Packet.School
HomeLevelsSandboxFreeAbout
XP0
L3 · Protocols
Level 3
5 lessons
  • 01HTTP/HTTPS
  • 02How DNS Works?
  • 03DHCP
  • 04TCP vs UDP
  • 05Level 3 Quiz
Levels/L3 · Protocols/Lesson 01
Lesson · 01

HTTP/HTTPS

HTTP (HyperText Transfer Protocol) is the web's core protocol: every page, image, and API call between your browser and a server speaks this language. HTTPS is the same language, encrypted.

Duration
3min
Level
L3
Type
Lesson
Progress
1/ 5

01The request–response model

In HTTP, the client always starts the conversation:

code
Browser → HTTP Request → Server
Browser ← HTTP Response ← Server

A server never pushes data to you unprompted — behind every response there is a request.

02HTTP methods

MethodUseExample
GETFetch dataViewing a page
POSTSend dataSubmitting a form
PUTUpdateEditing a profile
DELETERemoveDeleting an account
HEADHeaders onlyChecking a file's size

03Anatomy of a request

code
GET /index.html HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0
Accept: text/html
Cookie: session=abc123

04Anatomy of a response

code
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1234

<html>...</html>

The number on the first line sums up the request's fate:

05HTTP status codes

CodeMeaningDescription
200OKSuccess
301MovedPermanent redirect
302FoundTemporary redirect
400Bad RequestMalformed request
401UnauthorizedAuthentication required
403ForbiddenAccess denied
404Not FoundDoesn't exist
500Server ErrorServer-side failure

Rule of thumb: 2xx success, 3xx redirection, 4xx your fault, 5xx the server's fault.

06HTTPS = HTTP + TLS

HTTPS is HTTP traffic encrypted with TLS:

HTTPHTTPS
Port 80Port 443
Plaintext — anyone on the path can read itEncrypted — only the two ends can read it
http://https://

How HTTPS gets established

  1. TLS handshake — client and server agree on encryption methods
  2. Certificate validation — the server proves its identity
  3. Key exchange — a session-specific encryption key is created
  4. Encrypted traffic — all HTTP now flows encrypted
Certificate = digital ID card
The padlock in your browser guarantees two things: the server is who it claims to be, and the traffic in between can't be read. It does not guarantee the content is trustworthy — a padlocked site can still lie to you.
Sandbox · ReferenceCheat SheetPort numbers, status codes, and protocols — all on one reference card.Open tool

07Summary

  • HTTP = the web's request–response protocol
  • HTTPS = HTTP + TLS encryption (port 443)
  • GET fetches, POST sends
  • 2xx success, 3xx redirect, 4xx client error, 5xx server error
Previous
Level 2 Quiz
Next
How DNS Works?
On this page
  • The request–response model
  • HTTP methods
  • Anatomy of a request
  • Anatomy of a response
  • HTTP status codes
  • HTTPS = HTTP + TLS
  • Summary
Packet.School

An open, interactive curriculum for computer networking.

v3.0 · MIT22 lessons live

Learn

  • Lessons
  • Sandbox
  • Levels
  • Free
  • About

Simulations

  • Packet Journey
  • DNS Lookup
  • DHCP Simulator
  • Subnet Calc
  • Network Builder
  • Terminal

Project

  • About
  • Changelog
  • GitHub
  • Contributing
  • Style guide

Newsletter

One short email when a new level ships. No tracking pixels.

© 2026 Packet.School — MIT licensedSupport with a coffeebuilt in the open