Back to the full dot-point answer
NSWSoftware EngineeringQuick questions
Module 2: Programming for the Web
Quick questions on HTTP and HTTPS explained: HSC Software Engineering Module 2
9short Q&A pairs drawn directly from our worked dot-point answer. For full context and worked exam questions, read the parent dot-point page.
What is anatomy of an HTTP request?Show answer
Every HTTP request starts with a request line that names the method and path, then carries any number of headers, then optionally a body. The example below shows a POST request submitting a JSON payload.
What is anatomy of an HTTP response?Show answer
Every HTTP response starts with a status line that names the version, status code and a short reason phrase, then headers, then optionally a body. The example below shows a successful resource creation that returns the new resource as JSON.
What is methods?Show answer
Idempotent means calling the request many times has the same effect as calling it once. Safe means the request does not change server state.
What is headers?Show answer
Headers carry metadata. Useful examples:
What is hTTPS?Show answer
HTTPS is HTTP carried over TLS. It provides three guarantees:
What is a worked example?Show answer
A Python script using requests:
What is treating HTTPS as just encryption?Show answer
HTTPS also provides server authentication (via the certificate) and integrity. Markers want all three properties.
What is calling GET secure because it has no body?Show answer
GET is safe (it does not change server state), not secure. Putting credentials in the query string of a GET URL leaks them into browser history and server logs.
What is forgetting headers?Show answer
A complete HTTP description includes the header section, not just method, path and body. Authorization, Content-Type, Cookie are essential to the protocol. :::