IETF 刚刚发布了很多新的 RFCs 用以更新 HTTP/1.1,包括:
这些文档让原来的 HTTP/1.1 变得过时,对一个 HTTP 极客来说,这事儿很大!
RFC 2616, 已经推出 15 年了,而 HTTP/2.0 还在开发中。推出的更新主要包括:
-
Clarifications around dealing with unexpected whitespace, which should fix response splitting vulnerabilities.
-
The limit of two connections per server has been removed.
-
HTTP/0.9 support has been dropped.
-
Default charset of ISO-8859-1 has been removed.
-
Servers are no longer required to handle all
Content-*
header fields. -
Content-Range
has been explicitly banned in PUT requests. -
It's now suggested to use the
about:blank
uri in theReferer
header when no referer exists, to distinguish between "there was no referrer" and "I don't want to send a referrer". -
The
204
,404
,405
,414
and501
status codes are now cachable. -
The status codes
301
and302
have been changed to allow user agents to rewrite the method fromPOST
toGET
. This is a good example of a case where everybody has been (incorrectly) already doing this, and the spec now reflects the real world implementation. -
The
Location
header can now contain relative uri's as well as fragment identifiers. -
Content-MD5
has been removed.
还有什么我漏掉的吗?
本文永久更新链接地址:http://www.linuxidc.com/Linux/2014-06/102843.htm