HTTP with Sessions and Cookies

HTTP Requests and Responses

Client-Server Architecture

Client-Server Model: The exchange of information through a cycle of requests and responses between clients and servers

Typical client-server communication:

  1. The client communicates with a server to request resources
  2. The server queries the resources from its connected internal servers
  3. The server sends a response back to the client

HTTP Requests

In order for clients and servers to communicate over the web, they must use the HTTP Protocol

HTTP is an OSI Layer 7: Application protocol used to transfer resources over the internet

A client generates an HTTP Request when initiating communication with a server, in which the server receives the request, then locates and sends the requested resource back to the client

HTTP Methods

Anatomy of a GET Request

Anatomy of an HTTP Response

GET Requests

GET Requests are used for receiving information fro an HTTP server

GET requests can also request data with query parameters, which are used for specifying which parts of a resource to receive or send data to:

Syntax for query parameters: [path]?[firstParam]=[value]&[secondParam]=[value]

POST Request

HTTP Responses

Using curl

Running curl with only a URL executes a basic GET request, which will return all of the HTML that makes up the requested page

curl --head will only respond with the response header:

curl --head <>

HTTP/1.1 200 OK
Server: nginx/1.9.2
Date: Wed, 22 Sep 2021 02:33:31 GMT
Content-Type: text/html
Content-Length: 12905
Last-Modified: Thu, 26 Mar 2020 17:34:43 GMT
Connection: close
ETag: "5e7ce7b3-3269"
Accept-Ranges: bytes

To send a POST request, use -X POST with curl:

curl -X POST <>

To create a POST request with plain data, use the -d option:

curl -X POST -d "test data" <>

To create a POST request with JSON data, use the -H option:

curl -X POST -d "{\\"jsonKey1\\": \\"jsonValue1\\", \\"jsonKey2\\": \\"jsonValue2\\"}" -H "Content-Type: application/json" <> 

Sessions and Cookies

HTTP resources are inherently stateless, meaning that there is no way to distinguish one user from another

Websites use sessions with cookies to deliver user specific content

Sessions: Unique server-side sets of user data that are used to customize webpages depending on the specific user accessing them

Cookies: Small pieces of text data that once sent by an HTTP server’s response header are saved by the user’s HTTP client

Cookie Session Example:

  1. A user visits a shopping site and is presented with a default page
  2. The user adds an item to their shopping cart, and this action is configured to send a POST request to the HTTP server that includes the data of the recently added item
  3. When the website receives the request, it instructs the database to create a unique cookie and link it to the user’s session
    1. The session in the database stores a list of the items in the user’s cart
  4. The HTTP server then retrieve’s the user’s shopping cart session from the database and responds back to the user’s client with Set-Cookie:cart=user in the response header, and a response body containing the user’s updated cart contents
  5. The user’s client saves the new cookie locally
  6. Any new request made by the user’s browser will send the cookie back via a request header (Cookie: cart=user) to the HTTP server

Microservices and Web Application Architecture

Application Structure

Components of a Typical Web App

Front-end Server: Responsible for displaying webpages and styling them in a readable format, as well as responsible for receiving and responding to HTTP requests

Back-End Server: Executing business logic and writing or reading corresponding data to and from a database

Database: Stores information about employees

Information Flow Between Application Components

  1. The user loads an application in their browser and selects a button to view data
  2. The front-end server forwards the HTTP request to the back end
  3. The back-end server runs a script that queries the database for the requested data
  4. The database searches for the requested data
  5. The back-end script forwards the data to the front-end server
  6. The front-end server prepares a new webpage containing the requested data
  7. The browser displays the new page to the user

Monolith vs. Microservices

Monolith: A singular machine that hosts all the components required to serve a website or application

If a component of the machine malfunctions, the application will stop working


In microservice architecture, each independent machine is a component that executes one primary function or service

Benefits of Microservices include:

Leave a Reply

Your email address will not be published.