Network Working Group R. Fielding Request for Comments: 2616 ...

More documents

Recommendations

Info

14.6 Age ........................................................10614.7 Allow ......................................................10614.8 Authorization ..............................................10714.9 Cache-Control ..............................................10814.9.1 What is Cacheable .......................................10914.9.2 What May be Stored by Caches ............................11014.9.3 Modifications of the Basic Expiration Mechanism .........11114.9.4 Cache Revalidation and Reload Controls ..................11314.9.5 No-Transform Directive ..................................11514.9.6 Cache Control Extensions ................................11614.10 Connection ...............................................11714.11 Content-Encoding .........................................11814.12 Content-Language .........................................11814.13 Content-Length ...........................................11914.14 Content-Location .........................................12014.15 Content-MD5 ..............................................12114.16 Content-Range ............................................12214.17 Content-Type .............................................12414.18 Date .....................................................12414.18.1 Clockless Origin Server Operation ......................12514.19 ETag .....................................................12614.20 Expect ...................................................12614.21 Expires ..................................................12714.22 From .....................................................128Fielding, et al. Standards Track [Page 5]RFC 2616 HTTP/1.1 June 199914.23 Host .....................................................12814.24 If-Match .................................................12914.25 If-Modified-Since ........................................13014.26 If-None-Match ............................................13214.27 If-Range .................................................13314.28 If-Unmodified-Since ......................................13414.29 Last-Modified ............................................13414.30 Location .................................................13514.31 Max-Forwards .............................................13614.32 Pragma ...................................................13614.33 Proxy-Authenticate .......................................13714.34 Proxy-Authorization ......................................13714.35 Range ....................................................13814.35.1 Byte Ranges ...........................................13814.35.2 Range Retrieval Requests ..............................13914.36 Referer ..................................................14014.37 Retry-After ..............................................14114.38 Server ...................................................14114.39 TE .......................................................142
14.40 Trailer ..................................................14314.41 Transfer-Encoding..........................................14314.42 Upgrade ..................................................14414.43 User-Agent ...............................................14514.44 Vary .....................................................14514.45 Via ......................................................14614.46 Warning ..................................................14814.47 WWW-Authenticate .........................................15015 Security Considerations .......................................15015.1 Personal Information....................................15115.1.1 Abuse of Server Log Information .........................15115.1.2 Transfer of Sensitive Information .......................15115.1.3 Encoding Sensitive Information in URI's .................15215.1.4 Privacy Issues Connected to Accept Headers ..............15215.2 Attacks Based On File and Path Names .......................15315.3 DNS Spoofing ...............................................15415.4 Location Headers and Spoofing ..............................15415.5 Content-Disposition Issues .................................15415.6 Authentication Credentials and Idle Clients ................15515.7 Proxies and Caching ........................................15515.7.1 Denial of Service Attacks on Proxies....................15616 Acknowledgments .............................................15617 References ..................................................15818 Authors' Addresses ..........................................16219 Appendices ..................................................16419.1 Internet Media Type message/http and application/http ......16419.2 Internet Media Type multipart/byteranges ...................16519.3 Tolerant Applications ......................................16619.4 Differences Between HTTP Entities and RFC 2045 Entities ....167Fielding, et al. Standards Track [Page 6]RFC 2616 HTTP/1.1 June 199919.4.1 MIME-Version ............................................16719.4.2 Conversion to Canonical Form ............................16719.4.3 Conversion of Date Formats ..............................16819.4.4 Introduction of Content-Encoding ........................16819.4.5 No Content-Transfer-Encoding ............................16819.4.6 Introduction of Transfer-Encoding .......................16919.4.7 MHTML and Line Length Limitations .......................16919.5 Additional Features ........................................16919.5.1 Content-Disposition .....................................17019.6 Compatibility with Previous Versions .......................17019.6.1 Changes from HTTP/1.0 ...................................17119.6.2 Compatibility with HTTP/1.0 Persistent Connections ......17219.6.3 Changes from RFC 2068 ...................................17220 Index .......................................................175
Page 2: eferred to as "HTTP/1.1", and is an
Page 5: 12.1 Server-driven Negotiation ....
Page 9 and 10: 1.2 RequirementsThe key words "MUST
Page 12 and 13: Fielding, et al. Standards Track [P
Page 14 and 15: equest chain ----------------------
Page 16 and 17: Elements separated by a bar ("|") a
Page 18 and 19: HTTP/1.1 header field values can be
Page 20 and 21: An application that sends a request
Page 22 and 23: 3.2.3 URI ComparisonWhen comparing
Page 26 and 27: is not desirable and is discouraged
Page 28 and 29: CRLFchunk = chunk-size [ chunk-exte
Page 30 and 31: When in canonical form, media subty
Page 32 and 33: 3.9 Quality ValuesHTTP content nego
Page 34 and 35: RFC 2616 HTTP/1.1 June 1999HTTP/1.1
Page 36 and 37: message-body = entity-body| Transfe
Page 38 and 39: in advance.Messages MUST NOT includ
Page 40 and 41: equested resource, and 501 (Not Imp
Page 42 and 43: names) MUST use the following rules
Page 44 and 45: values for the first digit:- 1xx: I
Page 48 and 49: how the transfer-length of a messag
Page 50 and 51: connection-token close.If either th
Page 52 and 53: idempotent (see section 9.1.2). Non
Page 54 and 55: compatibility with RFC 2068, a serv
Page 56 and 57:
If at any point an error status is
Page 58 and 59:
optional features implemented by th
Page 60 and 61:
- Extending a database through an a
Page 62 and 63:
intervention (or other means) on th
Page 64 and 65:
10.1.2 101 Switching ProtocolsThe s
Page 66 and 67:
esponse MAY include new or updated
Page 68 and 69:
Fielding, et al. Standards Track [P
Page 70 and 71:
The response MUST include the follo
Page 72 and 73:
If the client is sending data, a se
Page 74 and 75:
If the response could be unacceptab
Page 76 and 77:
10.4.15 414 Request-URI Too LongThe
Page 78 and 79:
10.5.5 504 Gateway TimeoutThe serve
Page 80 and 81:
Page 82 and 83:
Caching would be useless if it did
Page 84 and 85:
Warning (but without removing any e
Page 86 and 87:
If the user has overridden the basi
Page 88 and 89:
in the past. This means that the re
Page 90 and 91:
RFC 2616 HTTP/1.1 June 1999the time
Page 92 and 93:
simple:response_is_fresh = (freshne
Page 94 and 95:
match.In HTTP/1.1, a conditional re
Page 96 and 97:
validators or strong validators. Cl
Page 98 and 99:
- MAY send a weak entity tag instea
Page 100 and 101:
Unless specifically constrained by
Page 102 and 103:
Page 104 and 105:
warn-code 1xx, which are deleted ev
Page 106 and 107:
for the associated entity, its enti
Page 108 and 109:
- DELETE- POSTIn order to prevent d
Page 110 and 111:
The Accept request-header field can
Page 112 and 113:
image/jpeg = 0.5text/html;level=2 =
Page 114 and 115:
Note: If the request does not inclu
Page 116 and 117:
Accept-Ranges: bytesbut are not req
Page 118 and 119:
containing an Authorization field,
Page 120 and 121:
- Restrictions on what may be store
Page 122 and 123:
improve privacy in some cases, we c
Page 124 and 125:
Page 126 and 127:
must-revalidateBecause a cache MAY
Page 128 and 129:
understand.For example, consider a
Page 130 and 131:
new coding is known to be acceptabl
Page 132 and 133:
14.14 Content-LocationThe Content-L
Page 134 and 135:
Note: while the definition of Conte
Page 136 and 137:
server SHOULD return them in the or
Page 138 and 139:
Some origin server implementations
Page 140 and 141:
Expires = "Expires" ":" HTTP-dateAn
Page 142 and 143:
A client MUST include a Host header
Page 144 and 145:
een modified since the date given b
Page 146 and 147:
RFC 2616 HTTP/1.1 June 1999If none
Page 148 and 149:
14.29 Last-ModifiedThe Last-Modifie
Page 150 and 151:
MAY require that behavior be consis
Page 152 and 153:
yte-ranges-specifier = bytes-unit "
Page 154 and 155:
Content) instead of 200 (OK).- The
Page 156 and 157:
The TE request-header field indicat
Page 158 and 159:
Page 160 and 161:
a cache cannot determine from the r
Page 162 and 163:
SHOULD NOT, by default, forward the
Page 164 and 165:
this user agent behavior in mind.Re
Page 166 and 167:
designers and implementors be parti
Page 168 and 169:
strongly correlated to the membersh
Page 170 and 171:
serious security considerations. Co
Page 172 and 173:
The HTTP protocol has evolved consi
Page 174 and 175:
Protocol -- HTTP/1.0", RFC 1945, Ma
Page 176 and 177:
Implementation and Analysis", RFC 1
Page 178 and 179:
University of California, IrvineIrv
Page 180 and 181:
Page 182 and 183:
Notes:1) Additional CRLFs may prece
Page 184 and 185:
full compliance with the MIME proto
Page 186 and 187:
ead chunk-size and CRLF}read entity
Page 188 and 189:
- understand any valid response in
Page 190 and 191:
CREATE had a race that required an
Page 192 and 193:
also needed to be a general header,
Page 194:
show all

Network Working Group R. Fielding Request for Comments: 2616 ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?