All network protocols for web browsers can be categorized into stateful and stateless.
State refers to the server’s ability to maintain session information. Let's look into both state types
Stateless
- Stateless protocols do not retain information on the server, removing the issue of server-side state synchronization and data storage.
- Because of this, they are scalable and can process requests fast.
- Each stateless call to the server is independent of the previous and the next. Every call contains all the data it needs to be fully processed and executed independently.
- If there is an error or system crash, there is no dependency on retrieving data because it is never stored.
- By default, HTTP is stateless, making statelessness one of the principles of REST architecture and REST APIs.
- If three HTTP calls are made to the server in succession, three separate connections are opened and closed one after the other.
- However, HTTP Cookies can be created using HTTP Headers to create sessions by storing resource data in the browser.
- Therefore HTTP by default is still stateless but not always sessionless.
Stateful
- Stateful protocols require the server to save status and session information, such as an authentication session.
- This is achieved with heavy and complicated server-side software that is difficult to scale.
- Stateful protocol examples are FTP and SOAP.
- With stateful requests, previous calls can impact further calls. Because of this, stateful apps use the same servers for each request, and memory allocation is needed to store data.
- Stateful apps also require higher security because sensitive session data is maintained.