Http Headers详解一览

Http Headers详解一览

 

HTTP/1.1的定义在www.w3.org中已经详细定义好，具体协议看以参看rfc2616，链接可以参考这里：http://www.w3.org/Protocols/rfc2616/rfc2616.html，在该协议中，定义了HTTP/1.1的必要信息，包括并不仅限于以下：

Protocol Parameters：包括HTTP Version，URL Syntax，Character Sets和Encoding等，具体定义可以参考这里：http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3

Http Message：定义了Request和Response的结构，包括status line、Header、body、Cache Control等，详细信息参考这里：http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4

Request：请求参数设置，注意这里描述的是Request的请求格式，用HTTPClient等包实际上是对协议的包装，最终发送给服务器的就是http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5介绍的格式，服务器也只能处理这种通用的协议格式解析(自定义协议除外，这里指通用的HTTP协议)

Response：响应参数设置，定义Response返回的格式http://www.w3.org/Protocols/rfc2616/rfc2616-sec6.html#sec6

Entity：定义Request和Response响应的实体，实际上是对Request和Response的控制，可以看这里：http://www.w3.org/Protocols/rfc2616/rfc2616-sec7.html#sec7

Connections：这个是关于Connections的定义，这个说的比较复杂，想理解透彻的话，需要仔细研读：http://www.w3.org/Protocols/rfc2616/rfc2616-sec8.html#sec8

Method Definations：请求方法定义，这个最为常用，包括GET、POST、HEAD、PUT等之外，还有OPTIONS、TRACE方法，这两个方法可以仔细了解一下，尽管不太常用，具体的Method可以参考这里：http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9

Status Code Definations：这个不再多说，大家使用的都比较多，可以参考http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10，本博客也收录了过Status Code的一些内容，可以交叉对比下，http://isilic.iteye.com/blog/1768152

Caching in HTTP：定义对于Cache的处理http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13

Header Field Definitions：HTTP Header定义，这个是本文的重点，后面会详细介绍http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13

 

HTTP Headers可以按照Header类型分为以下四种，对于每个Header，都会标明为以下某种类型

Request：请求参数
Response：响应参数
General：通用参数，可以在Request和Response中使用
Entity：Entity-Body控制参数，实际是请求和响应的元信息(meta-information)

 

 

以下介绍HTTP Headers的内容，主要由参数，参数链接，参数类型，英文解释节选自rfc2616，中文简单解释其作用组成，

 

Accept [Request] 

The Accept request-header field can be used to specify certain media types which are acceptable for the response.

  Accept声明Request能够接收的响应类型，很常见，打开网页都能看到这个参数，格式和解释可以参考这里：http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.1

 

Accept-Charset [Request] 

The Accept-Charset request-header field can be used to indicate what character sets are acceptable for the response

 Request字符集设置

 

Accept-Encoding [Request]

The Accept-Encoding request-header field is similar to Accept, but restricts the content-codings that are acceptable in the response

  和Accept类似，添加声明可以接收的Content-Coding，如compress、gzip等

 

Accept-Language [Request]

  Specifies which natural languages are acceptable for the response and to assign preferences to them. Useful for language negotation.

 

Accept-Ranges [Response] 

The Accept-Ranges response-header field allows the server to indicate its acceptance of range requests for a resource

  Response声明自己对于Ranges的响应方式，如Accept-Ranges: bytes支持Ranges响应，而Accept-Ranges: none则建议client不要发送Ranges说请求

 

Age [Response]

The Age response-header field conveys the sender's estimate of the amount of time since the response (or its revalidation) was generated at the origin server

  服务器生成响应的估算时间，Age值计算可以参考这里：http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.2.3

 

Allow [Entity]

Lists the set of methods supported by the resource identified by the Request-URI. The purpose is to inform the recipient of valid methods associated with the resource.

  Allow声明资源请求时允许使用的方法，如Allow: POST则声明请求必须使用Post方法请求资源，否则服务器返回405(Method Not Allowed)错误。

 

Authorization [Request]

  Consists of credentials containing the authentication information of the client for the realm of the resource being requested，but not necessarily。

 

Cache-Control [General]

  Specifies directives that must be obeyed by all caching mechanisms along the request/response chain.

  Cache控制，这个可是HTTP Header的重点，表明HTTP的缓存机制支持是否缓存，缓存类型、缓存时间，在Request和Response中都有出现。具体的细节可以参考http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9

 

Connection [General]

  Specifies options that are desired for the particular connection and must not be communicated by proxies over further connections.

  是否支持长连接，这个是最常用的功能，如Connection： keep-alive支持长连接；Connection： close就不支持长连接

 

Content-Encoding [Entity]

  Used as a modifier to the media-type, to indicate what additional data format transformations such as compression have been applied to the entity-body.

  Content-Encoding表明Entity的Encoding方式，如Content-Encoding: gzip就表明Entity的压缩方式。

 

Content-Language [Entity]

  Specifies the natural language(s) of the intended audience for the enclosed entity. But according to RFC 3282, specifies the language(s) of the entity.

  支持的语言

 

Content-Length [Entity]

  Indicates the size (in octets) of the entity-body that is sent or that would have been sent if it has reen requested.

  这个Content-Length最为常见，是Http协议中最关键的地方，表明Entity的长度；这个字段会不会必须出现，答案当然是No，在后面会提到在什么情况下不出现。

 

Content-Location [Entity]

  Supplies the resource location for the entity enclosed in the message when that entity is accessible from a location separate from the requested resource's URI.

 请求资源可替代的备用的另一地址

 

Content-MD5 [Entity]

  An MD5 digest of the entity-body for the purpose of providing an end-to-end message integrity check (MIC) of the entity-body.

  返回资源的MD5校验值

 

Content-Range [Entity]

  Sent with a partial entity-body to specify where in the full entity-body the partial body should be applied.

  Content-Range表明Entity的部分内容，其中字段格式为Content-Range: units start-end/sum，表明请求的内容。

 

Content-Type [Entity]

  Specifies the Internet media type of the entity-body that is sent or would have been sent if requested. Often includes a charset parameter specifying the character encoding.

  返回内容的MIME类型

 

 

Cookie [request]

  HTTP请求发送时，会把保存在该请求域名下的所有cookie值一起发送给web服务器。

 

Date [General]

  Date and time at which the message was originated.

  Client端为请求时间，Server端为响应时间，时间格式必须按照规定http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.3.1，有几个比较特殊的情况，如Server端异常(5XX)、Client端跳转(1XX)，或者Server端无法提供时间等细节，可以参考http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.18

 

ETag [Response]

  Provides the current value of the entity tag for the requested variant, for caching purposes.

  请求变量的实体标签的当前值

 

Expect [Request]

  Indicates that particular server behaviors are required by the client.

  Client端请求服务器端执行的操作，如Expect: 100-continue

 

Expires [Entity]

  Gives the date/time after which the response is considered stale, for caching purposes.

  响应有效时间

 

From [Request]

  The Internet e-mail address for the human user who controls the requesting browser or other client.

  如果有这个参数的话，值必须得时有效地Email格式

 

Host [Request]

  Specifies the Internet host and port number of the resource being requested. Obligatory in all HTTP/1.1 requests.

  请求方的Host，在HTTP/1.1中是必须字段

 

If-Match [Request]

  Used with a method to make it conditional: a client that has previously obtained entities can verify that one of those entities is current by including a list of their associated entity tags in the If-Match header field.

  使用ETag字段来描述请求资源是否有改变，响应中会有ETag字段来确认是否改变

 

If-None-Match [Request]

  Used with a method to make it conditional: a client that has previously obtained entities can verify that none of those entities is current by including a list of their associated entity tags in the If-None-Match header field.

  和If-Match类似，都是使用ETag来确认资源是否更新，响应Header中会有ETag字段

 

If-Modified-Since [Request]

  Used with a method to make it conditional: if the requested variant has not been modified since the time specified in this field, the server will not return the entity but information about this fact.

  该字段会确定请求内容是否有更改，后面添加标准时间，响应中一般会有Last-Modified字段。

 

Last-Modified [Entity]

  Indicates the date and time at which the origin server believes the variant was last modified.

 

If-Unmodified-Since [Request]

  Used with a method to make it conditional: if the requested variant has been modified since the time specified in this field, the server will not perform the requested operation but information about this fact.

  和If-Modified-Since功能类似

 

 

If-Range [Request]

  Used together with Range to say: "if the entity is unchanged, send me the part(s) that I am missing; otherwise, send me the entire new entity".

 

Location [Response]

  Redirects the recipient to a location other than the Request-URI for completion of the request or identification of a new resource.

  用来重定向接收方到非请求URL的位置来完成请求或标识新的资源

 

Max-Forwards [Request]

  Provides a mechanism with the TRACE and OPTIONS methods to limit the number of proxies or gateways that can forward the request to the next inbound server.

  使用TRACE和OPTIONS请求时，限制代理或者网关的数目。

 

Pragma [General]

  Used to include implementation-specific directives that might (optionally) apply to any recipient along the request/response chain.

  跟实现相关，应用到请求、响应链的接收方

 

Proxy-Authenticate [Response]

  Included as part of a 407 (Proxy Authentication Required) response. The field value consists of a challenge that indicates the authentication scheme and parameters applicable to the proxy for this Request-URI.

Proxy-Authorization [Request]

  Used by a client to identify itself (or its user) to a proxy which requires authentication.

  指出认证方案和可应用到代理的该URL上的参数

 

Range [Request]

  Restricts the request to some part(s), specified as range(s) of octets, in the resource.

  请求部分字段响应，实际上在支持断点操作上该字段特别有用，响应返回206

 

Referer [Request]

  Used by a client to specify, for the server's benefit, the address (URI) of the resource from which the Request-URI was obtained.

  跳转refer字段

 

Retry-After [Response]

  Indicates how long the service is expected to be unavailable to the requesting client.

  支持503响应，可能在3XX响应中使用，值可以为绝对时间或者是秒单位的请求时间，提示在指定时间后再次尝试

 

Server [Response] http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.38

  Contains information about the software used by the origin server to handle the request.

  Server字段，表明Server类型

 

Set-cookie [response]

  设置Http Cookie值

 

TE [Request]

  Indicates what extension transfer-codings the client is willing to accept in the response and whether or not it is willing to accept trailer fields in a chunked transfer-coding.

  支持Response扩展的transfer-encoding协议，或者是在Chunked transfer-encoding中支持Trailer域

 

Trailer [General]

  Indicates that the given set of header fields is present in the trailer of a message encoded with chunked transfer-coding.

  指出头域在分块传输编码的尾部存在

 

Transfer-Encoding [General]

  Indicates what (if any) type of transformation has been applied to the message body in order to safely transfer it between the sender and the recipient. This differs from the Content-Encoding in that the transfer-coding is a property of the message, not of the entity.

  最常见的是Transfer-Encoding: chunked，在这种情况下没有Content-Length字段，因为服务器发给Client的响应是分段进行，响应支持Chunked协议，Client按照Chunked协议来进行数据接收处理。

 

Upgrade [General]

  Used by a client to specify what additional communication protocols it supports and would like to use if the server finds it appropriate to switch protocols. The server uses the Upgrade header to indicate which protocol(s) are being switched.

  表明支持的协议类型，让Server选择协议切换，如Upgrade: HTTP/2.0, SHTTP/1.3, IRC/6.9, RTA/x11这种格式；Upgrade字段是想让HTTP/1.1能够简单的切换到其它的协议。

 

User-Agent [Request]

  Contains information about the user agent (client) originating the request

  使用的浏览器类型

 

Vary [Response]

  Indicates the set of request-header fields that fully determines, while the response is fresh, whether a cache is permitted to use the response to reply to a subsequent request without revalidation.

  告诉后续的代理是使用缓存响应还是从原始服务器请求，这个解释比较模糊，可以参考这篇文章加深理解：http://mark.koli.ch/2010/09/understanding-the-http-vary-header-and-caching-proxies-squid-etc.html

 

Via [General]

  Used by gateways and proxies to indicate the intermediate protocols and recipients between the user agent and the server on requests, and between the origin server and the client on responses.

  告知代理客户端响应的发送过程，网关和代理使用

 

Warning [General]

  Carries additional information about the status or transformation of a message which might not be reflected in the message.

  警告Entity Body of the Message可能会存在问题

 

WWW-Authenticate [Response]

  Used in 401 (Unauthorized) response messages. The field value consists of at least one challenge that indicates the authentication scheme(s) and parameters applicable to the Request-URI.

表明客户端请求实体应该使用的授权方案

 

最后根据上面的Header字段，说下HTTP Header使用方式：
        HTTP通过两种方式验证对象是否有更新：if-non-match 和 if-modified-since； 通过在Request中包含上述header向服务器发起询问。当response中包含ETag头时，浏览器应该使用if-non-match来询问；response中含有last-modified头时，浏览器应用if-modified-since来进行更新询问。HTTP/1.1规范建议使用ETag方式（如果不能使用ETag方式时使用last-modified）。但事实上很多现代服务器依然使用last-modified方式。当服务器同时使用ETag和last-modified时，浏览器应同时发送if-non-match和if-modified-since头，服务器应同时对这两个头进行确认，只有同时符合未更新条件方可返回304响应。www.baidu.com就是用了这两种方式ETag和Last-Modified响应，大家可以调出调试窗口看下Request和Response内容。

 

Chunked传输：这是一种传输编码。在正常情况下http response要求先知道对象的大小才能进行传输，以便接收端正确知道传输该何时结束。但是如果服务器无法报告对象的大小时，且保持单个连接时，必须使用Chunked传输。设置Chunked后（在response头中设置transfer-encoding：chunked），对象将被切割为多个长度来传输，每次传输均指明当次内容长度，并在最后一次设置0以指示传输结束。所以说Content-Length字段不是每次响应中都存在；另外这种传输格式在很多服务器上都得到支持，浏览器端也支持这种格式的解析。如果你想自己解析HTTP流的话，这种Chunked传输格式必须要考虑，如Mina、Netty等自行处理HTTP流。对于常用的HTTPClient，已经代为解决好这个问题。

 

Range Request：区间请求。HTTP容许请求一个文档的指定区间内容，如果一次HTTP下载因为某种原因中途失败，则HTTP可以在下次请求使用Range头，这样可以实现断点续传。同时Range也广泛用在P2P类下载中，同时从多个服务器上下载同一类容以实现加快下载速度。而在Response中可以设置Accept-Ranges: bytes以表示服务器可以接受range请求，并求度量单位是byte。

 

Delta Encoding：一种减少HTTP传输量的方法。正常情况下，如果服务器端一个文档更新后，将导致在下次客户端请求时，服务器端发送整个新文档给客户端，而如果这个文档只是更新了一小部分，重新传输完整的文档则是对资源的一种浪费。HTTP通过Delta-Encoding技术实现只传输变化部分：首先，服务器在第一次响应中包含一个e-tag头，表示该文档的一个唯一版本识别码；然后，客户端在下一次请求时，将在request中包含if-non-match头，向服务器询问该文档是否有更新，同时在request设置A-IM（accept-instance manipulation）头表示可以接受delta技术，不设置表示不能接受delta技术；再次，服务器在接到请求后发现自己拥有文档的新版本，于是在响应中包含IM头，e-tag头，delta-base头向客户端表明文档是如何更新的，其中IM头的值表示的是delta的某种算法，e-tag头是新的e-tag，delta-base表示本次delta算法是基于哪个版本计算出来的；最后，客户端在接到response后启动delta算法更新本地文档，并更新本地文档的e-tag值为新的e-tag值。Delta-Encoding技术比较复杂，需要各方面的支持，感兴趣的同学可以深入理解一下，rfc文档见这里：http://tools.ietf.org/html/rfc3229

 

本文内容就到这里，有问题或者本文有疏漏的地方还望不吝赐教。