BEHIND THE SCREENS: BROWSER EDITION

What happens when you type a URL in your browser and click enter?

I will go ahead and bluntly assume that you are reading this article from a browser and in which case you are ahead of the discussion herein. If not, then the fact still remains that your browser does a lot for you and we’ll dig into all that. Dig, a very useful Linux command.

So you want to check out a website and you type https://www.holbertonschool.com and click enter. In a blink of an eye, if your internet so wishes, a webpage is displayed and you read through and get all the info’ you want.

Domain name to IP address translation(DNS Lookup)

The first thing that happened is your browser needed to know which server stores the webpage you requested. All computers are identified by their IP addresses but since humans can’t easily remember digits, we use domain names. The browser checks it’s own cache for an IP address that matches the domain you just typed. If it doesn’t find it, it asks the Operating System for the IP address that your domain translates to. If the OS doesn’t have a record in it’s cache, it contacts the resolver server owned by your Internet Service Provider. The resolver’s sole purpose is to know where in the world to locate the root server but first, it will check it’s own cache for the IP address you are looking for. If our request reaches the root server, it will know where to find the TLD(Top Level Domain) server. Here’s a diagram to help you understand what a TLD is.

Parts of a URL

Once our request reaches the TLD server, in this case the .com TLD server, the resolver gets the Authoritative name servers for the domain holbertonschool.com and stores them. The resolver then gets the IP address from the authoritative name servers(There are usually more than 1 for redundancy and better traffic distribution). This IP address is sent back to the browser which can now send your Request to the right server.

Briefly into Browser Requests and Responses

When you type a URL on the search bar and click enter, the browser rewrites it as a request and that follows a simple format. When this request is sent, the browser will receive a response which also has a similar format but different content altogether. The browser then has to translate the response which it displays as what you requested and if not, a useful error message.

These examples show the general format of requests and responses. These are generated by the browsers and web servers respectively. Only clients can make HTTP requests, and then only to servers. Servers can only respond to a client’s HTTP request.

This is the Response generated by the web server for https://www.holbertonschool.com

How will your computer communicate with the server?(TCP/IP)

So, this far we have the IP address of the server that holds the webpage we want and the request we’d like to send to it. How shall we proceed? TCP/IP comes in at this point. The Transmission Control Protocol and Internet protocol specify how devices exchange data over the internet to one another. It identifies how data should be broken down, addressed, transmitted, routed and received. Specifically, TCP defines how applications create communication channels, how a message should be broken down for transmission and how it should be reassembled at the destination. On the other hand, IP defines how to address and route packet for delivery to ensure it reaches the right destination. Altogether, TCP/IP is divided into 4 layers to achieve its functionality.

• Application Layer — Provides application with standardized data exchange protocols. For example, browsers use HTTP. Other protocols include FTP and SMTP.
• Transport Layer — Maintains end-to-end communications across the network with the TCP protocol and breaks down the data into packets.
• Network Layer — Manages packets and connects networks to transport the packets across the network boundaries using IP and internet control message protocol.(You can think Wi-Fi).
• Physical Layer — Has protocols that only operate on a link. It’s the component that connects nodes or hosts in the network.

Firewall

For the request to actually be processed, it must be allowed to pass through the firewall on the server. A firewall is a division between a private network and an outer network, often the internet, that manages traffic passing between the two networks. Firewalls allow, limit, and block network traffic based on preconfigured rules in the hardware or software, analyzing data packets that request entry to the network. In addition to limiting access to computers and networks, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins.

Web Server

A header from the server response for https://www.holbertonschool.com

If you look closely at the image above that shows the Response header for https://www.holbertonschool.com, you’ll see the header Server. A web server serves webpages to clients. A static web server sends its hosted files as-is to your browser while a dynamic web server consists of a static web server plus extra software, most commonly an application server and a database. It’s called dynamic because the application server updates the hosted files before sending content to your browser via the HTTP server.

First, a web server has to store the website’s files, that is all HTML documents and their related assets(including images, CSS stylesheets, JavaScript files, fonts, and video). In our case, the web server is nginx. Upon receiving a request, an HTTP server first checks if the requested URL matches an existing file.

1. If so, the web server sends the file content back to the browser. If not, an application server builds the necessary file.
2. If neither process is possible, the web server returns an error message to the browser, most commonly 404 Not Found.

Redundancy

Servers may fail or behave less than optimally at any given point. This would mean the website that you’d like to see would be inaccessible. To prepare for such a situation and counter the adverse effects, developers often add more servers to a domain name such that if one fails, the other(s) can still serve clients when a request for their site is sent. This is called redundancy. To achieve this functionality seamlessly, a load balancer is used. Load balancing is the distribution of traffic (client requests) among available servers. Notably, it provides scalability, which means you can add more servers when the traffic increases and reduce number of servers when traffic is less. It provides higher availability and reduces the load per server which increases the speed of response. An example of a load balancer is HA proxy and is typically installed in a server different from the ones hosting your website files.

“Your message is safe with me”, said HTTPS

Security is of great concern over the internet. Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP. All communications between your browser and the server are encrypted with https while with http, it’s just plain text so anyone can understand it. This means that if anyone manages to intercept the https connection, they would not be able to decrypt what message is being relayed. HTTPS pages typically use one of two secure protocols to encrypt communications — SSL (Secure Sockets Layer) or TLS (Transport Layer Security). When your browser requests a https connection to the server(website), the server sends it SSL certificate which contains the public key that will be used to decrypt the responses and encrypt the requests. The procedure for exchanging public keys using SSL Certificate to enable HTTPS, SSL and TLS is called Public Key Infrastructure (PKI). Apart from encryption, another major difference between the two protocols is that while https uses port 80 to listen to requests, https uses port 443.

Dynamic Websites. (Let’s talk Application servers and Databases)

I had earlier mentioned that static content is served as-is to by the web server to the browser. A dynamic website on the other hand, contains information and content that changes. This depends on factors such as time of the day, native language of the country the viewer, time zone and so on. The content of the website (text/images/videos) is stored on a database or content management system. When the information is updated within the database, it changes on the site.

When a user request to access a dynamic site, pages are generated in real-time to the user based on this data from the visitor. Scripting code is analyzed and interpreted on the web server and the resulting HTML is displayed to the web browser. This means different content can be generated at different times of the day, or based on cookies or environmental variables like what kind of browser is being used, what a user’s IP address is, or what page they visited prior to the current page.

Conclusion

When a client requests a website, the browser locates the server and displays the content for the user. The whole process is made possible by other software(web servers, load balancers, firewalls, databases, application servers, protocols, etc.) and computers dedicated to serve clients that is servers.