Uniform Resource Locator


November 28, 2021

A Uniform Resource Locator (in acronym URL) is a sequence of characters that uniquely identifies the address of a resource on a computer network, such as a document, image, video, typically present on a host server and rendered accessible to a client. It is mostly used to indicate web resources (http), resources recoverable via file transfer protocols (ftp), remote shares (smb) or access to external systems (ssh). The resolution of the URL into an IP address, which is necessary for routing with the IP protocol, takes place via DNS.


The structure of a URL is encoded in IETF RFC 3986, written by Tim Berners-Lee, and normally consists of six parts, some of which are optional: protocol: // [username [: password] @] host [: port] [] [? querystring] [# fragment] protocol Identifies the protocol, typically at the application level, to be used for accessing the server. The most common protocols are HTTP, HTTPS, FTP, MMS etc. If the protocol is not specified, the browser usually uses the "http" protocol by default. In some cases the user may see the page loaded with the https protocol, but this only because the web server has already been contacted with the http protocol and has responded to the browser with a redirection status code (3xx, usually 301 or 302) . : // Separator between the protocol and the rest of the URL: usually the host, or optionally the username. username: password @ (optional) Immediately after the protocol, it is possible to specify the authentication credentials (username and password) for accessing the resource. However, URL authentication is extremely risky, as the login credentials are sent to the server in clear text, ie unencrypted. Furthermore, this system lends itself to phishing techniques that can mislead users, leading them to a destination completely different from the one expected. For example, http: //www.sitosicuro.it | [email protected] may at first glance seem like the URL of a page of www.sitosicuro.it, when in reality it leads to www.truffatori.com. For several years, an update of the obsolete Internet Explorer browser (832894) has disabled the authentication function, rendering phishing attempts ineffective. Other browsers such as Firefox have kept the feature, however warning the user of the possible phishing.host attempt Identifies the server on which the resource resides. It can be represented directly by an IP address or (more commonly) by a domain name that the software converts into an IP address using the DNS service. Port (optional) Identifies the network service port to which to forward the request. The port number can be omitted when it matches the standard port associated with the protocol indicated by the URL (e.g. 80 for HTTP or 443 for HTTPS) .path (optional) Path (pathname) in the server's file system that identifies the resource (usually a web page, image or multimedia file). If the filename is not specified, the server can be configured to return a default querystring file (optional) If required, at the end of the url it is possible to add a query string separating it with the use of the "?" Symbol. The query string is a character string that allows one or more parameters to be passed to the server. Typically, the query string looks like this: [...]? Parameter1 value & parameter2 value2.fragment (optional) If present, it indicates a part or a position within the resource, like the query string it is possible to use more parameters, with the difference that, being used by the client to know how to move within a resource, they will not be sent to the server. Normally, the fragment has this format: [...] # parameter1 value & parameter2 value2.



Related items

Domain Name System

INSERT INTO `wiki_article`(`id`, `article_id`, `title`, `article`, `img_url`) VALUES ('NULL()','Uniform_Resource_Locator','Uniform Resource Locator','Domain Name System','')