IETF 刚刚发布了很多新的 RFCs 用以更新 HTTP/1.1,包括:
RFC 7230: Message Syntax and RoutingRFC 7231: Semantics and ContentRFC 7232: Conditional RequestsRFC 7233: Range RequestRFC 7234: CachingRFC 7235: AuthenticationRFC 7236: Authentication Scheme RegistrationsRFC 7237: Method RegistrationsRFC 7238: the 308 status codeRFC 7239: Forwarded HTTP extension这些文档让原来的 HTTP/1.1 变得过时,对一个 HTTP 极客来说,这事儿很大!
RFC 2616, 已经推出 15 年了,而 HTTP/2.0 还在开发中。推出的更新主要包括:
Clarifications around dealing with unexpected whitespace, which should fix response splitting vulnerabilities.The limit of two connections per server has been removed.HTTP/0.9 support has been dropped.Default charset of ISO-8859-1 has been removed.Servers are no longer required to handle all Content-* header fields.Content-Range has been explicitly banned in PUT requests.It's now suggested to use the about:blank uri in the Referer header when no referer exists, to distinguish between "there was no referrer" and "I don't want to send a referrer".The 204, 404, 405, 414 and 501 status codes are now cachable.The status codes 301 and 302 have been changed to allow user agents to rewrite the method from POST to GET. This is a good example of a case where everybody has been (incorrectly) already doing this, and the spec now reflects the real world implementation.The Location header can now contain relative uri's as well as fragment identifiers.Content-MD5 has been removed.还有什么我漏掉的吗?
相关资源:HTTP1.1协议规范(中文归纳版)