background preloader


The HATEOAS constraint decouples client and server in a way that allows the server functionality to evolve independently. Details[edit] A REST client enters a REST application through a simple fixed URL. For example [2] here is a GET request to fetch an Account resource, requesting details in an XML representation: GET /account/12345 HTTP/1.1 Host: Accept: application/xml ... Here is the response: HTTP/1.1 200 OK Content-Type: application/xml Content-Length: ... <? Note the response contains 4 possible follow-up links - to make a deposit, a withdrawal, a transfer or to close the account. Some time later the account information is retrieved again, but now the account is overdrawn: HTTP/1.1 200 OK Content-Type: application/xml Content-Length: ... <? Now only one link is available: to deposit more money. A client does not need to understand every media type and communication mechanism offered by the server. Origins[edit] Implementations[edit] See also[edit] Hypertext Application Language

Representational state transfer Representational State Transfer (REST) is a software architecture style consisting of guidelines and best practices for creating scalable web services.[1][2] REST is a coordinated set of constraints applied to the design of components in a distributed hypermedia system that can lead to a more performant and maintainable architecture.[3] REST has gained widespread acceptance across the Web[citation needed] as a simpler alternative to SOAP and WSDL-based Web services. RESTful systems typically, but not always, communicate over the Hypertext Transfer Protocol with the same HTTP verbs (GET, POST, PUT, DELETE, etc.) used by web browsers to retrieve web pages and send data to remote servers.[3] The REST architectural style was developed by W3C Technical Architecture Group (TAG) in parallel with HTTP 1.1, based on the existing design of HTTP 1.0.[4] The World Wide Web represents the largest implementation of a system conforming to the REST architectural style. Architectural properties[edit]

QUIC QUIC (Quick UDP Internet Connections, pronounced quick) is an experimental transport layer[1] network protocol developed by Google and implemented in 2013.[2][3][4] QUIC supports a set of multiplexed connections between two endpoints over User Datagram Protocol (UDP), and was designed to provide security protection equivalent to TLS/SSL, along with reduced connection and transport latency, and bandwidth estimation in each direction to avoid congestion. QUIC's main goal is to optimize connection-oriented web applications currently using TCP.[1] Details[edit] As improving TCP is a long-term goal for Google, QUIC aims to be nearly equivalent to an independent TCP connection, but with much reduced latency (goal: 0-RTT connectivity overhead) and better SPDY support; if QUIC features prove effective, they could migrate into a later version of TCP and TLS. QUIC also allows higher level application protocols (such as SPDY) to reduce or compress redundant data transmissions (such as headers).

REST & WOA Wiki - REST & WOA Wiki Le protocole HTTPS, ce n'est pas que du bonheur sur le Web Des chercheurs de l’Université Carnegie Mellon (États-Unis), de l’École polytechnique de Turin (Italie) et de Telefonica Research (Espagne) ont étudié les conséquences induites par le protocole de transfert hypertexte sécurisé HTTPS (HyperText Transfer Protocol Secure). Leur analyse (« The Cost of the “S” in HTTPS ») a été présentée la semaine dernière à Sydney, Australie, lors de l’événement CoNEXT. HTTPS combine le protocole HTTP (HyperText Transfer Protocol) avec une couche de chiffrement des échanges, comme TLS (Transport Layer Security) ou SSL (Secure Sockets Layer), et implique l’obtention d’un certificat d’authentification par une autorité tierce. La généralisation du protocole est désormais engagée. Aujourd’hui HTTPS représente 50% de l’ensemble des connexions HTTP. Cela signifie que « le coût de déploiement se justifie et peut être géré par de nombreux services », selon les auteurs de l’étude. Quizz : Connaissez-vous les principes du SMO ?

How to Create a REST Protocol December 01, 2004 Note: In this inaugural article of Joe Gregorio's new column, The Restful Web, he explains how to use the REST architectural style to create an application protocol with web-like properties. Future columns will offer additional REST-based applications and analyses. — Editor If you follow web services, then you may have heard of REST. What Is REST? What is REST anyway? A software architecture is defined by a configuration of architectural elements--components, connectors, and data--constrained in their relationships in order to achieve a desired set of architectural properties. Why Follow REST? The whys of REST are covered on the REST Wiki. Look at it this way: if you're using the infrastructure of the web to move your data around, shouldn't you follow the best practices that will help your data move more smoothly through the system? How to Create a RESTful Interface Now we get to the meat of the matter. What are the URIs? Question 1: What Are the URIs? Employee Format

Quelles sociétés chiffrent les données de leurs utilisateurs ? « Korben Korben Quelles sociétés chiffrent les données de leurs utilisateurs ? L'EFF qui défend les droits des internautes aux États-Unis a interrogé des géants du web pour leur demander quelles sécurités étaient mises en place sur leurs services pour protéger les données personnelles de leurs utilisateurs. Depuis les preuves apportées par Snowden sur la surveillance massive, le chiffrement est au coeur de toutes les discussions. À la fois entre les internautes et la société, mais aussi en interne avec des liaisons chiffrées entre les data centers, sans oublier la transmission sécurisée des cookies. Vous avez aimé cet article ?

HTTP/1.1: Status Code Definitions Each Status-Code is described below, including a description of which method(s) it can follow and any metainformation required in the response. 10.1 Informational 1xx This class of status code indicates a provisional response, consisting only of the Status-Line and optional headers, and is terminated by an empty line. There are no required headers for this class of status code. Since HTTP/1.0 did not define any 1xx status codes, servers MUST NOT send a 1xx response to an HTTP/1.0 client except under experimental conditions. A client MUST be prepared to accept one or more 1xx status responses prior to a regular response, even if the client does not expect a 100 (Continue) status message. Proxies MUST forward 1xx responses, unless the connection between the proxy and its client has been closed, or unless the proxy itself requested the generation of the 1xx response. 10.1.1 100 Continue The client SHOULD continue with its request. 10.1.2 101 Switching Protocols 10.2 Successful 2xx - Date

UPDATE: Encrypt the Web Report: Who's Doing What We’ve asked the companies in our Who Has Your Back Program what they are doing to bolster encryption in light of the NSA’s unlawful surveillance of your communications. We’re pleased to see that four five six seven eight companies—Dropbox, Facebook, Google, Microsoft,, SpiderOak, Twitter, and Yahoo—are implementing five out of five of our best practices for encryption. See the infographic. By adopting these practices, described below, these service providers have taken a critical step towards protecting their users from warrantless seizure of their information off of fiber-optic cables. While not every company in our survey has implemented every recommendation, each step taken helps, and we appreciate those who have worked to strengthen their security. Crypto Survey Results UPDATE, November 20, 2013: Facebook and Tumblr have provided further information to supplement the Encrypt the Web Report. This graphic is also available as an image file. Why Crypto Is So Important