1.1 Host: ... Header2: ... ... HeaderN: (Blank Line) Response HTTP/1.1 200 OK Content-Type: text/html Header2: ... ... HeaderN: ... (Blank Line) <!DOCTYPE ...> <HTML> <HEAD>...</HEAD> <BODY> ... </BODY></HTML> HTTP Request/Response

  25. Setting Arbitrary Response Headers • public void setHeader(String headerName, String headerValue) • Sets an arbitrary header. • public void setDateHeader(String name, long millisecs) • Converts milliseconds since 1970 to a date string in GMT format. • public void setIntHeader(String name, int headerValue) • Prevents need to convert int to String before calling setHeader. • addHeader, addDateHeader, addIntHeader • Adds new occurrence of header instead of replacing.

  26. Setting Common Response Headers • setContentType • Sets the Content-Type header. Servlets almost always use this. See table of common MIME types. • setContentLength • Sets the Content-Length header. Used for persistent HTTP connections. See Connection request header. • addCookie • Adds a value to the Set-Cookie header. See separate section on cookies. • sendRedirect • Sets the Location header (plus changes status code).

  27. Common MIME Types Type Meaning application/ msword Microsoft Word document application/octet-stream Unrecognized or binary data application/ pdf Acrobat (. pdf) file application/postscript PostScript file application/ vnd.ms-excel Excel spreadsheet application/ vnd.ms- powerpoint Powerpoint presentation application/x- gzip Gzip archive application/x- java-archive JAR file application/x- java- vm Java bytecode (.class) file application/zip Zip archive audio/basic Sound file in .au or . snd format audio/x- aiff AIFF sound file audio/x- wav Microsoft Windows sound file audio/midi MIDI sound file text/ css HTML cascading style sheet text/html HTML document text/plain Plain text text/ xml XML document image/ gif GIF image image/jpeg JPEG image image/ png PNG image image/tiff TIFF image video/mpeg MPEG video clip video/ quicktime QuickTime video clip

  28. Common HTTP 1.1 Response Headers • Cache-Control (1.1) and Pragma (1.0) • A no-cache value prevents browsers from caching page. • Content-Disposition • Lets you request that the browser ask the user to save the response to disk in a file of the given name Content-Disposition: attachment; filename=file-name • Content-Encoding • The way document is encoded. See earlier compression example • Content-Length • The number of bytes in the response. • See setContentLength on previous slide. • Use ByteArrayOutputStream to buffer document before sending it, so that you can determine size. See discussion of the Connection request header

  29. Common HTTP 1.1 Response Headers (Continued) • Content-Type • The MIME type of the document being returned. • Use setContentType to set this header. • Expires • The time at which document should be considered out-of-date and thus should no longer be cached. • Use setDateHeader to set this header. • Last-Modified • The time document was last changed. • Don’t set this header explicitly; provide a getLastModified method instead. See lottery number example in book (Chapter 3).

  30. Common HTTP 1.1 Response Headers (Continued) • Location • The URL to which browser should reconnect. • Use sendRedirect instead of setting this directly. • Refresh • The number of seconds until browser should reload page. Can also include URL to connect to. See following example. • Set-Cookie • The cookies that browser should remember. Don’t set this header directly; use addCookie instead. See next section. • WWW-Authenticate • The authorization type and realm needed in Authorization header. See security chapters in More Servlets & JSP.

  31. Building Excel Spreadsheets public class ApplesAndOranges extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType ("application/vnd.ms-excel"); PrintWriter out = response.getWriter(); out.println("\tQ1\tQ2\tQ3\tQ4\tTotal"); out.println ("Apples\t78\t87\t92\t29\t=SUM(B2:E2)"); out.println ("Oranges\t77\t86\t93\t30\t=SUM(B3:E3)"); } }

  32. Building Excel Spreadsheets

  33. Requirements for Handling Long-Running Servlets • A way to store data between requests. • For data that is not specific to any one client, store it in a field (instance variable) of the servlet. • For data that is specific to a user, store it in the HttpSession object • See upcoming lecture on session tracking • For data that needs to be available to other servlets or JSP pages (regardless of user), store it in the ServletContext • A way to keep computations running after the response is sent to the user. • This task is simple: start a Thread. The only subtlety: set the thread priority to a low value so that you do not slow down the server. • A way to get the updated results to the browser when they are ready. • Use Refresh header to tell browser to ask for updates

  34. Persistent Servlet State and Auto-Reloading Pages: Example • Idea: generate list of large (e.g., 150-digit) prime numbers • Show partial results until completed • Let new clients make use of results from others • Demonstrates use of the Refresh header. • Shows how easy it is for servlets to maintain state between requests. • Very difficult in traditional CGI. • Also illustrates that servlets can handle multiple simultaneous connections • Each request is in a separate thread.

  35. Finding Prime Numbers for Use with Public Key Cryptography public class PrimeNumberServlet extends HttpServlet { private ArrayList primeListCollection = new ArrayList(); private int maxPrimeLists = 30; public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { int numPrimes = ServletUtilities.getIntParameter(request, "numPrimes", 50); int numDigits = ServletUtilities.getIntParameter(request, "numDigits", 120); PrimeList primeList = findPrimeList(primeListCollection, numPrimes, numDigits);

  36. Finding Prime Numbers for Use with Public Key Cryptography if (primeList == null) { primeList = new PrimeList(numPrimes, numDigits, true); // Multiple servlet request threads share the instance variables (fields) of //PrimeNumbers. So synchronize all access to servlet fields. synchronized(primeListCollection) { if (primeListCollection.size() >= maxPrimeLists) primeListCollection.remove(0); primeListCollection.add(primeList); } } ArrayList currentPrimes = primeList.getPrimes(); int numCurrentPrimes = currentPrimes.size(); int numPrimesRemaining = (numPrimes - numCurrentPrimes); boolean isLastResult = (numPrimesRemaining == 0); if (!isLastResult) { response.setIntHeader("Refresh", 5); } …

  37. Finding Prime Numbers for Use with Public Key Cryptography

  38. Finding Prime Numbers for Use with Public Key Cryptography

  39. Using Servlets to Generate JPEG Images • Create a BufferedImage • Draw into the BufferedImage • Set the Content-Type response header response.setContentType("image/jpeg"); • Get an output stream OutputStream out = response.getOutputStream • Send the BufferedImage in JPEG format to the output stream try {   ImageIO.write(image, "jpg", out); } catch(IOException ioe) {   System.err.println("Error writing JPEG file: " + ioe); }

  40. Using Servlets to Generate JPEG Images

  41. Using Servlets to Generate JPEG Images

  42. Summary • Many servlet tasks can only be accomplished through use of HTTP response headers • Setting response headers: • In general, set with response.setHeader • In special cases, set with response.setContentType, response.setContentLength, response.addCookie, and response.sendRedirect • Most important response headers you set directly: • Cache-Control and Pragma • Content-Disposition • Content-Encoding • Content-Length • Expires • Refresh • WWW-Authenticate

More Related