FTP : Java Glossary

• Normally you use PASV mode, the newer style of FTP where the client sets up both the uplink and downlink. This is more secure than the old style when the server set up the downlink. Further, it is easier to tunnel through firewalls with PASV. You would not use it if you have some very old server that does not support it. Non-PASV is also slightly faster.
• Typically FTP gives you access to more files that HTTP does, e.g. the logs of website activity. You can typically both upload and download.
• With FTP you can upload, download, delete, rename, make a directory, get a directory listing or abort the transfer in progress. In contrast, with HTTP, all you can do in download a file.
• If you are setting up an FTP server, you will have to tell your firewall/router to forward ports 20 and 21 for FTP and 2000..2010 for PASV to your FTP server.
• If your FTP session aborts, the server may lock the file you were working until the session times out. The server can’t tell the session was aborted. Until the timeout expires, you won’t be able to update or rename that file in a new session.
• Jon Postel and Joyce Reynolds devised the FTP standard, RFC 959, back in 1985. Like all RFCs, it has not been updated since. Mr. Postel has died. Follow on RFCs include RFC 2228 (security), RFC 2640 (internationalisation), RFC 2773 (encryption) and RFC 3659 (FEAT).
• There is now a secure FTP protocol, SFTP covered in RFC 2228 and RFC 4217. There is also FTPS (FTP over SSL), and SFTP (FTP over SSH), and FTP over TLS that encrypt the transmissions for privacy.

Gotchas

• There is nothing in the FTP protocol to find out what time the server thinks it is, or what TimeZone it is using. You can kludge by uploading a tiny dummy file, then do a directory list on it to find out what time the server stamped it with — which will be not the file’s original time, but the time it arrived at the server. This tells you what time the server is using accurate to a second or two. Typically FTP just stomps uploaded files with the server time they were uploaded.
• When the server returns a directory list, the FTP protocol does not specify which file time to use, client, server or UTC, daylight saving or standard, current DST or historic DST.
• When you upload a file, the FTP protocol does not specify what time the server should date the files with, client upload time, server upload time, client last modified time…
• There are a large number of parameters to configure such as: PASV, whether server supports FEAT (feature detect) whether server supports RESUME, timezone of the server, name conversion to lower case, port, URL, default directory, login in, password, account, whether you are permitted multiple connections etc. The transfer won’t work if you don’t match the server capabilities/expectations.
• If you upload a file while it is being downloaded, the upload will fail.
• Uploads are not atomic. If for example you upload a file A that links to file B, and file A is uploaded first there will be a dangling link. Ideally all the uploads should be done, then then once they have all successfully completed, reveal all the updates and adds at once.
• FTP uploads a file at a time. If you have many small files, there is considerable time overhead in the handshaking. Ideally they should be uploaded in compressed large chunks to reduce the handshaking overhead.

FTP is a bit long in the tooth. It is being replaced by VPN where you just copy files via an encrypted link to the server as if it were another drive on your desktop.