Longform
HTTP Guides
Deep dives for developers who want practical understanding, not abstract definitions.
Tip: press / to focus search.
Cookie Security: HttpOnly, SameSite, and Secure Flags
A comprehensive guide to understanding and implementing secure HTTP cookies to protect against XSS, CSRF, and session hijacking attacks.
Cross-Origin Resource Sharing (CORS)
Master Cross-Origin Resource Sharing (CORS) for secure cross-origin HTTP requests. Learn preflight requests, headers, credentials, and common error solutions.
How HTTP Works: The Complete Guide
Learn how HTTP works with interactive examples. Understand requests, responses, methods, headers, status codes, and the complete request lifecycle in minutes.
HTTP Authentication Methods and Best Practices
A comprehensive guide to HTTP authentication methods including Basic Auth, Bearer tokens, API keys, and OAuth 2.0.
HTTP Headers and Caching: A Practical Guide
Master HTTP caching with Cache-Control, ETag, Last-Modified, and conditional request headers. Learn how to optimize performance with proper cache strategies.
HTTP Sessions and State Management Explained
Learn how to manage user state and sessions in stateless HTTP applications using cookies, tokens, and server-side storage.
HTTP Status Codes: A Complete Reference Guide
Learn how HTTP status code classes (1xx-5xx) work and when to use each code. Master informational, success, redirect, client error, and server error responses.
HTTPS and TLS: How Secure Connections Work
Beginner-to-advanced guide to HTTP vs HTTPS, TLS basics, migration checklists, and HTTP/1.1 vs HTTP/2 tradeoffs for production systems.
Request and Response Lifecycle
Learn how HTTP requests travel from browser to server and back. Understand DNS resolution, TCP connections, request/response flow, and the complete lifecycle.