HTTPWhat is http?The protocol browsers and servers use to exchange web pages, API data, and other resources, defining how requests and responses are formatted. Ask AI for more methods: what do you want to do?

Methods describe what action you want to perform. They're like verbs in a sentence.

GET: give me data

GET /users/123

• Reads data without modifying anything
• No request body (nothing to send)
• Can be bookmarked and cached by browsers
• Used for: loading pages, fetching profiles, searching

GET requests are safe and idempotentWhat is idempotent?An operation that produces the same result whether you perform it once or multiple times, making retries safe. Ask AI for more, calling them multiple times has the same effect as calling once. That's why browsers can retry failed GET requests without worry.

POST: create something new

POST /users
Content-Type: application/json

{ "name": "Alice", "email": "alice@example.com" }

• Creates a new resource
• Has a request body with the data to create
• Not idempotent, running twice creates two things
• Used for: signup forms, creating posts, submitting data

PUT: update this completely

PUT /users/123
Content-Type: application/json

{ "name": "Alice Smith", "email": "alice@example.com", "age": 25 }

• Replaces the entire resource
• Idempotent, running twice has the same effect
• Requires all fields, even unchanged ones

PATCH: change just this part

PATCH /users/123
Content-Type: application/json

{ "name": "Alice Smith" }

• Partially updates a resource
• Only send what changed
• More efficient than PUT for small changes

DELETE: remove this

DELETE /users/123

• Removes a resource
• Usually returns 204 No Content on success
• Idempotent, deleting twice is the same as deleting once

HTTPWhat is http?The protocol browsers and servers use to exchange web pages, API data, and other resources, defining how requests and responses are formatted. Ask AI for more status codes: what happened?

Every response includes a status codeWhat is status code?A three-digit number in an HTTP response that tells the client what happened: 200 means success, 404 means not found, 500 means the server broke. Ask AI for more, a three-digit number that tells you what happened.

Success codes (2xx)

Redirect codes (3xx)

Client error codes (4xx)

Server error codes (5xx)

The difference between 401 and 403 confuses many developers. 401 means "I don't know who you are" (authenticationWhat is authentication?Verifying who a user is, typically through credentials like a password or token. Ask AI for more required). 403 means "I know who you are, but you're not allowed" (authorizationWhat is authorization?Checking what an authenticated user is allowed to do, like whether they can delete records or access admin pages. Ask AI for more failed). Remember: 401 is "who?", 403 is "no."

Anatomy of a request

An HTTPWhat is http?The protocol browsers and servers use to exchange web pages, API data, and other resources, defining how requests and responses are formatted. Ask AI for more request has three parts:

POST /api/users HTTP/1.1          ← Start line (method + path + version)
Host: example.com                  ← Headers start here
Content-Type: application/json
Authorization: Bearer token123
Content-Length: 35
                                 ← Empty line separates headers from body
{"name": "Alice", "age": 25}      ← Body (optional for GET)

Start line: Method + Path + HTTP version
Headers: Metadata about the request (format, authenticationWhat is authentication?Verifying who a user is, typically through credentials like a password or token. Ask AI for more, preferences)
Body: The actual data (JSONWhat is json?A text format for exchanging data between systems. It uses key-value pairs and arrays, and every programming language can read and write it. Ask AI for more, form data, file uploads)

Common request headers

Anatomy of a response

Responses follow the same pattern:

HTTP/1.1 200 OK                    ← Status line (version + code + text)
Content-Type: application/json     ← Headers
Content-Length: 45
Set-Cookie: session=abc123
                                 ← Empty line
{"id": 1, "name": "Alice", "age": 25}  ← Body

Common response headers

Making HTTPWhat is http?The protocol browsers and servers use to exchange web pages, API data, and other resources, defining how requests and responses are formatted. Ask AI for more requests in JavaScript

// GET request
const response = await fetch('https://api.example.com/users/1');
console.log('Status:', response.status); // 200
const data = await response.json();

// POST request with headers and body
const newUser = await fetch('https://api.example.com/users', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer token123'
  },
  body: JSON.stringify({
    name: 'Alice',
    email: 'alice@example.com'
  })
});

HTTPWhat is http?The protocol browsers and servers use to exchange web pages, API data, and other resources, defining how requests and responses are formatted. Ask AI for more vs HTTPSWhat is https?HTTP with encryption added, so data traveling between your browser and a server can't be read or tampered with by anyone in between. Ask AI for more

Always use HTTPS for: passwords, login forms, personal information, payment details, any authenticated requests.

Viewing HTTPWhat is http?The protocol browsers and servers use to exchange web pages, API data, and other resources, defining how requests and responses are formatted. Ask AI for more in your browser

Open DevTools (F12) then go to the Network tab to see HTTP in action:

1. Load a webpage
2. Click any request in the list
3. See the full request and response headers
4. Check the timing breakdown (DNSWhat is dns?The system that translates human-readable domain names like google.com into the numerical IP addresses computers use to find each other. Ask AI for more, connection, download)

This is invaluable for debugging. You can see exactly what your browser sent and what the server responded with.

Quick reference