• Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Book Review - HTTP The Definitive Guide

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles

View previous topic :: View next topic  
Author Message
SF Boss
SF Boss

Joined: 04 Mar 2003
Posts: 16777079


PostPosted: Mon Nov 17, 2003 6:19 pm    Post subject: Book Review - HTTP The Definitive Guide Reply with quote

HTTP The Definitive Guide
Author(s): David Gourley & Brian Totty with Marjorie Sayer, Sailu Reddy & Anshu Aggarwal
Publisher: O’Reilly
Book Specifications: Soft-Cover, 635 pages
Category: HTTP
User Level: Beginner
Suggested Publisher Price: $44.95 USA/ $69.95 CAN/ £31.22 Net UK (inc of VAT)
ISBN: 1-56592-509-2
Amazon.co.uk: HTTP The Definitive Guide
Amazon.com: HTTP The Definitive Guide

Info from Back: "Behind every successful web transaction lurks the Hypertext Transfer Protocol (HTTP), the language by which web clients and servers exchange documents and information. HTTP is commonly known as the workhorse behind the browsers we use every day to access our company intranets, locate out-of-print books, or research census information. But HTTP is used for far more than browsing the Web: the simplicity and ubiquity of HTTP also have made it the choice protocol for many other networked applications, most notably through web services such as SOAP and XML-RPC”.


This book’s intended audience is for anyone who wishes to learn more about how the vast majority of the webs daily business gets conducted by the HTTP protocol, and just how it goes about its business. I was interested in reading this book from a security perspective as much of the webs content is HTTP driven. Stands to reason that learning the inner details of this protocol would greatly benefit me in not only recognizing anomalous traffic, but also to troubleshoot as well any problems I may encounter at home during my normal browsing.

What is of note for this book is that one does not need advanced or even intermediate knowledge of TCP/IP to reap its benefits. Everyone from the system administrator on down to the home user will greatly benefit from this very well laid out tome of information on the HTTP protocol. What sets this book apart from other ones is the fact that it is indeed a definitive guide to this protocol.

Content & Overview

Spanning 5 parts which in turn have a total of 21 chapters is the HTTP protocol itself explained, and its various uses detailed. Each part deals “with a technology theme” and the chapters themselves go into further detail on that specific theme. The five “themes” covered in the book are as follows;

Part I. HTTP The Web’s Foundation
Part II. HTTP Architecture
Part III. Identification, Authorization, and Security
Part IV. Entities, Encoding, and Internationalization
Part V. Content Publishing, and Distribution

The amount of detail that is devoted to each of the above noted themes, and its various sub topics is simply the best that I have ever seen on this subject. For example the first theme in the book “HTTP The Web’s Foundation” is broken down into four chapters. These chapters cover an Overview of HTTP, URL’s and Resources, HTTP messages, and Connection Management. All of these four chapters in Part I combine to give you the foundation of the Web as noted by the authors. Covered in minute detail is the actual meaning of each and every field within a URL. This kind of information is what is needed so people can understand exactly how it is that HTTP works and communicates.

Explained as well is the use of proxies, and what they actually do for you. Another topic which is often misunderstood is that of Web cache server. An entire chapter is devoted to this topic, and it’s various implementations. Included at the end of the book are eight appendixes which are a truly excellent repository of information. Contained within these appendixes is information such as country codes, MIME types, language tags, and an HTTP header reference among others. This information alone, which is all contained in one place is worth buying this book for. Let alone the actual explanation of the protocol itself.

Style and Detail

Typical of O’Reilly books is the style in which the book is laid out, and the attention to detail. This book is no exception. The table of contents is nicely detailed, and the preface contains a good introduction to the subject matter about to be covered. Of note in this book though is the constant usage of well drawn diagrams, and other visual stimulus to reinforce subject matter. You will learn as much through studying these diagrams, and tables as you will in actually reading the material. The other reason this book stands out is the level of detail in which the HTTP protocol is covered in. The entire protocol itself is covered, as well as its various uses. The level of detail is also seen in the fact that the authors put together eight appendixes which cover many of those small annoying things you can never find readily. To whit what all those HTTP header references are, as well as MIME types.


This book very much lives up to its billing as “HTTP The Definitive Guide”. Not only is the actual protocol itself thoroughly explained, but the afore-mentioned usage of well drawn diagrams, and very informative appendixes make this book a must get. It is hard to find a book that will cover all the topics that HTTP has an impact on, but this book a does very good job of doing just that. This book will be a handy reference for me as it contains all of the error codes, and MIME types which I often end up looking for on a daily basis. I highly recommend the book to anyone who is searching for a one stop shop on the HTTP protocol.

This book gets an SFDC 9/10 from me

Keywords for this post: HTTP The Definitive Guide

This review is copyright 2003 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles All times are GMT + 2 Hours
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register