HTTP Response Headers - PowerPoint PPT Presentation

About This Presentation

Title:

HTTP Response Headers

Description:

A common front end to various Web search engines. Idea of ... aiff. AIFF sound file. audio/x- wav. Microsoft Windows sound file. audio/midi. MIDI sound file ... – PowerPoint PPT presentation

Number of Views:715

Avg rating:3.0/5.0

Slides: 43

Provided by: marty93

Learn more at: http://www.sba.oakland.edu

Category:

more less

Transcript and Presenter's Notes

Title: HTTP Response Headers

1
HTTP Response Headers

Vijayan Sugumaran
Department of DIS
Oakland University

Parts of this presentation was provided by
www.coreservlets.com
2
Important Topics

Idea of HTTP status codes
Setting status codes from servlets
Common HTTP 1.1 status codes
A common front end to various Web search engines
Idea of HTTP response headers
Setting response headers from servlets
Common HTTP 1.1 response headers
Persistent servlet state and auto-reloading pages

3
HTTP Request/Response

Request
GET /servlet/SomeName HTTP/1.1
Host ...
Header2 ...
...
HeaderN
(Blank Line)

Response
HTTP/1.1 200 OK
Content-Type text/html
Header2 ...
...
HeaderN ...
(Blank Line)
lt!DOCTYPE ...gt
ltHTMLgt
ltHEADgt...lt/HEADgt
ltBODYgt
...
lt/BODYgtlt/HTMLgt

4
Generating the Server Response HTTP Status Codes

Example HTTP 1.1 Response
HTTP/1.1 200 OK
Content-Type text/html
lt!DOCTYPE ...gt
ltHTMLgt
...
lt/HTMLgt
Changing the status code lets you perform a
number of tasks not otherwise possible
Forward client to another page
Indicate a missing resource
Instruct browser to use cached copy
Set status before sending document

5
Setting Status Codes

public void setStatus(int statusCode)
Use a constant for the code, not an explicit
int.Constants are in HttpServletResponse
Names derived from standard message.E.g., SC_OK,
SC_NOT_FOUND, etc.
public void sendError(int code,
String message)
Wraps message inside small HTML document
public void sendRedirect(String url)
Relative URLs permitted in 2.2 and later
Sets Location header also

6
Five Categories of Status Codes

100 199
Informational codes
Client should respond with some other action
200 299
Signify that the request was successful
300 399
Used for files that have moved
Includes a Location header indicating the new
address
400 499
Error by the client
500 599
Signify an error by the server

7
Common HTTP 1.1 Status Codes

200 (OK)
Everything is fine document follows.
Default for servlets.
204 (No Content)
Browser should keep displaying previous document.
301 (Moved Permanently)
Requested document permanently moved elsewhere
(indicated in Location header).
Browsers go to new location automatically.

8
Common HTTP 1.1 Status Codes (contd.)

302 (Found)
Requested document temporarily moved elsewhere
(indicated in Location header).
Browsers go to new location automatically.
Servlets should use sendRedirect, not setStatus,
when setting this header.
401 (Unauthorized)
Browser tried to access password-protected page
without proper Authorization header.
404 (Not Found)
No such page. Servlets should use sendError to
set this.

9
Status Code Summary
1. Informational 1xx 100 Continue 101 Switching
Protocols 2. Successful 2xx 200 OK 201
Created 202 Accepted 203 Non-Authoritative
Information 204 No Content 205 Reset
Content 206 Partial Content
10
Status Code Summary
3. Redirection 3xx 300 Multiple Choices 301
Moved Permanently 302 Found 303 See
Other 304 Not Modified 305 Use Proxy 306
(Unused) 307 Temporary Redirect
11
Status Code Summary
4. Client Error 4xx 400 Bad Request 401
Unauthorized 402 Payment Required 403
Forbidden 404 Not Found 405 Method Not
Allowed 406 Not Acceptable 407 Proxy
Authentication Required 408 Request Timeout
409 Conflict 410 Gone 411 Length Required 412
Precondition Failed 413 Request Entity Too
Large 414 Request-URI Too Long 415 Unsupported
Media Type 416 Requested Range Not
Satisfiable 417 Expectation Failed
12
Status Code Summary
5. Server Error 5xx 500 Internal Server
Error 501 Not Implemented 502 Bad Gateway 503
Service Unavailable 504 Gateway Timeout 505
HTTP Version Not Supported
URL for HTTP 1.1 Specification
http//www.w3.org/Protocols/rfc2616/rfc2616.html
13
A Servlet That Redirects Users to
Browser-Specific Pages

public class WrongDestination extends HttpServlet
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException
String userAgent request.getHeader("User-Age
nt")
if ((userAgent ! null)
(userAgent.indexOf("MSIE") ! -1))
response.sendRedirect("http//home.netscape.
com")
else
response.sendRedirect("http//www.microsoft.
com")

14
A Servlet That Redirects Users to
Browser-Specific Pages
15
A Front End to Various Search Engines

public class SearchEngines extends HttpServlet
public void doGet(HttpServletRequest request,
HttpServletResponse response) throws
ServletException, IOException
String searchString
request.getParameter("searchString")
if ((searchString null)
(searchString.length() 0))
reportProblem(response, "Missing search
string")
return
searchString URLEncoder.encode(searchString)
String searchEngineName
request.getParameter("searchEngine")
if ((searchEngineName null)
(searchEngineName.length() 0))
reportProblem(response, "Missing search
engine name")
return

16
A Front End to Various Search Engines (Continued)

String searchURL
SearchUtilities.makeURL(searchEngineName,
searchString)
if (searchURL ! null)
response.sendRedirect(searchURL)
else
reportProblem(response,
"Unrecognized search
engine")
private void reportProblem(HttpServletResponse
response,
String message)
throws IOException
response.sendError(response.SC_NOT_FOUND,
message)

17
A Front End to Various Search Engines (Continued)

public class SearchSpec
/ Builds a URL for the results page by
simply concatenating the base URL
(http//...?someVar") with the
URL-encoded search string (jsptraining).
/
public String makeURL(String searchString)
return(baseURL searchString)

18
Front End to Search Engines HTML Form
19
Front End to Search Engines Result for Valid Data
20
Front End to Search Engines Result for Invalid
Data
21
Summary

Many servlet tasks can only be accomplished
through use of HTTP status codes
Setting status codes
In general, set via response.setStatus
In special cases (302 and 404), set with
response.sendRedirect and response.sendError
Most important status codes
200 (default)
302 (forwarding set with sendRedirect)
401 (password needed)
404 (not found set with sendError)

22
Generating the Server Response HTTP Response
Headers
23
Agenda

Format of the HTTP response
Setting response headers
Understanding what response headers are good for
Building Excel spread sheets
Generating JPEG images dynamically
Sending incremental updates to the browser

24
HTTP Request/Response

Request
GET /servlet/SomeName HTTP/1.1
Host ...
Header2 ...
...
HeaderN
(Blank Line)

Response
HTTP/1.1 200 OK
Content-Type text/html
Header2 ...
...
HeaderN ...
(Blank Line)
lt!DOCTYPE ...gt
ltHTMLgt
ltHEADgt...lt/HEADgt
ltBODYgt
...
lt/BODYgtlt/HTMLgt

25
Setting Arbitrary Response Headers

public void setHeader(String headerName,
String headerValue)
Sets an arbitrary header.
public void setDateHeader(String name,
long
millisecs)
Converts milliseconds since 1970 to a date string
in GMT format.
public void setIntHeader(String name,
int headerValue)
Prevents need to convert int to String before
calling setHeader.
addHeader, addDateHeader, addIntHeader
Adds new occurrence of header instead of
replacing.

26
Setting Common Response Headers

setContentType
Sets the Content-Type header. Servlets almost
always use this. See table of common MIME types.
setContentLength
Sets the Content-Length header. Used for
persistent HTTP connections. See Connection
request header.
addCookie
Adds a value to the Set-Cookie header. See
separate section on cookies.
sendRedirect
Sets the Location header (plus changes status
code).

27
Common MIME Types
Type
Meaning
application/
msword
Microsoft Word document
application/octet-stream
Unrecognized or binary data
application/
pdf
Acrobat (.
pdf) file
application/postscript
PostScript file
application/
vnd.ms-excel
Excel spreadsheet
application/
vnd.ms-
powerpoint
Powerpoint presentation
application/x-
gzip
Gzip archive
application/x-
java-archive
JAR file
application/x-
java-
vm
Java
bytecode (.class) file
application/zip
Zip archive
audio/basic
Sound file in .au or .
snd format
audio/x-
aiff
AIFF sound file
audio/x-
wav
Microsoft Windows sound file
audio/midi
MIDI sound file
text/
css
HTML cascading style sheet
text/html
HTML document
text/plain
Plain text
text/
xml
XML document
image/
gif
GIF image
image/jpeg
JPEG image
image/
png
PNG image
image/tiff
TIFF image
video/mpeg
MPEG video clip
video/
quicktime
QuickTime video clip
28
Common HTTP 1.1 Response Headers

Cache-Control (1.1) and Pragma (1.0)
A no-cache value prevents browsers from caching
page.
Content-Disposition
Lets you request that the browser ask the user to
save the response to disk in a file of the given
name
Content-Disposition attachment
filenamefile-name
Content-Encoding
The way document is encoded. See earlier
compression example
Content-Length
The number of bytes in the response.
See setContentLength on previous slide.
Use ByteArrayOutputStream to buffer document
before sending it, so that you can determine
size. See discussion of the Connection request
header

29
Common HTTP 1.1 Response Headers (Continued)

Content-Type
The MIME type of the document being returned.
Use setContentType to set this header.
Expires
The time at which document should be considered
out-of-date and thus should no longer be cached.
Use setDateHeader to set this header.
Last-Modified
The time document was last changed.
Dont set this header explicitly provide a
getLastModified method instead. See lottery
number example in book (Chapter 3).

30
Common HTTP 1.1 Response Headers (Continued)

Location
The URL to which browser should reconnect.
Use sendRedirect instead of setting this
directly.
Refresh
The number of seconds until browser should reload
page. Can also include URL to connect to. See
following example.
Set-Cookie
The cookies that browser should remember. Dont
set this header directly use addCookie instead.
See next section.
WWW-Authenticate
The authorization type and realm needed in
Authorization header. See security chapters in
More Servlets JSP.

31
Building Excel Spreadsheets

public class ApplesAndOranges extends HttpServlet
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException
response.setContentType
("application/vnd.ms-excel")
PrintWriter out response.getWriter()
out.println("\tQ1\tQ2\tQ3\tQ4\tTotal")
out.println
("Apples\t78\t87\t92\t29\tSUM(B2E2)")
out.println
("Oranges\t77\t86\t93\t30\tSUM(B3E3)")

32
Building Excel Spreadsheets
33
Requirements for Handling Long-Running Servlets

A way to store data between requests.
For data that is not specific to any one client,
store it in a field (instance variable) of the
servlet.
For data that is specific to a user, store it in
the HttpSession object
See upcoming lecture on session tracking
For data that needs to be available to other
servlets or JSP pages (regardless of user), store
it in the ServletContext
A way to keep computations running after the
response is sent to the user.
This task is simple start a Thread. The only
subtlety set the thread priority to a low value
so that you do not slow down the server.
A way to get the updated results to the browser
when they are ready.
Use Refresh header to tell browser to ask for
updates

34
Persistent Servlet State and Auto-Reloading
Pages Example

Idea generate list of large (e.g., 150-digit)
prime numbers
Show partial results until completed
Let new clients make use of results from others
Demonstrates use of the Refresh header.
Shows how easy it is for servlets to maintain
state between requests.
Very difficult in traditional CGI.
Also illustrates that servlets can handle
multiple simultaneous connections
Each request is in a separate thread.

35
Finding Prime Numbers for Use with Public Key
Cryptography

public class PrimeNumberServlet extends
HttpServlet
private ArrayList primeListCollection new
ArrayList()
private int maxPrimeLists 30
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException
int numPrimes
ServletUtilities.getIntParameter(request,
"numPrimes", 50)
int numDigits ServletUtilities.getIntParamet
er(request, "numDigits",
120)
PrimeList primeList findPrimeList(primeList
Collection,
numPrimes, numDigits)

36
Finding Prime Numbers for Use with Public Key
Cryptography

if (primeList null)
primeList new PrimeList(numPrimes,
numDigits, true)
// Multiple servlet request threads share
the instance variables (fields) of
//PrimeNumbers. So synchronize all access to
servlet fields.
synchronized(primeListCollection)
if (primeListCollection.size() gt
maxPrimeLists)
primeListCollection.remove(0)
primeListCollection.add(primeList)
ArrayList currentPrimes primeList.getPrimes(
)
int numCurrentPrimes currentPrimes.size()
int numPrimesRemaining (numPrimes -
numCurrentPrimes)
boolean isLastResult (numPrimesRemaining
0)
if (!isLastResult)
response.setIntHeader("Refresh", 5)

37
Finding Prime Numbers for Use with Public Key
Cryptography
38
Finding Prime Numbers for Use with Public Key
Cryptography
39
Using Servlets to Generate JPEG Images

Create a BufferedImage
Draw into the BufferedImage
Set the Content-Type response header
response.setContentType("image/jpeg")
Get an output stream
OutputStream out response.getOutputStream
Send the BufferedImage in JPEG format to the
output stream
try
ImageIO.write(image, "jpg", out)
catch(IOException ioe)
System.err.println("Error writing JPEG file "
ioe)

40
Using Servlets to Generate JPEG Images
41
Using Servlets to Generate JPEG Images
42
Summary

Many servlet tasks can only be accomplished
through use of HTTP response headers
Setting response headers
In general, set with response.setHeader
In special cases, set with response.setContentType
, response.setContentLength, response.addCookie,
and response.sendRedirect
Most important response headers you set directly
Cache-Control and Pragma
Content-Disposition
Content-Encoding
Content-Length
Expires
Refresh
WWW-Authenticate