Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

JavaScript AJAX Basics (retiring) AJAX and APIs Making the AJAX Request

Sean Lamoreaux
Sean Lamoreaux
13,468 Points
Posted by Sean Lamoreaux
Sean Lamoreaux
13,468 Points

HTTP vs HTTPS?

I noticed Dave uses "HTTP" when typing the URL for the Flickr API. But on the Flickr site it provides the API url with "HTTPS."

(see https://www.flickr.com/services/feeds/docs/photos_public/).

Can anyone help me understand why we're typing it that way, and also perhaps help me better understand the differences between HTTP and HTTPS?

3 Answers

Jennifer Nordell
seal-mask
STAFF
.a{fill-rule:evenodd;}techdegree
Jennifer Nordell
Treehouse Teacher
Jennifer Nordell
.a{fill-rule:evenodd;}techdegree
Jennifer Nordell
Treehouse Teacher

HTTP is hypertext transfer protocol. HTTPS is hypertext transfer protocol secure and information goes through a SSL (secure socket layer). Let's just say that HTTPS is more secure than HTTP :) It may be that between the making of the video and today that Flickr has updated parts to work on HTTPS.

jason chan
jason chan
31,009 Points
jason chan
jason chan
31,009 Points

SSL is more safe.

use https

Steve Gallant
Steve Gallant
14,943 Points
Steve Gallant
Steve Gallant
14,943 Points

At a high level: HTTPS uses public key encryption to authenticate and encrypt the HTTP protocol traffic to and from a web server. A trusted SSL certificate must be installed on the web server (can be purchased from a public "Certificate Authority" (CA) or generated in-house for internal use). Web browsers using HTTPS will be presented with the server certificate (which includes the issuing CA) and will then check the local certificate store on the workstation to see if the issuing CA is a commonly known trusted company. If the CA is trusted, your web connection is secure (usually you get a closed lock icon or something similar).

Jennifer is probably correct that flickr updated it's API address to use HTTPS since the video was made.