Why HTTP is called as Stateless Protocol?

HTTP is called as a Stateless Protocol. But when we create the session in the PHP, server sends the session ID to the browser using the Set-Cookie header. So in the next API call retrieves session information from the server. So its means it can get the session information from the previous API call.

Comments (11)

Marco Alka's photo

Stateless means that the server does not store information about the client in between requests. Cookies, in the case of HTTP, are a way to keep HTTP stateless, but work around this restriction elegantly. The server does not need to store anything, and the client needs to send the cookies on every request in order to make the server know about certain aspects of the client (for example which token to use with an CIAM system).

Show all replies
Sivabalan's photo

Thank you so much for your valuable comments and time

Purvi Barot's photo
  1. HTTP is called as a stateless protocol because each command requested is executed independently, without any knowledge of the request that was executed before it. It is the protocol used for the web. It is based on request/response paradigm.

  2. In this protocol the communication generally takes place over TCP/IP protocol.

Emil Moe's photo

A session is not the same as a state.

The reason it is stateless is because you don't keep a constant connection to the server, but you send a request and get a response. Then the communication ends (simplified).

If you take a protocol like SSH or FTP, it can be in a state of connected, because it keeps up the connection. If something interfere with the connection (ie you lose WiFi) the state is broken, where in HTTP you can be disconnected and reconnected and the server will never know.

The session is a short term reference to your session, but it's not a state. Sure if you go into the details, the server (but this is not a part of the HTTP protocol) will have open and closed sessions which might be seen as states.

Show all replies
Marco Alka's photo

Software Engineer & Mentor

Emil Moe State has nothing to do with the connection. State in this case means that the server stores information about the client. For example if a protocol stores information about how often a client connects to it and acts based on that, then it's a stateful protocol. HTTP is stateless. Every request a client does is like the first and n-th request, the server cannot differentiate. It's just the business-logic, which uses workarounds like cookies, which can do so and act upon it. You can compare statelessness to functional programming. You should really look it up!