Technical · Dispatch № 15

What Actually Happens When You Click a Link - Part 1

Learn what really happens when you click a link. Understand URLs, DNS, HTTPS, and browser requests using simple analogies.

What Actually Happens When You Click a Link - Part 1

Have you ever stopped to think about what happens when you type a prompt into Claude or ChatGPT? When you hit "Send," your browser packages up your message and sends it to a server, then waits for a response. That's the same thing that happens when you click a link or load any website. You just didn't know it. So, let's talk about it.

Your Browser Sends a Request

The moment you type a URL or click a link, your browser (Chrome, Safari, Firefox) becomes the "client", the thing that asks the question. Just like the chat window where you type a prompt into ChatGPT, every click, every form submission, every page load starts the same way. Your browser sends a request to a server (just another computer, one that's always on and waiting to respond to requests) somewhere.

But what is a URL, actually? It's the address of the server you're talking to. Like a phone number, but for computers.

What a URL Actually Is

Take this URL for example: https://www.youtube.com/shorts/funny-cats. Think of visiting a website like making a phone call. Let's break down the URL into its parts in plain language:

The Protocol (https://) is the secure line. Imagine you are calling your bank. Using HTTP is like shouting your account number across a crowded room, anyone can hear it. HTTPS is like using a secure phone line, where your information is encrypted and safe from eavesdroppers. But here's the catch: just because the line is secure doesn't mean the person on the other end is legit. A scammer can use a secure line too. So when your browser shows a security indicator for HTTPS, it means "private conversation", not "trustworthy person".

The Domain (youtube.com) is the caller ID. This is the most important part. It tells you who you're talking to. If the caller ID says "Grandma", you trust it. If it says "Unknown Number", you don't. Scammers work the same way online. youtube.com is known by everyone, but y0utube.com is fake. Always check the domain before typing passwords or personal info.

What about the www? You'll often see the www. in front of the domain. It's a leftover convention from the early web. youtube.com and www.youtube.com go to the same place. Some sites do use different prefixes like blog.youtube.com for separate sections, but www is not one of them. For now, just know that the important part is what comes before the .com (or .org, .net, etc). That's the company you're talking to.

The Path (/shorts/funny-cats) is your request. Once you're in a secure line with the right person, this is what you ask for. It's like saying "Hi Youtube, show me short videos of funny cats".

So, in short. Use a secure line (protocol) to call the right person (domain) and ask for a specific thing (path).

So you type youtube.com into your browser. But your browser doesn't actually know where YouTube lives, it just knows the name. It needs a specific digital address (a string of numbers) to connect.

DNS (Domain Name System) Is Your Browser Assistant

When you type "youtube.com," your browser silently asks an assistant in the background: "What's the address for YouTube?" The assistant finds it instantly, hands it back, and your browser connects automatically. You never see the address. You never need to. It all happens in milliseconds.

After the first visit, your browser saves the address for a while, like adding someone to your "Recents." Next time you visit YouTube, it doesn't need to ask the assistant again. It already knows where to go.

In summary, You type a name → DNS (the assistant) looks up the real address → your browser connects over a secure line (protocol) → you check the caller ID (domain) → and ask for a specific page (path).

What Your Browser Sends

So your browser found YouTube's address (thanks to DNS). But before any conversation starts, both sides do a quick handshake. Think of it like both you and the other person agreeing on a secret code before sharing anything private. This happens automatically and takes a fraction of a second, but it's how that "secure line" (HTTPS) actually gets set up.

Now your browser is connected over a secure line and has confirmed who it's talking to (the domain). What happens next?

It places the order. Think about what happens when you call a restaurant for delivery. You don't just say "food please", you tell them what you want, where to send it, and maybe mention a coupon. That's exactly what your browser does. It packages up a request that says:

  • What page you want. "Show me /shorts/funny-cats".
  • A little bit about you. What language you speak, what device you're on, so the site can adjust.
  • Any info you've shared before. If you're logged in, the browser reminds the site who you are (these are called cookies, small notes the site left on your browser during a previous visit, like the restaurant remembering you're a regular). That's how sites keep you logged in so you don't have to enter your password every time.

All of this gets bundled up and sent across the internet in milliseconds. You don't see any of it. You just typed a URL and hit Enter, but behind the scenes, your browser wrote a very specific order and delivered it.

Here's the thing that changes how you see the web. Every time anyone visits any website, this exact thing happens. Every click, every page load, every search, a request gets sent. When someone visits an app you built, their browser does this same thing to your server.

So far:

You type a name → DNS finds the address → your browser does a quick handshake to set up a secure line → and sends a request describing exactly what it wants.

Your request is on its way. Now what happens on the other end? That's what we'll cover in Part 2: The Server Processes It.