Technical Concepts for Non-Developers, Part 3 – HTTP & HTTPS

When we’re navigating the internet, we’re really just moving between different URLs. A URL (Uniform Resource Locator) is often called a web address because it works like an address in the real world — it helps your computer navigate to the webpage you want to see.

URLs can be a little trickier to decipher than home addresses, though. In this post, I’ll break down one part of the URL: http.

HTTP Explained

HTTP stands for Hypertext Transport Protocol. Let’s break that down.

  • Hypertext is text that links to other text; URLs link us to a specific chunk of content.
  • To transport is to move something from one place to another.
  • A protocol is a set of standards to be followed; in this case, they’re the ones necessary to transport things.

So HTTP is a communication protocol that allows for the transport of things on the internet.

Either HTTP or HTTPS is required in a URL to specify the form of communication. They tell our browser what kind of connection we want to make to a website. Both the application requesting the information (the browser) and the application serving the information (the website’s server) must understand the protocol.

Nowadays, most browsers will automatically assume we want to use HTTP, and they add it for us. Type amazon.com into your browser’s address bar, and it will bring you to https://www.amazon.com/. This is why we’re usually able to navigate the web without thinking about HTTP.

Speaking the Language

We can think of HTTP kind of like addressing a piece of mail. When we mail a letter, we write the destination address in a specific spot, in a defined order. We do the same with the return address, and we place the stamp (of a set amount) in the upper right-hand corner. By following this protocol, we’re ensuring that the delivery of the card will match our specifications. The post office understands the same protocol that we do, which allows us to communicate about exactly where our card should be mailed.

HTTP functions in a very similar way:

  1. Your computer sends a request in HTTP to the website’s server.
  2. The server understands what you’ve asked for and returns a response that also follows the protocol.
  3. Your computer interprets that response and presents it to you.

When it was created, HTTP was designed to communicate with HTML pages. However, it has evolved to fetch other resources, like images and videos.

What About HTTPS?

The secure form of HTTP is HTTPS: Hypertext Transfer Protocol Secure. Information sent with HTTP isn’t encrypted. Therefore, if it’s intercepted by hackers, they can read and understand it.

HTTPS uses a strategy to encode the connection between the web server and your browser so that even if the message is intercepted, it can’t be understood without having the secret code. Many of the early adopters of HTTPS were e-commerce websites; they have an obligation to protect their users’ transactional data.

When you want to share sensitive data on the internet, pay attention to whether the site has HTTP or HTTPS at the beginning of its URL. If your browser is accessing a website using HTTP, the data going between your machine and that endpoint would be visible to anyone who can see your internet traffic.