100% found this document useful (1 vote)

44 views

Coding Clean, Reliable, and Safe REST APIs with ASP.NET Core 8 1st Edition Anthony Giretti pdf download

The document provides information on downloading the ebook 'Coding Clean, Reliable, and Safe REST APIs with ASP.NET Core 8' by Anthony Giretti, along with links to other related ebooks and textbooks. It includes details about the book's content, such as chapters on HTTP, REST, ASP.NET Core, best practices, and API optimization. The document also mentions copyright and publisher information, as well as access to supplementary materials on GitHub.

Uploaded by

shirezahrau

Available Formats

Download as PDF, TXT or read online on Scribd

100% found this document useful (1 vote)

44 views

Coding Clean, Reliable, and Safe REST APIs with ASP.NET Core 8 1st Edition Anthony Giretti pdf download

Uploaded by

shirezahrau

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 86

Visit https://ebookmass.

com to download the full version and

browse more ebooks or textbooks

Coding Clean, Reliable, and Safe REST APIs with

ASP.NET Core 8 1st Edition Anthony Giretti

_ Press the link below to begin your download _

https://ebookmass.com/product/coding-clean-reliable-and-
safe-rest-apis-with-asp-net-core-8-1st-edition-anthony-
giretti/

Access ebookmass.com now to download high-quality

ebooks or textbooks
We have selected some products that you may be interested in
Click the link to download now or visit ebookmass.com
for more options!.

Coding Clean, Reliable, and Safe REST APIs with ASP.NET

Core 8: Develop Robust Minimal APIs with .NET 8 Anthony
Giretti
https://ebookmass.com/product/coding-clean-reliable-and-safe-rest-
apis-with-asp-net-core-8-develop-robust-minimal-apis-with-
net-8-anthony-giretti/

Pro RESTful APIs with Micronaut: Build Java-Based

Microservices with REST, JSON, and XML, 2nd Edition Sanjay
Patni
https://ebookmass.com/product/pro-restful-apis-with-micronaut-build-
java-based-microservices-with-rest-json-and-xml-2nd-edition-sanjay-
patni/

Pro RESTful APIs with Micronaut: Build Java-Based

Microservices with REST, JSON, and XML 2 / converted
Edition Sanjay Patni
https://ebookmass.com/product/pro-restful-apis-with-micronaut-build-
java-based-microservices-with-rest-json-and-xml-2-converted-edition-
sanjay-patni/

Architecting ASP.NET Core Applications Carl-Hugo Marcotte

https://ebookmass.com/product/architecting-asp-net-core-applications-
carl-hugo-marcotte/
ASP.NET 8 Best Practices 1 / converted Edition Jonathan R.
Danylko

https://ebookmass.com/product/asp-net-8-best-practices-1-converted-
edition-jonathan-r-danylko/

Geometric Patterns with Creative Coding: Coding for the

Arts 1st Edition Selçuk Artut

https://ebookmass.com/product/geometric-patterns-with-creative-coding-
coding-for-the-arts-1st-edition-selcuk-artut/

Geometric Patterns with Creative Coding 1st Edition Selcuk

Artut

https://ebookmass.com/product/geometric-patterns-with-creative-
coding-1st-edition-selcuk-artut/

Pro ASP.NET Core 3: Develop Cloud-Ready Web Applications

Using MVC, Blazor, and Razor Pages

https://ebookmass.com/product/pro-asp-net-core-3-develop-cloud-ready-
web-applications-using-mvc-blazor-and-razor-pages/

Saving Finley: Military Hero, Heroine Romance (Safe and

Secure Book 8) Alyssa Bailey

https://ebookmass.com/product/saving-finley-military-hero-heroine-
romance-safe-and-secure-book-8-alyssa-bailey/
Coding Clean,
Reliable, and Safe
REST APIs with
ASP.NET Core 8
Develop Robust Minimal
APIs with .NET 8

Anthony Giretti
Coding Clean, Reliable, and Safe REST APIs with ASP.NET Core 8:
Develop Robust Minimal APIs with .NET 8
Anthony Giretti
La Salle, QC, Canada

ISBN-13 (pbk): 978-1-4842-9978-4 ISBN-13 (electronic): 978-1-4842-9979-1

https://doi.org/10.1007/978-1-4842-9979-1
Copyright © 2023 by Anthony Giretti
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or
part of the material is concerned, specifically the rights of translation, reprinting, reuse of
illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way,
and transmission or information storage and retrieval, electronic adaptation, computer software,
or by similar or dissimilar methodology now known or hereafter developed.
Trademarked names, logos, and images may appear in this book. Rather than use a trademark
symbol with every occurrence of a trademarked name, logo, or image we use the names, logos,
and images only in an editorial fashion and to the benefit of the trademark owner, with no
intention of infringement of the trademark.
The use in this publication of trade names, trademarks, service marks, and similar terms, even if
they are not identified as such, is not to be taken as an expression of opinion as to whether or not
they are subject to proprietary rights.
While the advice and information in this book are believed to be true and accurate at the date of
publication, neither the authors nor the editors nor the publisher can accept any legal
responsibility for any errors or omissions that may be made. The publisher makes no warranty,
express or implied, with respect to the material contained herein.
Managing Director, Apress Media LLC: Welmoed Spahr
Acquisitions Editor: Smriti Srivastava
Development Editor: Laura Berendson
Editorial Assistant: Gryffin Winkler
Cover image designed by Freepik (www.freepik.com)
Distributed to the book trade worldwide by Springer Science+Business Media New York, 1
New York Plaza, 1 FDR Dr, New York, NY 10004. Phone 1-800-SPRINGER, fax (201) 348-4505,
e-mail orders-ny@springer-sbm.com, or visit www.springeronline.com. Apress Media, LLC is a
California LLC and the sole member (owner) is Springer Science + Business Media Finance Inc
(SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation.
For information on translations, please e-mail booktranslations@springernature.com; for
reprint, paperback, or audio rights, please e-mail bookpermissions@springernature.com.
Apress titles may be purchased in bulk for academic, corporate, or promotional use. eBook
versions and licenses are also available for most titles. For more information, reference our Print
and eBook Bulk Sales web page at http://www.apress.com/bulk-sales.
Any source code or other supplementary material referenced by the author in this book is
available to readers on the Github repository. For more detailed information, please visit
https://www.apress.com/gp/services/source-code.
Paper in this product is recyclable
Table of Contents
About the Author��ix

About the Technical Reviewer��xi

Acknowledgments��xiii

Prerequisites��xv

Introduction��xvii

Chapter 1: Introducing HTTP and REST��1

Unveiling HTTP Behind the Web��1
The Characteristics of HTTP��3
HTTP Requests and Responses��4
HTTP Implementation��5
Extend Your Talent on the Web with REST Architecture Style��32
REST Constraints��33
REST Good Practices��34
Summary��41

Chapter 2: Introducing ASP.NET Core 8��43

ASP.NET Core Fundamentals��44
ASP.NET Core Web API��53
ASP.NET Core Minimal APIs��65
Summary��69

iii
Table of Contents

Chapter 3: Introduction to Application Development

Best Practices��71
Getting the Right Frame of Mind��72
A Basic Understanding of the Business��72
Problem-Solving Skills��72
Understanding Programming Paradigms��73
Logical and Structured Thinking��73
Clean Architecture Fundamentals��74
Clean Code Fundamentals��79
General Coding Fundamentals��79
Coding Style Fundamentals��83
OWASP Principles��86
Summary��90

Chapter 4: Basics of Clean REST APIs��91

Routing with ASP.NET Core 8��92
ASP.NET Core Routing��92
RouteGroups��103
Parameter Binding��107
What’s Precisely Parameter Binding?��108
Parameter Binding by Example��109
Validating Inputs��119
Object Mapping��129
Managing CRUD Operations and HTTP Statuses��135
Handling HTTP Statuses��136
Creating the Services to Handle CRUD Operations��138
Creating the Endpoints to Handle CRUD Operations��141
Downloading and Uploading Files��151
Downloading Files��151

iv
Table of Contents

Uploading Files��155
Streaming Content��169
Handling CORS��171
API Versioning��177
Versioning by Headers��178
Versioning by Route��187
Documenting APIs��190
Managing API Versions in Swagger��192
Adding Comments on Endpoints��199
Grouping Endpoints by Tag��206
Other Customizations��207
Summary��212

Chapter 5: Going Further with Clean REST APIs��213

Encapsulating Minimal Endpoint Implementation��214
Implementing Custom Parameter Binding��219
Example of Custom Parameter Binding from Headers��220
Example of Custom Parameter Binding from the From Data��222
Using Middlewares��225
Using Action Filters��238
Using Rate Limiting��243
The Fixed Window Model��246
The Sliding Window Model��253
The Token Bucket Model��255
The Concurrency Model��257
Global Error Management��259
Summary��266

v
Table of Contents

Chapter 6: Accessing Data Safely and Efficiently��267

Introduction to Data Access Best Practices��267
SQL-Type Data Access��268
HTTP Data Access��269
Architecturing Data Access��269
Accessing Data with Entity Framework Core 8��271
Step 1: Creating the CountryEntity Class��272
Step 2: Creating the EF Core Context��273
Step 3: Configuring the CountryEntity��274
Step 4: Generating the Database Model from C#��276
Step 5: Enabling Resiliency with Entity Framework Core��280
Step 6: Writing the Repository on Top of the CountryEntity��281
Accessing Data with HttpClient and REST APIs��294
Using IHttpClientFactory to Make HTTP Requests��295
Using Refit to Make HTTP Requests��297
Using Polly to Make HTTP Requests Resilient��298
Summary��301

Chapter 7: Optimizing APIs��303

Asynchronous Programming��303
Basics of Asynchronous Programming��304
Using CancellationToken��306
Long-Running Tasks with Background Services��310
Paging��321
JSON Streaming��324
Caching��326
Output Cache��326
In-Memory Cache��330
Distributed Cache��336

vi
Table of Contents

Speeding Up HTTP Requests with HTTP/2 and HTTP/3��342

Summary��343

Chapter 8: Introduction to Observability��345

Basics of Observability��346
Performing Logging��347
Performing Tracing and Metrics Data Collection��363
Implementing HealthCheck��367
Liveness HealthCheck��368
Readiness HealthCheck��370
Summary��374

Chapter 9: Managing Application Secrets��375

Introduction to Application Secret Management��375
Example with Azure Key Vault��378
Summary��383

Chapter 10: Secure Your Application with OpenID Connect��385

Introduction to OpenID Connect��386
Configuring Authentication and Authorization in ASP.NET Core��389
Passing a JWT into Requests and Getting the User’s Identity��395
Summary��401

Chapter 11: Testing APIs��403

Introduction to Testing��403
Efficient Unit Testing��405
Using the Right Tools��406
Testing a SUT Step-by-Step��408
Summary��418

Index��419

vii
About the Author
Anthony Giretti is a senior developer/architect
at Marchex in Toronto, Canada. He appreciates
learning and teaching new technologies and
has a knack for web technologies (more than
17 years’ experience) and a keen interest in
.NET. His expertise in development and IT and
his passion for sharing his knowledge allow
him to deconstruct any web project in order
to help other developers achieve their project
goals. He loves to deal with performance constraints, high availability,
and optimization challenges. Anthony is the author of Beginning gRPC
with ASP.NET Core 6 (Apress), a six-time Microsoft MVP, and a Microsoft
Certified Software Developer (MCSD).

ix
About the Technical Reviewer
Fiodar Sazanavets is a Microsoft MVP and a
senior software engineer with over a decade
of professional experience. He primarily
specializes in .NET and Microsoft stack and
is enthusiastic about creating well-crafted
software that fully meets business needs.
He enjoys teaching aspiring developers and
sharing his knowledge with the community,
which he has done both as a volunteer and
commercially. Fiodar has created several
online courses, written a number of technical books, and authored other
types of educational content. He also provides live mentoring services,
both to groups and individuals. Throughout his career, he has built
software of various types and various levels of complexity in multiple
industries. This includes a passenger information management system
for a railway, distributed smart clusters of IoT devices, ecommerce
systems, financial transaction processing systems, and more. He has also
successfully led and mentored teams of software developers.

xi
Acknowledgments
Completing this book could not have been possible without the
participation and assistance of many people, and I would like to express
my special thanks to them. First, thanks to my wife, Nadege, who never
stopped supporting me. I love you!
Next, I would like to thank the rest of my family for their support.
This book has been written in special conditions since I was
hospitalized for a severe disease that could have taken my life. I haven’t
given up, and I hope this book will please you; if I have completed it, it’s for
a good reason, I hope!
I also would like to thank my colleagues at Marchex, especially
my friend (and colleague) Callon Campbell, who never stopped
encouraging me.
Thanks to my friend Dominique St-Amand, who has never been stingy
with comments to help me improve this book.
Last but not least, Fiodar Sazanavets! Thanks, my friend, for being part
of this journey; you were essential in this new challenge I set for myself.
Without you, I wouldn’t have succeeded.

xiii
Prerequisites
This book is aimed at beginner and intermediate developers who want to
take their Application Programming Interface (API) development skills to
the next level. In this book, I assume you know the basics of .NET, C#, and,
therefore, the fundamentals of Object-Oriented Programming (OOP). I
also assume you’ve already used Visual Studio and know how to use it. As
for web fundamentals, I’ve started from scratch, so if you don’t know much
about the Web, no problem!

xv
Introduction
Dear reader friend, welcome to this book!
In my career, I have worked in various companies and on various
complex APIs. Although each company had its challenges, I can assure you
that they all had one thing in common: their APIs lacked a lot of love and
care. They all suffered from the same problems: poor code organization
due to an accumulation of minor errors over the years, lack of consistency
in the definition of coding conventions, lack of technological refreshment,
misinterpretations of the HyperText Transfer Protocol (HTTP) and
Representational State Transfer (REST) principles, missing logging or bad
logging practice, and not enough care regarding performances.
I have always enjoyed helping teams overcome these difficulties,
and I have decided to write a book to share my experiences and guide
you through the best practices of API implementations. This book will
focus on some technical architecture of an API, but it will focus more on
coding practices to help you avoid the most common mistakes in your
development career. I will not cover solution architecture where an API
is built around other systems, but keep assured; I will show you how to
implement access to external data sources.
At the end of this book, you will know how to develop APIs with ASP.
NET Core 8 properly coded, performant, resilient, secure, testable, and
debuggable. You will go from a beginner/intermediate level to a senior
level by learning precisely WHAT you need to know without feeling
overwhelmed by a ton of information.

Let’s go!

xvii
CHAPTER 1

Introducing HTTP
and REST
Before we dive into ASP.NET Core 8 and API development, let’s first go
back to the basics of any web application. Whether a website is run from a
browser or a web service (web API), it’s always the same principle: a client
and a server will communicate together; a client will send a request to a
server, which will then respond to the client. This is all possible with the
magic of the HTTP communication protocol. Under this protocol, data
can be transported using different formats and constraints. Here is REST!
REST is an architectural concept of data representation. Of course, these
two should not be confused. In this chapter, we will cover the following
content:

• HTTP

• REST architecture style

Unveiling HTTP Behind the Web

The HyperText Transfer Protocol (HTTP) is a network protocol for
exchanging data between clients and servers. This protocol was invented
in 1990 by British computer scientist Tim Berners-Lee to access the World
Wide Web (WWW). WWW makes it possible to consult web pages from

© Anthony Giretti 2023 1

A. Giretti, Coding Clean, Reliable, and Safe REST APIs with ASP.NET Core 8,
https://doi.org/10.1007/978-1-4842-9979-1_1
Chapter 1 Introducing HTTP and REST

a browser using HyperText Markup Language (HTML) through Uniform

Resource Identifier (URI) web addresses. At the beginning of HTTP’s
history, HTML was the language used to create pages, but since then,
HTTP has evolved into a web server that can process data formats other
than HTML. For example, a web server can serve (but also accept as input)
Extensible Markup Language (XML), which is a structured language, or
JavaScript Object Notation (JSON). Of course, a web server can serve other
types of data formats, categorized as Multipurpose Internet Mail Extensions
(MIME) type, and I will come back to this later.
HTTP follows a technical specification called Request From Comment
(RFC), developed by the Internet Engineering Task Force (IETF). There
are a ton of RFC specifications identified by numbers. The common point
among them is that they define the specifications of the Internet and only
the Internet. HTTP is defined by RFC 7231. RFC 7231 can be found at this
address: www.rfc-editor.org/rfc/rfc7231.

Note In this book, I will often refer to RFCs. The reason is that I
want to teach you the good practices for using HTTP. However, in
practice, the actual implementation of those RFCs may differ. Finally,
while this chapter aims to teach you the good techniques with HTTP,
I will not cover all the HTTP capabilities. I’ll stick to what you need to
know about building clean APIs with ASP.NET Core.

There are also different versions of HTTP. HTTP has evolved. I will not
go into details; in the following, you can find the published versions of the
protocol:

• HTTP/0.9 (obsolete)

• HTTP/1.0 (obsolete)

• HTTP/1.1 (still used)

2
Chapter 1 Introducing HTTP and REST

• HTTP/2 (in use but not widely used)

• HTTP/3 (new, not much used)

In this book, I will mainly refer to HTTP/1.1 and sometimes to HTTP/2

and HTTP/3 (when approaching the performance theme).

The Characteristics of HTTP

HTTP has three essential characteristics:

1. It is stateless: This means that after sending a

request to the server and receiving the response,
neither the client nor the server retains any
information on the exchanged request.

2. It is connectionless: An HTTP connection is open

between the client and the server. Once the client
has received the response from the server, the
connection is closed, and the connection between
the two systems is not permanent.

3. It is independent of the media, that is, the server

can transmit any media as long as the client and
the server “agree” on exchanging the content. (I will
return to this when I discuss headers.)

While HTTP is stateless, transmitting information between requests

may be necessary. Most web applications need to recognize the same
user during a browsing session (identify this user through browsing
between several web pages). To achieve this, an RFC describes HTTP
cookies designed to keep user data browser-side. I won’t go into this type
of “persistence” in this book, but I will employ more modern techniques.
However, if you are interested, consult RFC 6265 here: www.rfc-editor.
org/rfc/rfc6265.

3
Chapter 1 Introducing HTTP and REST

These characteristics may seem abstract, but they will become more
apparent as we read this book together. In the next section, I will give
you an overview of HTTP requests and responses. This will help you
understand HTTP before going into detail.

HTTP Requests and Responses

An HTTP connection works as follows: a request will receive a response
unless the connection is broken. Every request and every response works
the same way, and I’ll go into more detail in the next section.
An HTTP request works with elements as follows:

• A client (a browser, an application) initiates an HTTP

request by invoking a URI, the address of the requested
resource on the server.

• The URI requires the use of a verb that will determine

the action to be performed.

• Metadata will be sent in the HTTP request, called

headers. These headers allow controlling the
content negotiated with the server, such as sending
authentication information and much more.

• Parameters are necessary to exchange content with

the server and obtain the response sought, and the
parameters can be in the request’s body, the route, or
the URI.

An HTTP response works with elements as follows:

• The server returns a response with a simple status

code (HTTP status code) to determine how the HTTP
request processing took place.

4
Chapter 1 Introducing HTTP and REST

• The server also returns headers in response to the

client providing with different metadata.

• Finally, the server will return (or not) a payload

formatted in the MIME type requested by the client.

So far, I have briefly described and simplified how HTTP works.

Figure 1-1, therefore, summarizes what we have previously discussed.

Figure 1-1. A basic HTTP request and its response

In the following section, I will detail the HTTP verbs, the request
headers, the format of a URI, the different parameters passed in a
request, the HTTP status codes, the response headers, and the payload
formats returned to the client. Once we finish those points, I will bonify
Figure 1-1 with more details.

HTTP Implementation
Let’s dive into more detail to see what HTTP verbs, request headers,
response headers, and HTTP status codes are and how the client passes its
parameters in HTTP requests combined with the invocation of a URI.

5
Chapter 1 Introducing HTTP and REST

HTTP Verbs
RFC 7231 defines the following verbs:

• GET: This is the most well-known. It allows you to

request a resource from the server and receive a
response in the desired format (defined by the headers,
as we will see later in this chapter). The response is
cacheable (retain information in memory), and we will
discuss it in Chapter 6.

• HEAD: This verb is similar to the GET verb but does

not return any payload; a payload is used to request
metadata at the requested address. Since developers
barely use it most of the time, I won’t use it in this book,
but it’s good to know what it is used for. Like GET, the
server response is also cacheable.

• POST: This verb is interesting because it serves

multiple purposes. This verb allows the creation of new
resources, and its payload is attached to the request’s
body. (I will detail what’s a request body further in
this chapter.) Another way to send data is to use the
form-data technique, which will be described later in
this book. The POST verb also allows modifying data
by adding content to the data (appending data to the
resource representation according to the RFC). The
server response is not cacheable unless freshness
information is added to the response headers (max-
age or Expires headers). We will discuss it again in the
“Request and Response Headers” section.

6
Chapter 1 Introducing HTTP and REST

• PUT: This verb is confusing because the RFC states

that it replaces a resource on the server. Very often,
developers confuse PUT and POST (replace a resource
vs. append data to a resource). The server response
here is not cacheable. However, if a resource doesn’t
exist, PUT should behave as POST by creating the
resource.

• DELETE: This verb is used to delete a resource. The

server response is not cacheable.

• CONNECT: The verb establishes a tunnel to the

server through a proxy (a server to which the HTTP
request will be delegated and access the server for
the requested request). This verb is used for secure
requests with Transport Layer Security (TLS), in other
words, HTTPS. I will also come back to HTTPS later in
this chapter. I never had to use this verb, and I won’t
talk about it in this book. The server response is not
cacheable.

• OPTIONS: This verb can be helpful when you want to

know what verbs are supported for a given URI. It’s also
used in the context of Cross-Origin Resource Sharing
(CORS), which has its dedicated section further in
this book. In the API world, you don’t necessarily
need to use this verb because you will usually know
the available URI for a given endpoint through the
OpenAPI specification. This will be discussed in the
“Extend Your Talent on the Web with REST Architecture
Style” section of this chapter. We will also see it together
in Chapter 4 when I bring up the API documentation
topic. The server response is not cacheable.

7
Chapter 1 Introducing HTTP and REST

• TRACE: A TRACE request sends a request to the

server with no particular payload. This lets you see if
intermediate servers, such as proxies, have altered the
original request. In the context of APIs, this verb is not
used. The server response is not cacheable.

RFC 7231 does not describe all the existing verbs, and there are others!
RFC 5789 defines the PATCH verb. This RFC can be found here: www.rfc-
editor.org/rfc/rfc5789.html.
The PATCH verb can be confused with PUT and POST verbs because
they all allow modifying a resource on a server. PATCH partially updates a
resource (like POST) when PUT tends to replace a resource.
I see many developers confusing each other. Now you are aware of
what the RFCs indicate about these verbs, but see that it is commonly
accepted to use POST for resource creation or to replace GET verb when
there are too many parameters in the URI to put them in the body of a
POST. It’s also commonly accepted to use PUT to entirely or partially
replace a resource even if PATCH is made for that. Personally, I rarely
use PATCH, only when I want to update a single property of a resource
(e.g., a date). From the moment I start modifying and altering several
properties of a resource (a date, a status, a description, etc.), I instead
implement PUT.
If you recall, I briefly mentioned HTTP status codes in this section. The
following section will discuss how status codes link to HTTP verbs. Some
verbs are used essentially with certain HTTP statuses. In the next section,
I will list the HTTP statuses and what verbs they can be associated with.

HTTP Status Codes

HTTP status codes are essential in an HTTP request/response between a
server and a client. They allow the client, when the server’s response has
been received, to be informed of the result of the processing by the server.
HTTP status codes are also governed by RFC 7231. I will not exhaustively

8
Chapter 1 Introducing HTTP and REST

detail each HTTP status class and each HTTP code because RFC 7231
does a pretty good job of doing so, and I won’t use all of them in this book.
Regarding APIs, status codes are essential for clients to understand what
the server is trying to tell us. They provide us with insights on what to
do next.
An HTTP status code has three digits. The first digit defines the status
category, and there are five categories of HTTP status codes:

• 1xx: They are purely informational.

• 2xx: They express that the server received and

processed the request successfully.

• 3xx: They inform the client that the server has

proceeded to a redirection, that is, the resource is not
at the address indicated, but that the request will be
redirected there automatically.

• 4xx: They mean the request (client-side) is malformed

and/or the client (the end user) probably made an
input error in their request. 4xx are errors that the client
can fix.

• 5xx: They tell the client that the request on the server
has not been completed due to an error.

RFC 7231 is not the only RFC that describes HTTP status codes.
However, it describes the codes most often used. RFC 4918 and RFC 6585
complete the list, with other codes covering other scenarios.
Table 1-1, taken from the following RFCs

• RFC 7231: www.rfc-editor.org/rfc/rfc7231

• RFC 4918: www.rfc-editor.org/rfc/rfc4918

• RFC 6585: www.rfc-editor.org/rfc/rfc6585

9
Chapter 1 Introducing HTTP and REST

lists the association between HTTP status codes and HTTP verbs
commonly used as industry standards. I won’t use all of them in this book;
you will not need to know them by heart. On the other hand, knowing their
existence is valuable since you will know their existence and how to use
them when required. Later in this book, I’ll dig deeper into why I’m using
some of them in the code samples I provide.

Table 1-1. List of available HTTP status codes and verbs most often
used with them
Code Reason phrase RFC Associated verb

100 Continue 7231 All verbs

101 Switching Protocols 7231 All verbs
200 OK 7231 GET, HEAD
201 Created 7231 POST
202 Accepted 7231 All verbs
203 Non-Authoritative Information 7231 GET
204 No Content 7231 POST, PUT, PATCH
205 Reset Content 7231 POST, PUT, PATCH
206 Partial Content 7231 GET
207 Multi-Status 4918 All verbs
300 Multiple Choices 7231 All verbs
301 Moved Permanently 7231 GET, HEAD, DELETE
302 Found 7231 GET, HEAD, DELETE
303 See Other 7231 GET, HEAD, DELETE
304 Not Modified 7231 GET, HEAD
(continued)

10
Chapter 1 Introducing HTTP and REST

Table 1-1. (continued)

Code Reason phrase RFC Associated verb

305 Use Proxy (deprecated) 7231 All verbs

307 Temporary Redirect 7231 All verbs
400 Bad Request 7231 POST, PUT, PATCH
401 Unauthorized 7231 All verbs
402 Payment Required 7231 Not used yet
403 Forbidden 7231 All verbs
404 Not Found 7231 All verbs except POST
405 Method Not Allowed 7231 All verbs
406 Not Acceptable 7231 All verbs
407 Proxy Authentication Required 7231 All verbs
408 Request Timeout 7231 All verbs
409 Conflict 7231 POST, PUT, PATCH
410 Gone 7231 All verbs except POST
411 Length Required 7231 POST, PUT, PATCH
412 Precondition Failed 4918 All verbs
413 Payload Too Large 7231 POST, PUT, PATCH
414 URI Too Long 7231 GET but applies to all verbs
415 Unsupported Media Type 7231 POST, PUT, PATCH
417 Expectation Failed 7231 All verbs
422 Unprocessable Entity 4918 POST, PUT, PATCH
423 Locked 4918 GET, HEAD, POST, PUT, PATCH
424 Failed Dependency 4918 All verbs
(continued)

11
Chapter 1 Introducing HTTP and REST

Table 1-1. (continued)

Code Reason phrase RFC Associated verb

426 Upgrade Required 4918 All verbs

500 Internal Error 7321 All verbs
501 Not Implemented 7231 All verbs
502 Bad Gateway 7231 All verbs
503 Service Unavailable 7231 All verbs
504 Gateway Timeout 7231 All verbs
505 HTTP Version Not Supported 7231 All verbs
507 Insufficient Storage 4918 POST, PUT, PATCH

This may seem like a lot of HTTP status codes, but remember that in
99% of the cases, you will only use a handful of codes described here.
Later in this book, we will come back together to some of them, and I
will explain them to you with examples of their usefulness.
Now let’s move on to another essential component of an HTTP request
and response, the request and response headers.

Request and Response Headers

HTTP headers are metadata that allows information to be passed between
the client and the server during a request/response flow. These headers
transport information but are not limited to authentication data and
information on the client’s browser.
In this section, I will differentiate between request headers and
response headers as they differ in nature for their purpose. For both the
request and response headers, RFC 7231 defines each (some are more
detailed, and some are defined in other RFCs, which RFC 7231 refers to).
As in my usual approach you’ve seen earlier, I will not go in depth since

12
Chapter 1 Introducing HTTP and REST

RFCs describe them in detail. Remember that this book will not cover
all possible use cases; specific headers are generated automatically by a
browser during the request, some during the response, and by the server.
You will not need to know them by heart. On the other hand, knowing they
exist is excellent as you get to know they exist and you can customize them
for your needs when necessary.

Note Although RFC 7231 describes (or redirects to other RFCs) the
best-known headers, in reality, there is a complete list of headers
(even the most unknown, but without many details) for which you can
consult RFC 4229 here: https://datatracker.ietf.org/doc/
html/rfc4229.

Request Headers
Like HTTP status codes, request headers are divided into classes, five
exactly:

• Controls headers

• Conditional headers

• Content Negotiation headers

• Authentication credentials headers

• Request context headers

In the following subsections, I will tell you in what RFCs these headers
are described, and I will list the links of these RFCs at the end of this
section.

13
Chapter 1 Introducing HTTP and REST

Controls Headers

There are seven headers in the Controls class. Some of them have various
possible directives (key/value pair):

• Cache-Control: Used to specify cache duration along

the request/response chain. They can handle several
directives, and their name perfectly describes their use.
For more details, I suggest you consult RFC 7234:

• no-cache: Doesn’t accept any value, works by itself

• no-store: Doesn’t accept any value, works by itself

• max-age: Accepts a value in seconds, for example,

Cache-Control: max-age=302400

• max-stale: Accepts a value in seconds, for example,

Cache-Control: max-stale=1800

• min-fresh: Accepts a value in seconds, for example,

Cache-Control: min-fresh=600

• no-transform: Doesn’t accept any value, works

by itself

• only-if-cached: Doesn’t accept any value, works

by itself

• Expect: Used to indicate expectations from the server

to process the request correctly, for example, Expect:
100-continue. For more details, I suggest you consult
RFC 7231.

• Host: Used to indicate the hostname (server) and the

port (optional) from the targeted URI, for example,
Host: www.example.com. For more details, I suggest you
consult RFC 7230.

14
Chapter 1 Introducing HTTP and REST

• Max-Forwards: Used to specify the limit of

intermediate servers (proxies) that forward the request.
Works only with TRACE and OPTIONS verbs and
accepts integer values. Example: Max-Forwards: 1. I
suggest you consult RFC 7231 for more details.

• Pragma: Used as backward compatibility with HTTP

1.0 cache. This header is ignored when the Cache-
Control header is used. Example: Pragma: no-cache.
For more details, I suggest you consult RFC 7234.

• Range: Used to return a port of a document with a

given range of bytes (most often), for example, Range:
bytes 0-2048. For more details, I suggest you consult
RFC 7233.

• TE: Used to specify the chunk transfer coding, for

example, defining the compression algorithm, for
example, TE: gzip. For more details, I suggest you
consult RFC 7230.

Conditional Headers

Five conditional headers allow you to apply a condition on the target

resource for completing the request. Here they are:

• If-Match: Used to check if the requested resource

matches a current representation of the resource, for
example, If-Match: * (any resource) or If-Match: “123”,
which targets a resource with the ETag (Entity Tag)
“123”. ETag represents a specific version of a resource.
For more details, I suggest you consult RFC 7232.

15
Chapter 1 Introducing HTTP and REST

• If-None-Match: Used to check if the requested

resource does not match any current representation
of the resource. Works precisely the opposite of the
If-Match header. Example: If-None-Match: * (any
resource) or If-None-Match: “123,”. For more details, I
suggest you consult RFC 7232.

• If-Modified-Since: Used to check if the target resource

representation modification date is more recent than
the provided date, for example, If-Modified-Since: Wed,
22 Aug 2022 21:56:00 GMT. For more details, I suggest
you consult RFC 7232.

• If-Unmodified-Since: Used to check if the target

resource representation modification date is less recent
than the provided date, for example, If-Unmodified-
Since: Wed, 22 Aug 2022 21:56:00 GMT. For more
details, I suggest you consult RFC 7232.

• If-Range: It’s a combination of If-Match and If-

Modified-Since headers, for example, If-Range: “123”
or If-Range: Wed, 22 Aug 2022 21:56:00 GMT. For more
details, I suggest you consult RFC 7233.

Content Negotiation Headers

Content Negotiation headers are essential in HTTP requests. They allow

the client and the server to understand each other on what format should
be exchanged. They are four in number:

• Accept: Used to define the MIME type that the client

can understand, for example, Accept: application/json
or Accept: application/json, application/xhtml+xml.
For more details, I suggest you consult RFC 7231.

16
Chapter 1 Introducing HTTP and REST

• Accept-Charset: Obsolete. Many browsers and servers

ignore this header. For more details, I suggest you
consult RFC 7231.

• Accept-Encoding: Used to define the compression

algorithm, for example, Accept-Encoding: deflate, gzip.
For more details, I suggest you consult RFC 7231.

• Accept-Language: Used to tell the server what

language the client is willing to accept, for example,
Accept-Language: * (all) or Accept-Language: en-
CA. For more details, I suggest you consult RFC 7231.

Authentication Credentials Headers

Two authentication headers are necessary to interact with resources

protected by authentication. The first is particularly important because it
will be developed in this book. Here they are:

• Authorization: Used very often to authenticate

on the target server. It can handle different
types of authentication, such as bearer tokens
or basic authentication (both will be addressed
in Chapter 9). Example: Authorization: bearer
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9…. For more
details, I suggest you consult RFC 7235.

• Proxy-Authorization: Same as Authorization, it is used

to authenticate proxies. Example: Proxy-Authorization:
basic YW50aG9ueWdpcmV0dGk6MTIzNA==. For more
details, I suggest you consult RFC 7235.

17
Chapter 1 Introducing HTTP and REST

Request Context Headers

Finally, RFC 7231 describes three headers providing additional contextual

data for the server. Here they are:

• From: Used to tell the server who, with an email

address, has sent the request, for example, From:
John.Doe@example.com. For more details, I suggest
you consult RFC 7231.

• Referrer: Used to tell the server what URI the

request comes from, for example, Referrer: https://
anthonygiretti.com. For more details, I suggest you
consult RFC 7231.

• User-Agent: Used to collect information about the user

who has originated the HTTP request, like the browser
capabilities, for example, User-Agent: Mozilla/5.0
(Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36.
For more details, I suggest you consult RFC 7231.

These request headers are the most common headers you see. Don’t
worry about remembering them. This is why RFCs (and my book) exist.
Since RFCs define standards, you will come to know how to use them
when and where over time. Let’s now move to response headers.

Note Although RFCs describe the usage of many headers, you are
free to use your custom headers. You can create a specific request
header for your application and add value to it.

As promised, here is Table 1-2 that references the links for each RFC I
mentioned earlier in this section.

18
Chapter 1 Introducing HTTP and REST

Table 1-2. Recap of mentioned RFCs in the current section

RFC Link

7230 www.rfc-editor.org/rfc/rfc7230
7231 www.rfc-editor.org/rfc/rfc7231
7232 www.rfc-editor.org/rfc/rfc7232
7233 www.rfc-editor.org/rfc/rfc7233
7234 www.rfc-editor.org/rfc/rfc7234
7235 www.rfc-editor.org/rfc/rfc7235

Response Headers
We just went over a series of headers used in an HTTP request. If it is
essential to send metadata to the server, it is not less for the response
headers. They are essential for informing the client (a browser or an
application) of additional metadata relating to the context of the HTTP
response. Some are defined in RFC 7231 and others in RFCs 7232, 7233,
7234, and 7235, already introduced in the previous section.
There are four response header classes. Here they are:

• Control Data headers

• Validator header fields

• Authentication Challenges headers

• Response Context headers

19
Chapter 1 Introducing HTTP and REST

Control Data Headers

These headers are among the most important. These headers make it
possible to enrich the information sent to the client. They are usually
paired with an appropriate HTTP status code. Here is the list of these eight
headers:

• Age: Used to tell the client when (in seconds) the

response has been generated. Usually close to 0, it can
be more than 0 if the response has been cached on a
proxy. Example: Age: 0. I suggest you consult RFC 7234
for more details.

• Cache-Control: Similar to the Cache-Control request

header. The response header value is the same as the
request header. For more details, I suggest you consult
RFC 7234.

• Expires: Used to tell the client the response date and

time is considered outdated, for example, Expires: Tue,
23 Aug 2022 21:35:00 GMT. For more details, I suggest
you consult RFC 7234.

• Date: Used to tell the client when (date and time)

the response has been generated on the server, for
example, Sun, 21 Aug 2022 11:22:00 GMT. For more
details, I suggest you consult RFC 7231.

• Location: Used to tell the client the URI where the

resource can be found after its creation, especially
before a POST request, for example, http://contoso.
com/item/52. For more details, I suggest you consult
RFC 7231.

20
Chapter 1 Introducing HTTP and REST

• Retry-After: Used to tell the client when to retry (date

and time or in seconds) a failed HTTP request due to a
Service Unavailable (503) response, for example, Retry-
After: Wed, 24 Aug 2022 08:15:00 GMT or Retry-After:
60. For more details, I suggest you consult RFC 7231.

• Vary: Used to tell the client what request parameter

header influences the response from the server. “*”
means that anything in the request can affect the
response. Example: Vary: * or Vary: Accept-Encoding.
For more details, I suggest you consult RFC 7231.

• Warning: Used to tell the client any helpful

information. Not recommended since it’s deprecated.
For more details, I suggest you consult RFC 7234.

Validator Header Fields

There are two response headers allowing the addition of metadata to

the representation (version) of the requested resource during the HTTP
request. Here they are:

• ETag: Used to tell the client the version

(representation) of the requested resource. It can be
any string of characters. Example: ETag: “abc123”. For
more details, I suggest you consult RFC 7232.

• Last-Modified: Used to tell the client what date and

time the requested resource has been modified for
the last time, for example, Sat, 20 Aug 2022, 13:45:00
GMT. For more details, I suggest you consult RFC 7232.

21
Chapter 1 Introducing HTTP and REST

Authentication Challenges Headers

The server (or a proxy) allows the client to be told which authentication the
server (proxy) accepts, and there are two:

• WWW-Authenticate: Used to tell the client what

authentication methods the server accepts, for
example, WWW-Authenticate: basic. For more details, I
suggest you consult RFC 7235.

• Proxy-Authenticate: Used to tell the client what

authentication methods the proxy accepts, for example,
Proxy-Authenticate: basic. For more details, I suggest
you consult RFC 7235.

Response Context Headers

Like the client, the server can send additional contextual data related to
the requested resource. There are three:

• Accept-Ranges: Used to tell the client what range

unit the server supports for partial file download, for
example, Accept-Ranges: bytes. For more details, I
suggest you consult RFC 7233.

• Allow: Used to tell the client what verbs the server

supports, for example, Allow: GET, POST, PUT,
DELETE. For more details, I suggest you consult
RFC 7231.

• Server: Used to tell the client the server technology

used to handle HTTP requests, for example, Server:
Kestrel. For more details, I suggest you consult
RFC 7231.

22
Chapter 1 Introducing HTTP and REST

Note Like the request headers, you can use your custom response
headers. You can create a specific response header for your
application and add any value to it.

URI, URL, and More

URI
At the beginning of the chapter, I introduced you to the notion of a URI. A
according to RFC 3986
URI (Uniform Resource Identifier) is,

a compact sequence of characters that identify an abstract or

physical resource.
—www.rfc-editor.org/rfc/rfc3986

In short, this is the address you type in your browser to access a

resource like http://www.google.com.
This is just a simple summary, and a URI is more elaborate. A URI
contains (or can include) the following:

• Scheme (mandatory) is the specification for accessing

the remote resource.

• Authority (mandatory) combines optional user

information, a server address (host), and a port. It must
be prefixed with the characters ://. I won’t detail the
user information in this book since it’s not a relevant
feature for this book.

• Path (optional) is the data identifying a resource

within a particular scope. It must be prefixed with the
character /.

23
Chapter 1 Introducing HTTP and REST

• Query (optional) is the data identifying a resource

within a particular scope. Must be prefixed with the
character?.

• Fragment (optional) is the data that allows identifying

a particular subset of the requested resource. Used
for HTML pages for identifying anchors. For more
explanation, you can visit the following website:
https://html.com/anchors-links/. I won’t detail it
further in this book because it doesn’t make sense since
it discusses APIs and not HTML pages.

Figure 1-2 illustrates what a URI looks like with its parts.

Figure 1-2. URI structure

The structure elements in orange, Scheme, the characters ://, and

Authority, are mandatory. The following elements in blue, such as the /,
Path, ?, Query, #, and Fragment, are optional.
As I indicated previously, Authority comprises several elements,
mandatory and optional. Figure 1-3 will give you an idea of the structure of
Authority.

Figure 1-3. Authority structure

Only the host is mandatory.

24
Chapter 1 Introducing HTTP and REST

To illustrate the structure of a URI, I will show you some

examples now:

• Example 1: The blog’s homepage without any

Path, Query, or Fragment. Only the Scheme
and the Authority are used there: http://
anthonygiretti.com.

• Example 2: The search page of a blog with a Query

parameter: http://anthonygiretti.com/?s=http.

• Example 3: The blog search page with a Query

parameter and a Fragment: http://anthonygiretti.
com/?s=http#book.

• Example 4: A particular page of a blog with a Path:

http://anthonygiretti.com/2021/08/12/asp-net-
core-6-working-with-minimal-apis/.

• Example 5: The same HTML page running

locally on a development machine: http://
localhost:2222/2021/08/12/asp-net-core-6-
working-with-minimal-apis/.

I’ll stop with the URI examples because we’ll return to it in this
chapter’s “Extend Your Talent on the Web with REST Architecture Style”
section.
Once again, if you want to learn what a URI is in depth, I suggest you
read RFC 3986.

URL
You’ve probably heard of the Uniform Resource Locator (URL) before. Well,
I bet you could have confused URI and URL like me. I will demystify this
for you.

25
Chapter 1 Introducing HTTP and REST

The difference between the two is subtle and little known to

developers. A URI defines a resource’s identity, while the URL links a
resource to a specific access method defined by the Scheme. In the
subsection “URI,” I always gave the same example using the http Scheme
value, which invokes HTTP. A URL allows invoking other protocols such as

• File Transfer Protocol: The Scheme value is ftp.

• Gopher protocol: The Scheme value is gopher.

• Electronic email protocol: The Scheme value

is mailto.

• Usenet protocol: The Scheme value is news.

• NNTP: The Scheme value is nntp.

• Telnet protocol: The Scheme value is telnet.

• Wide Area Information Server protocol: The Scheme

value is wais.

• Host-specific file names protocol: The Scheme value

is file.

• Prospero Directory Service protocol: The Scheme

value is prospero.

To learn more about them, I suggest you read RFC 1738, which can be
found here: www.rfc-editor.org/rfc/rfc1738.
I will discuss URLs again in the “Extend Your Talent on the Web with
REST Architecture Style” section as I will for URIs.

And Others…
Two other acronyms can be associated/confused with URI and URL, and
these are the following:

26
Chapter 1 Introducing HTTP and REST

• Uniform Resource Names (URN), defined in RFC 1737

here: www.rfc-editor.org/rfc/rfc1737.

• Uniform Resource Characteristics (URC) are not defined

in any RFC, but you can find some information here:
https://datatracker.ietf.org/wg/urc/about/.

These last two do not represent any interest, at least in this book, but
as you certainly have an unquenchable thirst for learning, I offer you the
resources to cultivate yourself further.

Parameters
Parameters… And, yes, without telling you, we have already discussed
them since this chapter began. What are they for? Well, they are used to
find a specific resource (not always) on the server. How? First, we can use
them differently, and here they are (again). I’m sure this will remind you of
something:

• By header using custom headers: For example,

myHeader: myValue. This is not the recommended
way, but it is possible if needed.

• By the URL path: For example, https://www.rfc-

editor.org/rfc/rfc1738, where rfc1738 is the
target resource’s ID, an HTML page serving the RFC
1738 data.

• By the Query: For example, http://anthonygiretti.

com/?s=http. Be careful here. The Query parameters
do not necessarily allow access to a specific resource
but a set of resources meeting the search criteria.

These last two ways of proceeding are the most adequate, and we will
see why in the “Extend Your Talent on the Web with REST Architecture
Style” section. Yes, I’ve been teasing you for a while in this section, but
we’ll get there soon!
27
Chapter 1 Introducing HTTP and REST

Error Handling
Because HTTP has been well designed, it has been described as an
elegant way of handling errors, because, in absolute terms, incorporating
errors properly into an HTTP response is simply vital. There’s an RFC that
describes this, RFC 7807, which you can find here: https://datatracker.
ietf.org/doc/html/rfc7807.
This RFC defines a JSON contract, named Problem Details, returned in
response to an API client when an error occurs. Problem Details contains
the elements described in Table 1-3, taken as is, from RFC 7807.

Table 1-3. Recap of mentioned RFCs in the current section

Property Description
name

type A URI reference [RFC3986] that identifies the problem type.

(string) This specification encourages that, when dereferenced, it provides
human-readable documentation for the problem type (e.g., using HTML
[W3C.REC-html5-20141028]).
When this member is not present, its value is assumed to be
“about:blank”.
title (string) A short, human-readable summary of the problem type.
It SHOULD NOT change from occurrence to occurrence of the problem,
except for purposes of localization (e.g., using proactive content
negotiation; see [RFC7231], Section 3.4).
status The HTTP status code ([RFC7231], Section 6) generated by the origin
(number) server for this occurrence of the problem.
detail A human-readable explanation specific to this occurrence of the
(string) problem.
Instance A URI reference that identifies the specific occurrence of the problem.
(string) It may or may not yield further information if dereferenced.

28
Chapter 1 Introducing HTTP and REST

Problem Details is very convenient since it is a well-detailed error

contract. I won’t give you any example here since RFC 7807 already
provides some. I will use Problem Details in this book while showing you
how to handle errors with ASP.NET Core 8.

HTTPS, TLS, and HSTS

So far, I haven’t talked to you about security concerning HTTP. Well, here
we are! HTTP does have a problem with security since it allows data to be
exchanged between the client and the server in the clear on the Internet.
As you can imagine, this is a real problem! Transporting unencrypted data
can cause the following issues:

• A hacker can “listen” and steal the data exchanged

between the client and the server.

• A hacker may corrupt data.

• No security authentication ensures that the client

communicates with the website requested by the client.

This is where HTTPS comes in. HTTPS is a secure version of HTTP,

hence the letter S for Secure. The Scheme value will be https, for example,
https://anthonygiretti.com. Unlike HTTP, which runs by default on
port 80, HTTPS runs on port 443 by default. We will see that together
later in this book, but with ASP.NET Core, we can edit the port number by
configuration.
HTTPS is based on the Transport Layer Security (TLS) protocol, which
makes it possible to overcome the problems mentioned previously with
HTTP. That is, HTTPS provides

• Encryption—the data is no longer visible (in the clear)

on the Internet

• Protection of data integrity—they are no longer

falsifiable

29
Chapter 1 Introducing HTTP and REST

• Authentication by ensuring the customer

communicates with the website they requested

Note TLS is an improved Secure Socket Layer (SSL) encryption–

based protocol version. SSL is often associated with TLS, commonly
named SSL/TLS encryption, but in reality, TLS replaces SSL/TLS since
it has been updated since 1996.

So how does SSL/TLS work? A key exchange occurs between the client
and the server. The latter will establish an encrypted connection named
TLS handshake.
You don’t need to know how the TLS handshake works, but if you
are interested, you can learn more about it here: www.cloudflare.com/
learning/ssl/what-happens-in-a-tls-handshake/.
Only the client and the server possessing the decryption key can
encrypt/decrypt the data exchanged. To make it possible, the server
needs to obtain an SSL certificate, which the server’s administrator (or
a developer) will install and has previously been obtained by them from
a Certificate Authority (CA). I won’t go into detail here. This book will
deal with the implementation of APIs with ASP.NET Core. The latter will
automatically (but with your consent) use an SSL certificate when first run
in Visual Studio 2022. However, I will show you how to force your APIs to
use HTTPS when a client invokes a URL by configuring the HTTP Strict
Transport Security (HSTS) policy mechanism in ASP.NET Core. To learn
more in depth about HTTPS, TLS, and HSTS, they are described in the
following RFCs:

• RFC 2818 for HTTPS: https://datatracker.ietf.

org/doc/html/rfc2818

• RFC 8446 for TLS: https://datatracker.ietf.org/

doc/html/rfc8446

30
Chapter 1 Introducing HTTP and REST

• RFC 6797 for HSTS: https://datatracker.ietf.org/

doc/html/rfc6797

I advise you to read these RFCs only if you feel the need to understand
every aspect of HTTPS, but in everyday life, what you will have to
remember is the need to install an SSL certificate on the server, which will
allow the exchange of an encryption/decryption key on the server and the
client where the data will no longer be readable in plain text or modifiable
on the Internet. Figure 1-4, therefore, summarizes the situation.

Figure 1-4. A basic HTTPS request and its response

As simple as it may seem, this figure demonstrates (almost) exactly

what anyone trying to spy on an HTTPS request sees.

Let’s Put the Pieces of the Puzzle Back Together

Here we have a set of concepts described by RFCs. I introduced you to
what HTTP is by starting with a basic diagram symbolizing what each
concept implies in HTTP. This book deals with APIs that serve data in
JSON format (remember the MIME type application/json) and not HTML
or other pages, but the principle remains the same. To finally see and
understand what an HTTP request does, I will redo a more detailed version
of Figure 1-1 with Figure 1-5. The latter describes the invocation of the
URL www.myServiceApi.com/scope/someId with the GET verb, accepting

31
Chapter 1 Introducing HTTP and REST

only the application/json format and the en-CA language; accepting gzip,
deflate, and br (Brotli) encoding; and finally authenticating with the basic
authentication. The response returns status 200 OK with the requested
Content-Type application/json, the Content-Length response, the server
technology (Kestrel), and a JSON payload. I voluntarily let the request and
response data clear even if HTTPS appears in Figure 1-5.

Figure 1-5. A “real-life” HTTPS request and its response

As simple as it may seem, this figure demonstrates (almost) exactly

what anyone trying to spy on an HTTPS request sees.

E xtend Your Talent on the Web with REST

Architecture Style
In 2000, an American computer scientist named Roy Fielding defined the
architectural style used for web service development: Representational
State Transfer (REST). HTTP is a protocol defined by a committee
issuing RFCs; REST is a concept. A concept that does not redefine

32
Other documents randomly have
different content
The Project Gutenberg eBook of The 3rd Party
This ebook is for the use of anyone anywhere in the United States
and most other parts of the world at no cost and with almost no
restrictions whatsoever. You may copy it, give it away or re-use it
under the terms of the Project Gutenberg License included with this
ebook or online at www.gutenberg.org. If you are not located in the
United States, you will have to check the laws of the country where
you are located before using this eBook.

Title: The 3rd Party

Author: Lee B. Holum

Illustrator: Kelly Freas

Release date: March 30, 2019 [eBook #59160]

Language: English

Credits: Produced by Greg Weeks, Mary Meehan and the Online

Distributed Proofreading Team at http://www.pgdp.net

*** START OF THE PROJECT GUTENBERG EBOOK THE 3RD PARTY

***
THE 3rd PARTY
BY LEE B. HOLUM

A series of "incidents" had provoked

a state of emergency between two great
powers.
The reason was obvious. But why a single
chemist as bait—and who was the third
party?...
The 4th award winner in IF's
College Science Fiction Contest.

[Transcriber's Note: This etext was produced from

Worlds of If Science Fiction, March 1955.
Extensive research did not uncover any evidence that
the U.S. copyright on this publication was renewed.]
Snow beat against the tall windows of the terminal building. The
howling of the wind around the corners of the building and across
the broad expanse of the rocket field went unheard by the
thousands who streamed across the crowded floor. Each was intent
on his or her affairs, hurrying to board one of the tall spires out on
the snow covered field, seeing someone off, or waiting for incoming
friends.
Roger Lorin and his wife waited near the entrances to the boarding
tunnels for the announcement that would send them out under the
field to their rocket. The shouts of porters and the voices of excited
passengers mingled with the noises of the terminal. Groups of
people moved across the floor like the currents of the ocean.
Suddenly, the announcer's voice boomed out over the p. a. "All
passengers for the Arctic City rocket report to tunnel seven."
"Come on Linda," Roger said. "That's our ship." He hurried his wife
toward the tunnel entrance. A few minutes later they stepped off the
conveyer walk at the bottom of an elevator shaft. The gray
uniformed attendant checked their tickets, before the glass cage
lifted them to the lock entrance high on the side of the rocket. The
wind sang its mournful song around the corners of the cage and
fired volleys of snow against the glass. At the air lock entrance, a
stewardess checked their tickets a second time.
"Couches 34 and 35? Follow me, please." She led them up one deck
and over to a pair of couches, one of which was next to a small
eyeport.
"Take the one next to the port, honey," said Roger. "The view's
worth seeing."
A moment later, a buzzer sounded, and a red light flashed on near
the hatch to the deck above. The voice of the pilot came over the
intercom system.
"We are blasting off in five minutes. All passengers who have not
strapped in will please do so immediately." Three minutes went by,
and the final warning buzzer sounded. After another two minutes,
the rumble of the motors came from the tail of the ship. The rocket,
a towering silver needle with orange flame spouting from its lower
end, paused on the field as its motors warmed up. Then it rose
majestically on a column of fire and disappeared in the swirling
snow.
Linda was surprised to find that the sound of the blast off was not as
loud as she had expected. Neither did she find the acceleration of
two and a half gravities excessively uncomfortable. The brightly
lighted compartment made the scene outside the eyeport seem
dark; although it was only four-thirty in the afternoon. Tiny pellets of
snow streamed by the port during the few seconds it took the rocket
to scream through the lower atmosphere. Then the ship burst
through the clouds. Linda gave an exclamation of surprise and
pleasure at the sheer beauty of the sight. The clouds rose like
tumbled snowy mountain ranges under an ice blue winter sky. The
setting sun painted their tops in brilliant hues of pink, orange, and
violet. Their eastern sides lay in blue shadow honeycombed with
caves and grottos.
"It's beautiful!" exclaimed Linda. "I never dreamed it would be like
this."
"You have to see it to really appreciate it," Roger said. "Descriptions
never do it justice."
As the rocket continued to rise, the clouds flattened until they
resembled pack ice on an arctic sea. More of Earth became visible,
and spots of green and brown appeared on the southwestern
horizon. Finally the blue of the Pacific crept into view, brilliantly
contrasted against the now black sky.
"You may be able to see a few stars if you don't look toward Earth or
the sun," Roger said to Linda. Linda followed Roger's instructions;
and, sure enough, a few stars appeared, unwinking points of light
against black velvet. Now over three hundred miles above Earth, the
rocket had crossed the frontier into outer space.
The rocket passed the top of its arc and the scenery was forgotten;
the natural fear of falling to which all humans are heir asserted itself.
Linda suddenly realized that there was no sensation of weight and
that the rocket was falling steadily through space.
"Is ... is everything all right?" she asked in a weak voice.
"Don't worry dear," Roger replied soothingly. "We'll be landing in
another half hour. You won't have to go through much more of it."
"Thank goodness!" Linda breathed a sigh of relief and laid her dark
head on Roger's shoulder. Roger put his arm around her and held
her until the rocket came in with a squeal of runners against hard
packed snow. Lights flashed by the eyeport as they slid along the
runway. In the distance the lighted, slablike towers of Arctic City
loomed against the dark sky. The night was clear and bitterly cold.
The rocket slid to a stop, and an electric tractor came to tow the
ship to the top of an elevator shaft. A few minutes later the
passengers streamed along a conveyer walk into the Arctic City
terminal. The sounds of hurried activity echoed through the tunnel.
The rumble of heavy freight conveyers, the shouts of stevedores, the
whine of heavily loaded electric motors, and the hum of conversation
mingled in a medley of sounds that spoke of commerce and industry,
of people busy at an almost endless array of tasks.
"Are you Roger Lorin?" The question came from a short, stocky,
gray-haired individual.
"Yes, I am," Roger replied.
"I'm Jacob Darcy. I'm supposed to show you to your apartment and
help you get oriented."
"Good," Roger said. "You lead. We'll follow." Darcy turned and led
them to a small electric monorail car which sped them through a
maze of underground streets past the windows of many shops and
stores.
After a ten minute ride in the monorail and a fast ascent in an
elevator, the three of them entered a small apartment high in one of
the slablike buildings. The apartment was comfortable and compact,
though not luxuriously furnished. One transparent wall of the living
room looked out over the city and the arctic landscape.
"I thought things would be more primitive," said Linda as she looked
around her future home. "This doesn't seem like a frontier at all."
"No," Darcy replied with a smile. "Arctic City is pretty well built up.
Conditions are a lot better here than they are in some of the mining
centers farther north." He turned to Roger. "I'll be around tomorrow
morning to show you the labs. Sometime around eight or eight
thirty."
"I'll be ready," replied Roger. "It should be interesting to see the
facilities here."
"I suppose the high temperature work will be most interesting to
you," said Darcy. "I read your paper on molecular linkages. We'll
sure be able to use you. We're having the devil's own time with the
linings for the reaction chambers in the neutron pile."
"I hope I can help," said Roger. "The cooling problem should be
quite a challenge without the extreme temperatures and high
vacuum that we had at the moon labs."
"That's right. You did work on the first neutron pile, didn't you?"
Darcy said as he prepared to leave. "That makes it much better.
There are too few men with practical experience in neutron pile
work."
It had long been known by physicists that tremendous amounts of
energy could be released if matter could be collapsed to form
neutrons. This step had been achieved in 2047 A. D., at the Lunar
atomic laboratories. The Arctic City pile was the first attempt to
apply it to industrial uses.
Up to this time (2054), man had been barred from the planets by
the lack of a fuel cheap enough to make trips across interplanetary
space economically feasible. Long, economical orbits could be used;
but these brought on psychological problems resulting from living in
cramped quarters for long periods of time, and problems of carrying
enough supplies for such long trips. In shorter orbits, the profits
would be burned up in excessive fuel consumption. The most
efficient fuel was monatomic hydrogen, which is highly unstable
unless dissolved in a catalyst to keep it from exploding at ordinary
temperatures. The catalyst and the process for making the fuel were
both expensive. Moon colonies were maintained only because the
moon was the best known source of germanium; and its vacuum
was a valuable location for astronomical observatories and atomic
research laboratories.
The neutron pile applied to space travel would make an
interplanetary civilization possible. The pile, releasing neutrons and
ions at velocities approaching that of light, would make use of small
amounts of inexpensive materials as fuels.
It also had frightening potentialities for mass destruction.
The ambassador of the South American Republic thought of the
destructive possibilities as he rode the small monorail car toward the
Government Center in Chicago, which was now the capital of the
North American Union. The shore of Lake Michigan was studded with
tall skyscrapers connected by streets with transparent coverings. At
ground level, a system of conveyer walks ranging from the hundred
mile per hour strips in the center to five mile per hour strips on the
edges, whisked brightly clad people about their business. On the
second level, monorail tracks carried the high speed freight and
passenger traffic of the city. The ambassador's car pulled in at a
second level siding near the loading platform for the Government
Tower. As he stepped from his car, he was met by two secret service
agents who escorted him to the office of the Secretary of State.
The Secretary sat behind a large desk in a comfortably furnished
office on the eightieth floor. Through the large window wall behind
the Secretary, the scattered towers of the city were somewhat
obscured by flying snow and the gloom of a December morning.
The distinguished looking man behind the desk had served his
country well during the past thirty years. He knew the problems
faced by such nations as the South American Republic, the League
of Islam, the Asian Commonwealth, the decadent subject nations of
western Europe, and the tiny, constantly warring states that
comprise what was left of the once mighty U.S.S.R. That morning he
had sent a note refusing help to the Baltic Federation, which had
accused the Arctic League of aggression. The North American Union
had no desire to enter foreign wars that did not concern it.
The Secretary rose and extended his hand.
"Good morning," he greeted the ambassador as he shook hands with
him. "Have a seat." The Secretary waved toward a comfortable chair
near the desk. The ambassador seated himself with his overcoat
across his knees.
"I cannot get used to your cold weather," he said good naturedly. "I
have spent too much time in the tropics."
"We seem to be getting an unusually cold winter," the Secretary
replied. "I'll have to admit that Chicago doesn't compare with Rio as
far as weather is concerned."
"I wish that I were there now," the ambassador said in a more
serious tone. "I would not have to discuss with you this trouble that
has come up."
"What trouble?" the Secretary asked. "Your note wasn't clear about
what you wished to discuss with me."
"As you probably know, there are groups in my country that fear the
technical developments that have been going on during the past ten
years," the ambassador replied. "They do not know your country as
well as I do, and fear that you will use the neutron energy discovery
as a weapon."
"Why should they fear our energy developments?" the Secretary
asked. "The Lunar atomic laboratories are open for inspection at all
times, and the pile being built in the Arctic is no secret either. All the
developments are private ventures. The idea of making neutron
bombs hasn't even been raised in Congress."
"Unfortunately my people do not know this," replied the ambassador.
"These groups have used much propaganda and have thoroughly
misled the masses. That the laboratories are located on the moon
does not help. You know how rigid the requirements are for those
who would travel in space. Several men from my country have not
been allowed to go for health reasons. This naturally feeds the
suspicions of my people, who do not understand why such things
must be done. To remedy this trouble my government has instructed
me to arrange for a meeting between our presidents."
"I think such a meeting would be possible," the Secretary said. "I'm
sure that the president will understand the situation. The memory of
the twentieth century won't fade easily. I'll see if a trip to the Lunar
laboratories can be arranged. It would be good if some members of
the dissatisfied groups were allowed to make the trip."
"That would be very good," replied the ambassador. "It would help
to counteract their propaganda. They are seeking power, and would
gain it at the expense of good will between our nations. This will
very effectively remove the source of their grievances."
"I'll bring it up at the cabinet meeting this afternoon," the Secretary
said. "It would be wisest to get this business moving as fast as
possible."
The ambassador rose from his seat. "You will let me know the
outcome of the meeting as soon as you can?"
"Yes," replied the Secretary. "As soon as it's over."

The laboratories at Arctic City were fairly new but already had the
cluttered appearance of all research labs. Electronic instruments,
coils of wire, and various articles of chemical apparatus lay on the
work benches. One room held the dial-studded face of a computer.
Another contained several induction and carbon arc furnaces used in
high temperature work. Men wearing white smocks or plastic aprons
went quietly and efficiently about their tasks.
Roger and Darcy entered a lab in which a man sat staring at the face
of an oscilloscope, where weird figures danced in yellowish-green
tracery. The bench was covered with a bewildering array of
equipment. A row of gas discharge tubes glowed with varicolored
light. From them a spaghetti-like arrangement of many colored wires
led to various instruments scattered along the bench.
"How's it coming, Phil?" Darcy asked.
The man looked up from his work. "Hi, Jake," he said. "I might get
somewhere if this oscillator would stop wandering all over the place.
This thing doesn't seem to be very accurate at high frequencies." He
indicated a piece of equipment connected to the oscilloscope.
"I'll sure be glad when we get a good physical chemist to do this
work. My business is ceramics, and I'm getting sick and tired of
wrestling with his wiring."
"Well," said Darcy, "you won't have to worry about this any more.
This is Roger Lorin, our new physical chemist. Roger, this is Philip
Gordon, our ceramics expert."
Gordon grinned and extended his hand. "I'm glad to meet you," he
said. "Sorry I blew off like that. I just get disgusted sometimes."
"It does get frustrating," Roger agreed as they shook hands.
"Electronics is rather tricky."
"You're right there," replied Gordon. "Especially when you don't
know too much about it. What I learned about electronics in college
has long since departed. Take a look at this set up. It's about as
poor a job of haywiring as you'll find anywhere."
"I see you're using high frequency excitation to get your high
temperatures," Roger commented. "Just what compounds are you
working with?"
"I've been working with some plastics, inert stuff, to see just what
they'll react with, and how fast they'll react at high temperatures."
"It isn't too easy," Lorin said. "It never has been easy to find
reaction rates. I'll get to work on these this afternoon. Maybe I can
get some of these finished tomorrow or the next day."
"Thanks," Gordon said in a relieved voice. "It'll be good to get some
results I can rely on."
Lorin and Darcy left the lab and walked through a winding
succession of corridors until they came to a large room. One wall
was lined with catwalks linked by metal ladders. Men in coveralls
moved against the slate gray background like insects on the side of
a building. Through a door to their right Lorin could see banks of
instruments at which several men were working.
"This is the south face of the pile," Darcy said. "Most of the
instruments are located here. The Klysten converters are mounted in
that room over there." He indicated a door on their left.
"I'd like to see those," Roger said. "I hear that these are pretty large
compared with what we had at the moon labs."
"They're big enough all right," Darcy said. "Each one is four stories
high. We had a deuce of a time evacuating them."
As Darcy said this, they stepped into a long high room. To their right
stood six immense transparent tubes. Each tube contained a grid of
thick steel bars which was mounted so that it completely surrounded
a coil of heavy copper bar in the center of the tube. The steel bars
had been treated so that a magnetic field would build up rapidly
when they were exposed to hard radiations. The radiation beams
were passed into the grid in pulses, thus causing the magnetic field
to build up and collapse rapidly producing current in the coils by
induction. The tubes were generators with no moving parts except
electrons and protons. The system used about seventy-five per cent
of the energy produced by the pile. The residual radiation was
released as greenish yellow light.
"Why are they transparent?" Roger asked. "I should think that
metals would be stronger and easier to manage."
"The transparency helps us to maintain a more accurate control,"
Darcy replied. "When the light shifts toward the blue, we know that
more energy is being released as radiation, and can shut down the
tube before it gets a chance to heat up too much."
"Good idea," said Roger. "Control was our worst trouble at the moon
labs."
"We'll use this until we find something better," said Darcy as they left
the pile area.

Unknown to Roger Lorin, events which would shape the course of

the next few weeks, and would ultimately change his whole life were
taking place far to the south. A third party had entered the political
stage of the Western Hemisphere. The League of Islam had finally
decided to do something about an incident which it had never
forgiven. Over thirty years earlier, the Union had sent marines into
the Suez Canal area to stop alleged assaults against American
citizens. In a sense, the North American Union had indicated that it
thought of the League of Islam as nothing more than a backward
group, which could be pacified whenever trouble arose within its
borders. The insult had never been forgotten by the fanatically
nationalistic Moslems. Only the greater military might of the North
American power had prevented a war at that time. Now, the League
had decided that the time was ripe to gain immunity from such
insults forever by some shrewd political maneuvering.
Working through a small dissatisfied political party in South America,
they used the North's development of neutron energy to create fear
in the minds of the people of the southern republic. By stimulating
this fear, the Arabs hoped to weaken both powers through war, and
thereby to gain power and prestige among the nations. The League
hoped to gain through political devices what it could never get in
open war.
Up to January 5, 2055, the leaders of the western hemispheric
powers did not realize what was actually taking place. But then
reports began coming into the offices of the investigators of both
nations which changed the picture.
On January 2, an American oil well in the Gulf of Mexico had been
blown up. The saboteur was not caught, since the bomb had been
cleverly hidden sometime before the explosion. Two days later, in the
state of Venezuela, an official of the South American government
was shot and killed. Although the assassin escaped after a grueling
two day chase and was never really identified, there were plenty of
rumor mongers to remind the people that the dead official had held
opinions that were not favorable to the North American Union.
Accompanied by such incidents friction between the two nations
grew.
The events that set the pot to boiling, and nearly caused it to boil
over occurred at Arctic City. Up to this time, Roger Lorin had
considered the reports of such incidents as news that seemed rather
unreal, because of its distance from his immediate affairs. Now,
however, he found himself in the middle of the trouble between the
two nations. Although he scarcely knew it, he had become a key
man on the neutron pile project. His research into the physics of
interatomic and intermolecular forces had aided materially the work
on the pile.
It started, innocently enough, during the early afternoon of January
9, when a group of ten men ostensibly bound for a mining town
farther north, took a guided tour of the pile area. About one sixth of
the reaction cells into which the pile was divided for convenience,
were in operation; and the six converter tubes were aglow with
greenish yellow light. The entrance of the men into the central
chamber was the signal. A previously planted bomb exploded with
enough violence to shatter the tubes; filling the converter room with
greenish yellow fire and hard radiations.
A smoke bomb provided extra screening and the group hurried down
a side tunnel under cover of the gray mantle. Roger heard the
sounds of confusion accompanied by the clangor of an alarm bell,
announcing that hard radiations were loose somewhere in the plant.
He stepped to the door of the lab, and a gas gun exploded in his
face. He knew nothing more, until he awoke aboard a fast moving
jet.
The convertiplane winged through the Arctic twilight for nearly two
hours, and finally came down on a flat stretch of snow covered
tundra, near the shore of the Arctic Ocean. A group of three dome
huts stood at the base of a low cliff. Otherwise, the scene was one
of silent, dark desolation.
One of the men handed Roger a pair of insulated, electrically heated
coveralls. Roger put them on without argument. Next, the man
motioned toward the hatch with a machine pistol. "Get movin'," he
snapped. "Make it quick. And don't try to run for it. You wouldn't get
far."
Roger dropped through the hatch and waited quietly. When his
captors finally dropped through the hatch, they steered him none
too gently toward the middle hut.
On his right as he entered, three men sat playing cards around a
small table. To his left, a man lay on a cot reading a magazine by
the light of a mining lantern. Roger was shoved across the main
room, through a passageway and into a room on the right. The
metal door clanged shut behind him, and the bolt shot home with
the finality of a prison gate.
"Well, I see I have company," a voice came out of the gloom. As
Roger's eyes grew accustomed to the dimness, he saw an old man
sitting on the edge of a narrow cot.
"Who are you?" Roger asked in a bewildered voice. "And just what's
been going on? Why should I be kidnapped and brought to this God
forsaken spot?"
"You must be the chemist they were talking about," the old man
replied. "I heard them say something about one of the chief
chemists at the neutron pile project. As for me, my name is Dr.
Alexander Nolan. I came up here in my plane about a month ago to
write up some historical research I've been doing during the past
five years. Instead, your kidnappers came in and took over. But here
I am rambling on about myself as usual. What's your name, young
fellow?"
"I'm Roger Lorin," Roger replied. "I'm a chemist all right. I was
working at Arctic City on the neutron project, but I still can't figure
out why I should be kidnapped. They couldn't get any ransom, and I
don't have any information that would be useful to them. I just don't
see it."
"Roger Lorin, eh," the historian mused. "I think I see why you were
kidnapped. You're more important than you think you are, which is
unusual. Most men think that they are more important than they
really are. I suppose you've heard about the oil well that was blown
up in the Gulf of Mexico and the man who was shot and killed down
in Venezuela. Now, if some North American Citizen were to be found
dead, possibly tortured for information about the neutron pile, it
might be just the spark that sets off the powder keg that's been
building up during the past ten years."
"But why should South America do anything like that?" Roger asked
nervously. "They have nothing to gain by such actions. We've shared
the information on pile developments since the projects were
started."
"Oh, but South America is not the power behind this business,"
Nolan said gently. "I'll admit that the evidence seems to point to
South America, but I have reasons to believe that another power is
behind this."
"But which one could it be?" asked Roger.
"Indications point to the League of Islam," replied Nolan. "They are
clever, but a student of political history can get some insight into
their plans if he looks carefully enough. If you're interested, I can
give you some background."
"Go ahead," Roger said. "I'd like to find out what's behind this."
"Well," the historian began. "I guess that you could say that this
story goes back 4000 years. The hatred between the Jews and the
Arabs goes back that far, and it plays an important part in the
present situation. Actually the seeds of the present trouble were
planted more than a hundred years ago, when the United States
helped the Jews set up a republic on land that the Arabs considered
theirs. When the republic of Israel was established, many Arabs
were driven from their homes. Added to this, American economic aid
to Israel didn't help our relations with the Arab world. As a result,
the fifties and sixties of the last century were a time of unrest
throughout the Middle East.
"A short war between Israel and the Arab States lasted from 1946 to
1949. The Arabs lost out, but border incidents occurred
intermittently until 1969. After the United States and Russia were
involved in the Two Week Chaos, the Arab League moved against
Israel. The Arabs had grown in strength during the preceding twenty
years and were able to push the Jews out of Palestine or put them
under their control.
"Under agreements made in the United Nations, the United States
sent an expeditionary force to the Holy Land. The whole affair was a
debacle. America had been weakened by the atom bombing of many
of her cities and military establishments. Russia was also out of the
running. After the death of Malenkov in 1968, one of the party
leaders had tried to bring union by starting a war. After American
retaliation with hydrogen and atom bombs, the growing resentment
of the Russian people against an undesirable system exploded into
open revolt. The Soviet Union became a disorganized crazy-quilt
pattern of small, constantly warring states.
"On top of the destruction of atomic war, came the great economic
collapse of 1970. The financial structure of the United States and her
allies fell apart, and with it the United Nations went down into
oblivion. The states of the Arab League could now do much as they
pleased without outside interference.
"The Two Week Chaos and the great collapse incapacitated the
western powers for nearly thirty years. The Arab States prospered
and formed the League of Islam in 1990. The League covered the
eastern end of the Mediterranean and the coast of North Africa.
During this period, South America had formed the South American
Republic and became a world power.
"The North American Union, which was formed in 1997, wished to
take up where the United States had left off in the development of
Arabian oil. The Arabs, who had developed the fields themselves
with help from South America, had no desire for North American
intervention. The Americans, who had a long term lease signed in
the late fifties, were not willing to give up so easily, and hard feeling
developed. The Suez incident of thirty years ago and the American
control of the moon and the satellite stations didn't help matters any.
"When the Americans finished the first satellite station in 1984 and
landed the first rocket on the moon in 1991, the Arabs became
apprehensive and made known their wish to build a spaceport in the
Sahara Desert. The North American Union, which had a monopoly on
rocket building facilities, refused to allow it, out of fear of the
growing strength of the Arabs. I think that that was a serious
mistake. The sight of the satellites passing overhead, plus the
knowledge that they belong to an unfriendly power doesn't help to
create good will. The fact that the moon has an independent
government makes it worse. The leaders of Islam know that the
Lunar government wouldn't allow nationalism in space. I guess you
know how the Lunar citizens feel about the North American
monopoly on space travel."
"They don't like it," Roger said. "They feel that they could be more
independent if they were receiving supplies from more than one
source. Lunar government is nothing more than a form, set up by
the North American Union to keep up appearances. The moon isn't
self sufficient enough to make its independence more than a form. If
the Lunar colonies could trade with more than one nation, they
could maintain their independence by the moon's natural defensive
position; and control of the satellite stations would help to ease
international tensions. There's not much chance of a dictatorship
being formed there, because the colonists are too individualistic and
are interested in their government. It looks to me like both sides are
at fault in this mess."
"That's usually the case," the historian commented. "The Arabs
aren't free of blame either. Some of their tactics in the Holy Land
weren't exactly calculated to win the good will of the United States,
and they have been rather violent in some of their dealings with our
citizens."
The conversation was interrupted when one of their captors opened
the door a few inches and slid two cans of food concentrate through
the crack.
"I see dinner has arrived," Nolan said as he stepped over to the door
and picked up the containers. He handed one to Roger, and the two
men removed the tops. In a few minutes a coil in the sides of each
container heated the contents, and the prisoners ate a warm if
uninspiring meal. Plastic spoons fastened to the sides of the cans
served as utensils.
After they had finished the food, the two prisoners sat and discussed
various topics until late in the evening, when they finally turned in.
Outside, the temperature dropped to sixty degrees below zero. The
stars sparkled with a brilliance that was reminiscent of outer space.
Once the frosty stillness was broken by the whine of the jets of a
cargo plane, hauling a train of ore gliders from the mines on an
island farther north. In the front room of the center hut a guard sat,
watching a number of television screens which showed the area
around the camp bathed in infra red light. In front of the hut lay the
convertiplane, a shining, bluish silver dart with its needle nose and
swept back wings and tail. Near the cliffs back of the huts, Nolan's
small two seater lay with its channel wings folded into the fuselage.
At six, Roger was awakened roughly by one of the guards. He was
given a can of concentrates which he ate quickly, his eyes straying
now and then to the big machine pistol held by one of his captors.
After Roger had eaten, he was ordered out to the plane and
strapped into a seat, an armed guard beside him. With screaming
jets blowing air over its channel wings, the convertiplane lifted from
the snow and, a few minutes later, streaked into the dark sky under
the power of its main jets.
Three hours later they descended to the yard of a large house on
the outskirts of Denver. The scattered buildings of the city lay on a
blinding white blanket of snow that sparkled in the winter sun like
minute jewels. Roger was hurried into the house and soon stood in
the middle of a spacious living room, his hands held firmly by steel
handcuffs. He faced a man with swarthy skin and dark hair, a typical
Latin type.
"Señor Lorin," the South American said and motioned toward an
easy chair. "Please be seated. Perhaps you are tired after your trip."
"The trip was all right," Roger replied coldly, "though I don't like
traveling against my will. I trust that the Arabs are paying you well
for this little job."
A momentary look of surprise crossed the man's handsome features,
but he smiled quickly and said in an affable voice tinged with
surprise. "Arabs? What do they have to do with this? I do not know
any Arabs. You do me an injustice to think that I would work for any
other country than my own."
Hoping that the results would justify his confidence, Roger replied.
"Quit trying to bluff. South Americans have no reason to kidnap me.
They'd have absolutely nothing to gain and plenty to lose by such
actions. Even if they could fight a long drawn out war with us, they'd
lose in the end. Why most of your scientists and engineers receive
their graduate schooling up here. I met quite a few of your
countrymen during my school days."
"You are an astute man," the South American smiled. "Yes, I am
actually working for the League of Islam." He admitted it blandly
without apparent conscience or remorse.
"I can't say that I admire a man who'd sell his country, and not only
that but the whole western hemisphere down the river. Did they pay
you thirty pieces of silver?" Roger asked scornfully.
"The stakes are much higher than that," the traitor replied, without
apparently being affected by Roger's scorn. "An empire awaits those
who are bold, greater power and riches than any ruler has even
known before."
"I thought that we had left that behind with the twentieth century."
"The desire for power is always with us," the traitor, whose name
was Manuel Juarez, said. "If I do not get it, someone else will. The
struggle never ends."
"Maybe that's true in some parts of the world," Roger said, "but we
don't do things that way here."
"Be that as it may," Juarez said with finality. "We won't speak of it
again." Abruptly he turned his chair toward a blank wall and pressed
a button on the arm of the chair. The whole wall lit up with stereo
color, and the room resounded with the hum of a crowd of people.
"Skiing is an interesting sport," Juarez commented. "I enjoy
watching the skill with which the skiers perform in these
tournaments."
Roger and Juarez watched a symphony of graceful form and
movement against a backdrop of snow, blue sky, and tall pines. Both
men sat in chairs that moulded automatically to the shape of the
body. Radiant heat bathed them in warmth that was a pleasant
contrast to the wintry scene in the television wall.
The instrument which showed them the ski tournament so clearly
represented a force that had killed an entire industry eighty years
earlier. The economic collapse and the development of good color
stereo television had resulted in the complete destruction of the
movie industry. Although there was still much poor entertainment on
the air, any person could usually find entertainment to suit his taste,
whether it was for adventure stories or Shakespeare, for popular
music or the works of the great composers.
Roger was held in the house for about a week and a half. Although
he did not know why he was held for such a long time, he knew that
he was being watched with unceasing vigilance. He had no chance
to escape. Then suddenly the enforced inactivity was over.
Juarez and two guards entered his room. All three were dressed in
outdoor clothing and were armed.
"You will come with us peacefully," Juarez warned. "If you try
anything foolish, we will not hesitate to kill you. We have other plans
for you, but your death here would serve our purpose."
Roger went. They left the house and prepared to enter a small
channel winged plane. The craft had a tear shaped body flanked by
two pontoon-like cylinders. Each cylinder contained two small jet
engines, one blowing a stream of air forward and the other blowing
a stream backward across wing-like plates. The supersonic blasts
gave the wings enough lift so that the plane could hover, rise
vertically, or move forward or backward with equal ease. Such
planes could attain a speed of 450 miles per hour.
At this time, a small patrol plane of the same type was flying slowly
through the area. Both of its occupants were thoroughly bored, and
one of them began to look around through a pair of light amplifying
binoculars. He spotted the abduction scene taking place below.
Every detail, including Roger's handcuffs, was crystal clear. The
patrolman, his curiosity aroused, switched to ultraviolet sensitivity,
but saw none of the code numbers that appeared on the bodies of
all police planes. Handcuffs and no police markings meant a check
report to police headquarters.
"Patrol 67," the policeman reported into the radio. "There's a
prisoner being held in Zone 18. The plane has no police markings.
The prisoner is about five feet, eleven inches tall, has light hair, a
rather large nose, and is wearing a green jacket over gray coveralls.
One of the other men is dark, short, and stocky."
"That sounds like Roger Lorin," came the reply. "He disappeared
from Arctic City about a week ago. There's a bulletin out on him.
Keep a long distance watch on that plane."
About an hour after they had taken off, the fugitives, who were
flying low, disappeared in the mountains and were lost to the police
plane's radar.
The sun set, and night settled its cold hand over the mountains. The
stars glittered like icy diamonds in the almost black firmament. The
moon bathed the world in cold silvery light. The mountains rose like
walls against the cold, dark sky.
The plane climbed out of a canyon and flew southwest along the
side of a high peak. At treetop level, they flew through a high pass,
and entered a valley where a small, ice-covered lake gleamed in the
cold moonlight. The plane landed on the glittering ice. Among the
pines on the west side of the lake, stood a stately hunting lodge.
The outside was faced with logs to give it a rustic look, but the
interior was luxuriously furnished.
Two men from the lodge pushed the plane into a hangar on the lake
shore, while Roger and his captors climbed a short flight of stairs
and entered the building.
"Now we wait," Juarez said disgustedly. "I hope that Gomez gets
here soon, so that we can get this business over with and get out of
here. I cannot be sure, but I thought I saw someone following us
after we took off this morning."
But he didn't get his wish. For the next three days, the men passed
the time in various ways. Some went fishing through the ice on the
lake, others watched television, still others played cards or pool in
the game room.
During this time the police were not idle. They staked out the house
in Denver and waited. Their patience was rewarded when, on the
second night, a small plane came down out of the dark sky and
hovered over the landing area. A man dropped to the ground and
headed toward the house, and the plane rose into the night with
blue flame dancing from the ends of the wing cylinders, and headed
back toward the mountains. A large police plane high above traced
the flight of the small ship with infra red detectors and spotted the
hideout of the fugitives.
On the third night Miguel Gomez arrived. He was a big, strapping
man unusually light complected for a South American. His greetings
were loud and boisterous.
"Well, Juarez," he said loudly, "I see that you have our prisoner in
good condition. But we can do nothing for awhile. A new plan has
been developed. In one week, a rocket carrying high officials from
our Republic will take off from the Chicago spaceport. These officials
go to inspect the Lunar atomic laboratories. That rocket will crash,
and the North Americans will be blamed. There will be evidence of
general negligence with hints of sabotage. So! the fun will begin. If
that does not work, we will use our friend, Lorin, here to top it off."
That night they listened to a late newscast before going to bed. The
situation was tense. The presidents' meeting had been postponed
until after the inspection of the moon laboratories by the South
American officials. There was talk of a general mobilization and a
tightening of discipline at the military stations along the Mexican
border and the gulf coast.

Five hundred miles above the Earth, the polar weather station
wheeled silently through space. A sphere two hundred feet in
diameter, it was girded by a ring deck that was home to forty men
and women. The big observation room was the real reason for the
space station's existence. Here, the weathermen kept watch over the
movements of Earth's atmosphere. The fluffy white clouds that
appeared on their screens told a tale of mass air movements that
meant stormy or clear weather for the Earth below. An almost
blinding white mass of cloud over Canada told of a cold front moving
southward to collide with warm air from the Gulf of Mexico and
unleash a blizzard over the plains of the Midwest. Tumbling clouds
hid a storm that whipped the North Atlantic into a raging fury of
white water. Clear areas showed where snow sparked under the
winter sun or where soft tropical breezes ruffled the fronds of palm
trees.
The station was passing over the Pampas of Argentina on the day
side of Earth when the incident occurred. Miriam Andrews, on duty
at the time, sat watching the progress of a small rain squall.
Suddenly a look of surprise crossed her rather plain features, and
she turned the amplifier gain-knob of the light amplifying telescope
to higher magnification. On the screen appeared a sprawling airport
on which lay scores of large, box-like transport planes. Into the
huge, channel winged craft flowed lines of robot controlled armored
vehicles. Miriam, who had a keen mind and an interest in
international affairs, recognized the dangerous possibilities of these
preparations. She did not hesitate to call the station director. That
individual was summoned from a deep sleep by the imperative
buzzing of the intercom. He switched the instrument on, saw
Miriam's excited face, and came fully awake with a feeling of alarm.
Excitement on the part of station personnel was apt to mean deadly
danger. He interrupted the excited girl. "Repeat that again and slow
down." Miriam repeated her story.
"I'll send a message when we get close enough to Chicago to use a
tight beam," he said. "There's no use spreading that news all over
the western hemisphere." With that he broke the connection and
called the radio room to give instructions about the message.
The station swept around the Earth untroubled by the gathering fury
below. A rocket, a slender, blue steel, winged cone, blasted away
from the station with a brief but brilliant display of its atomic jets.
The watches changed, and the weathermen continued to receive
data, analyze it, and send it to the coordinating centers on Earth.
Although most of the men on the station heard the news with the
detachment of those whose main interest lies in space and on the
moon, the North American government was not so calm. It was not
long before big formations of box-like transports were headed
southward with heavy loads of flying armored equipment,
technicians, and troops. Flights of dart like interceptors patrolled the
gulf area, ranging the blue skies at supersonic speeds. On the
ground, rows of slim antiaircraft missiles stood like candles in a
birthday cake. At the first flicker on a radar screen, they would
scream skyward to intercept hydrogen and atom armed missiles at
the borderline of space. Both powers made good resolutions of
nonaggression, but the rest of the world watched the preparations
with a skeptical eye. The weapons that could unleash the horrors of
nuclear warfare at the flick of a switch stood in frightening array on
both sides of the gulf.
Meanwhile, the police prepared to close in on the mountain cabin.
Equipped with gas bombs, machine pistols and recoiless rifles, they
came struggling through a snow clogged pass and down the
mountain sides from hovering planes. Unseen in the darkness, they
crept through the woods toward the house. A rifle shot cracked as a
guard sighted them with his sniperscope. One of the policemen fell,
a bullet in his leg. The lights in the house went out, and gun flashes
lanced through the windows. Bullets, hunting their prey like angry
wasps, snarled through the darkness.
Roger was locked in an upstairs bedroom with a guard before the
door. During the next two hours, the roar of machine pistols and the
crack of rifle fire split the mountain stillness and echoed from the
hillsides. At the end of that time, the police withdrew to rearrange
their strategy.
Juarez sat on the floor near a broken window and cleaned his
machine pistol. "I think that it is time to kill Lorin and get out of
here," he said, as he placed a fresh clip in the magazine. "It will
serve us to good advantage."
"Fool!" Gomez exclaimed. "If they found us with a dead man on our
hands, we wouldn't stand a chance. I have used this place enough
to know that they have us pinned in. We can use Lorin as a
bargaining point. We will arrange to take him with us and drop him
by parachute. But—the parachute will not open. A convertiplane,
which I have called, will meet us above the clouds and take us away
before they can stop us."
"They will not trust our word," Juarez said. "We cannot get away
with it."
"Oh, but we can," Gomez said. "The police know that Lorin's death
would have regrettable results. Even the fact that he is a citizen of
the North American Union would be enough to start trouble, let
alone his position as a key research man on the neutron project.
They will do anything to see that he remains alive. The scheme will
further enrage the North Americans and might perhaps incite them
to war."
"I see," replied Juarez. "An excellent plan. Let's contact the police,
and see what happens."

Unseen by the guards around the house, four policemen crawled

through the snow. Wearing white uniforms, they blended so well
with their background that even the sniperscope men didn't see
them. Their view was limited by the fact that most of the large lights
that had flooded the area with infra red radiation had been shattered
by gunfire. Individual beams were insufficient to sweep the whole
area.
Carrying thirty-shot rocket launchers and rocket powered gas
bombs, they took positions around the house and aimed the slender
guns. At a radio signal, streams of red fire shot from the tubes, and
the small rockets tore through every window in the house. In a few
minutes, the place was saturated with sleep gas. Not a man moved
throughout the building. Policemen in gas masks converged on the
house.
Roger awoke on a stretcher aboard a police plane. A police officer
sitting beside the stretcher answered his dazed inquiries. "You're on
a police plane. We gassed the place where you were being held, and
then moved in and took over." He grinned. "You looked so peaceful
that I didn't have the heart to give you stimulants."
"How long has it been?" Roger asked worriedly. "I'd like to call my
wife as soon as I can. She's probably worried sick by now."
"It's been close to three hours," the officer replied. "We had to buck
a snowstorm when we came out of that valley. We knew it was
coming, but we thought that we could move in ahead of it and get
you out before it struck. Unfortunately, they spotted us with those
big infra red lights of theirs and threw our timing all out of kilter. We
should be in Denver in less than half an hour."
Twenty minutes later the plane set down on the landing stage at the
top of police headquarters. Roger was helped to his feet and led
from the plane across the wind and snow lashed platform to an
elevator.
A few minutes later, he sat in the office of the Federal Police
Commissioner for the Rocky Mountain district. Roger asked
permission to use the desk viewphone and quickly put through a call
to Arctic City. In a few minutes, Linda's face appeared on the screen.
When she saw Roger her face lit up with joy. "Roger!" she
exclaimed. "I've been so worried about you. I haven't been able to
sleep for days, wondering what they might do to you."
"I'm all right, honey," Roger reassured her. "I'll be home in less than
a day if the police don't detain me here."
"Better have her come to Chicago," the commissioner interrupted.
"You'll have to stay there until we get this mess straightened out."
"I guess it would be better for you to come to Chicago. The police
say that it'll take a while to clear this business up. Maybe you'd
better take a jet. It would be more comfortable for you."
"I'll take the evening rocket," Linda replied determinedly.
"OK," Roger said with a grin. "I'll see you this evening then."
"Your wife seems anxious to see you," the officer remarked drily.
"Well, you may as well tell me about this business. I'll send you on
the rocket this afternoon so that you can meet your wife. We're not
sure just what was behind this kidnapping."
Welcome to our website – the perfect destination for book lovers and
knowledge seekers. We believe that every book holds a new world,
offering opportunities for learning, discovery, and personal growth.
That’s why we are dedicated to bringing you a diverse collection of
books, ranging from classic literature and specialized publications to
self-development guides and children's books.

More than just a book-buying platform, we strive to be a bridge

connecting you with timeless cultural and intellectual values. With an
elegant, user-friendly interface and a smart search system, you can
quickly find the books that best suit your interests. Additionally,
our special promotions and home delivery services help you save time
and fully enjoy the joy of reading.