Core Definitions

IP (Internet Protocol)

• Addressing system for the web. Each device gets a unique IP address.
• Problem: Not reliable (packets can be lost).

TCP (Transmission Control Protocol)

• Operates on top of IP.
• Ensures data completeness and reliability (handshakes, packet ordering).

DNS (Domain Name System)

• The "Phonebook" of the Internet. Maps human-readable names (google.com) to IP addresses (142.250.185.78).

SSL (Secure Sockets Layer) / TLS (Transport Layer Security)

• Cryptographic protocols for secure communication.
• TLS is the modern successor to SSL (TLS 1.2, 1.3).

CORS (Cross-Origin Resource Sharing)

• Security mechanism that restricts web pages from making requests to a different domain than the one that served the web page.

---

How DNS Works

When you type www.google.com:

1. Local Cache Check: Browser -> OS Cache.
2. Resolver: Request sent to ISP's DNS Resolver (or 8.8.8.8).
3. Root Server: Resolver asks Root where .com servers are.
4. TLD Server (Top Level Domain): Resolver asks .com server where google.com is.
5. Authoritative Name Server: Returns the actual IP address of the server.

DNS Records

• A Record: Points a hostname to an IPv4 address.
• AAAA Record: Points to an IPv6 address.
• CNAME: Alias for another domain (e.g., www -> root).
• MX: Mail Exchange (for email delivery).
• TXT: Text records (often used for verification like SPF, DKIM).

---

HTTP (HyperText Transfer Protocol)

The foundation of data communication on the WWW.

• Application Layer protocol (OSI Model).
• Stateless: Each request is independent.

HTTP vs HTTPS

HTTP (Port 80) sends data in plain text (insecure). HTTPS (Port 443) uses TLS/SSL to encrypt traffic.

• Encryption: Prevents eavesdropping.
• Integrity: Prevents data tampering.
• Authentication: Verifies the server's identity via Certificates.

Anatomy of a Request

1. Start Line: METHOD /path HTTP/1.1
2. Headers: Metadata (Host, User-Agent, Content-Type).
3. Body: Data (JSON, Form Data, Files) - Optional.

Anatomy of a Response

1. Status Line: HTTP/1.1 200 OK
2. Headers: Metadata (Date, Content-Length, Set-Cookie).
3. Body: The resource (HTML, JSON, Image).

---

HTTP Methods

• GET: Retrieve data. Should be safe and idempotent. Parameters in URL.
• POST: Create new resources. Data in Body. Secure from browser history.
• PUT: Update/Replace a resource completely.
• PATCH: Partial update of a resource.
• DELETE: Remove a resource.
• HEAD: GET without body (headers only).
• OPTIONS: Describe communication options (CORS preflight).

GET vs POST

• GET: Visible in URL, Cached by browser, Limited length, Safe (no side effects).
• POST: Hidden in body, Not cached by default, No length limit.

---

HTTP Status Codes

1xx (Informational): Request received, continuing process. 2xx (Success)

• 200 OK: Standard success.
• 201 Created: Resource created (POST/PUT).
• 204 No Content: Success but no body (DELETE).

3xx (Redirection)

• 301 Moved Permanently: SEO friendly redirect.
• 302 Found: Temporary redirect.

4xx (Client Error)

• 400 Bad Request: Malformed syntax.
• 401 Unauthorized: Authentication required (who are you?).
• 403 Forbidden: Authenticated but no permission (I know you, but no).
• 404 Not Found: Resource doesn't exist.
• 422 Unprocessable Entity: Validation error.
• 429 Too Many Requests: Rate limit exceeded.

5xx (Server Error)

• 500 Internal Server Error: Generic server failure.
• 502 Bad Gateway: Invalid response from upstream.
• 503 Service Unavailable: Overload or maintenance.