KomuraSoft LLC
Chapter 7

Final exercises — Reading HTTP conversations through cases

Apply the three-part reading — what was asked, how it went, what conditions and notes are attached — to eight cases modeled on real incident investigations, using the knowledge of all six chapters together.

The final eight — applying the three-part set to cases

The last chapter is a comprehensive exercise. Eight cases modeled on scenes from real work, answered by crossing the knowledge of all six chapters. When in doubt, return to this course's watchword — What was asked? How did it go? What conditions and notes are attached?

If you stumble onGo back to
Message skeleton, statelessChapter 1
Choosing methods, safe and idempotent, retriesChapter 2
Classifying and triaging status codesChapter 3
Headers such as Host, Content-Type, CookieChapter 4
max-age, ETag, 304, no-storeChapter 5
Observation procedure with curl and the Network tabChapter 6
Procedure diagram of the three-part reading for HTTP incident investigation, checking from the symptom through the request line, the status code, and the headers to narrow down the cause

The pattern for case investigation. Starting from the symptom, read in order: request line (what was asked) → status code (how it went) → headers (conditions and notes), and the side holding the cause (client / redirect / server / cache) narrows itself down.

Case 7-1 — Redirect and form troubles

Covers Chapters 2–3 and 6. Reading redirect chains and POST resubmission.

Q1. Case: opening https://example.com/mypage makes the browser show a 'too many redirects' error. Observing with curl -v https://example.com/mypage, it redirected with 302 to Location: /login, and /login also redirected with 302 to Location: /mypage. Which correctly explains what is happening?

Q2. Case: a user reloaded the browser on the order-complete page and reported 'a form-resubmission prompt appeared, and continuing duplicated my order'. What is the standard server-side fix?

Q3. Case: an image file's response headers set Cache-Control: max-age=604800. For how many days can this cache stay fresh?

days

Case 7-2 — Not updating, garbling, not visible

Covers Chapters 3–6. Separating cache, permissions, and character encoding.

Q4. Case: you fixed the CSS and deployed it to the server, but your browser still shows the old design. In the Network tab, that CSS row shows (disk cache) in the Size column. Which cause-and-remedy pairing is most appropriate?

Q5. Case: on a membership site, a logged-in user reports 'the document page I could see until yesterday is unavailable today'. In the Network tab, the GET for that page returns 403. Which statement follows most appropriately from this observation?

Q6. Case: on the redesigned https://example.com, Japanese renders as symbol strings like '��'. Checking with curl -I returns Content-Type: text/html; charset=ISO-8859-1, while the HTML file itself is saved as UTF-8. What is the appropriate fix?

Case 7-3 — Failure triage and the retry decision

The capstone of Chapters 2–3. Closing the course with 5xx triage and idempotency-based retry decisions.

Q7. Case: the whole site suddenly errors, returning 502 Bad Gateway for every URL. The setup is two stages: 'reverse proxy + application server behind it'. Which is the most appropriate first place to investigate?

Q8. Case: in an inventory system, two requests timed out: (A) PUT /items/42 (replace item 42's data with this content) and (B) POST /orders (create a new purchase order). Which may be resent immediately and mechanically?

Closing the course — carry the reading of the correspondence with you

Well done. The items you actually memorized in this course are remarkably few. What you should take home instead is a reading pattern that works in front of any output.

  • What was asked — the request line's method and path. Is that favor safe? Is it idempotent?
  • How did it go — the status code, starting from the hundreds digit. Whose problem it is comes first
  • What conditions and notes are attached — does Content-Type match the contents? What is Cache-Control promising? Is a Cookie attached?

The DevTools Network tab, curl -v output, and every HTTP log you meet from tomorrow on can always be read starting from these three points. Do not be overwhelmed — start from the usual three — that is the ability this course has built.