[MUSIC PLAYING]
DAVID MALAN: So it's
after warriors of the net
we have to go back in and clean
it up the explanation of how
the internet works.
But we actually talk
in CS50 more about HTTP
as a representative
protocol than about TCP/IP.
Even though with the whole set
up is about home networking
and how the internet works.
HTTP is really where we bring the
conversation back to application layer
programming.
DOUG LLOYD: Right.
DAVID MALAN: For the web, in
this case and indeed with HTTP.
We have an opportunity to
talk about what a protocol is.
The example I always
give, if you'll humor me.
Is, hello, nice to meet you.
DOUG LLOYD: Nice to meet you as well.
DAVID MALAN: And you acknowledge
that initiative of a protocol
that I just commenced in.
And silly little human tradition,
but it's an example of a protocol.
I extend my hand.
You extend yours.
We shake.
Transaction complete.
So not unlike the TCP, pun
intended, three way handshake.
But with HTTP/2, we
have some opportunities
to discuss what it really is.
And even though it is a protocol,
which is fancy sounding.
We try to help students realize that
it's just textual messages inside
of a virtual envelope, if you will.
And one of the
demonstrations we'll often do
is take out an envelope
and some sheets of paper.
Write the messages on them.
Put them inside.
And if you really want
to go down that road.
You can start talking about how the
HTTP packet is inside of the TCP packet,
is inside of the IP
packet, and so forth.
All the way down to that.
DOUG LLOYD: You can
actually take a picture
and cut it up into different pieces.
[INTERPOSING VOICES]
DOUG LLOYD: TCP reassemble it later on.
DAVID MALAN: Indeed.
DOUG LLOYD: Is there a
reason that you wanted
to focus on the Hypertext Transfer
Protocol as opposed to SMTP, so email?
I guess HTTP is familiar to students.
DAVID MALAN: I'm just
more familiar, indeed.
Most people assume or equate
the web with the internet.
Even though there are certainly
any number of other services.
Like SMTP and email more generally.
So HTTP is also the domain
in which we're going
to be playing with web programming.
And so it just seems
to make sense there.
And students have seen
it in various contexts.
Sometimes you see cryptic
looking things in the URL.
Sometimes you don't.
Sometimes the browser warns you that
you're about to resubmit a form.
So there's a lot of
ways now to tie together
things they've seen in the real world.
And actually explain what's
going on technologically.
DOUG LLOYD: That's fair.
You don't get those sort of
error messages or visual cues
from SMTP or something.
DAVID MALAN: [INAUDIBLE]
And this is nice too.
Even though we throw away some of
the more distracting HTTP headers.
You can start to wrap your mind
around these kinds of messages.
And understand what
it is that's going on.
DOUG LLOYD: And it's not
all that arcane to get.
That's pretty intuitive
what it's going to do.
Yeah.
DAVID MALAN: Indeed.
And what's nice too is because once
we start to reveal a few more headers.
Like the set cookie
or the cookie headers,
can we discuss how you can build on
top of an otherwise stateless protocol
state.
And then we can also talk about
security, session hijacking,
or theft of cookies.
And why encryption in
HTTPS is a good thing.
Which brings us back then
to week 2 and our discussion
early on of cryptography, albeit
with a more sophisticated cipher
at this point.
So there's a lot of nice
intersections with topics
past that this allows us to
revisit and then go beyond.
DOUG LLOYD: And one other great
thing about the fact that we do
take a look at HTTP headers.
Is it gives us a chance
to take a look in Chrome,
the Chrome console of the Inspector.
Which students will then later
use in particular with JavaScript.
So it gives them a sense of that tool
that's been baked into their browser.
That they might not have
had a chance to use before.
DAVID MALAN: Indeed.
