HTTP是应用级协议,它适应了分布式超媒体协作系统对灵活性及速度的要求。它是一个一般的、无状态的、基于对象的协议,通过对其请求方法(request methods)进行扩展,可以被用于多种用途,比如命名服务器(name server)及分布式对象管理系统。 HTTP 的一个特性是其数据表现类型允许系统的构建不再依赖于要传输的数据。 HTTP 自从 1990 年就在 WWW 上被广泛使用。该规范反映了“HTTP/1.0”的普通用

9.2 成功2xx（Successful 2xx）...........................................................................................27

9.3 重定向（Redirection 3xx）............................................................................................28

9.4 客户端错误（Client Error ）4xx...................................................................................29

9.5 服务器错误（Server Error ）5xx..................................................................................29

10. 标题域定义（Header Field Definitions）..............................................................................31

10.1 允许（Allow）..............................................................................................................31

10.2 授权（Authorization）.................................................................................................31

10.3 内容编码（Content-Encoding）..................................................................................31

10.4 内容长度（Content-Length）......................................................................................32

10.5 内容类型（Content-Type）..........................................................................................32

10.6 日期（Date）................................................................................................................32

10.7 过期（Expires）...........................................................................................................33

10.8 来自（From）...............................................................................................................33

10.9 从何时更改（If-Modified-Since）...............................................................................34

10.10 最近更改（Last-Modified）.......................................................................................34

10.11 位置（Location）........................................................................................................35

10.12 注解（Pragma）.........................................................................................................35

10.13 提交方（Referer）........................................................................................................35

10.14 服务器（Server）.......................................................................................................36

10.15 用户代理（User-Agent）...........................................................................................36

10.16 WWW-授权（WWW-Authenticate）........................................................................36

11. 访问鉴别（Access Authentication）......................................................................................37

11.1 基本授权方案（Basic Authentication Scheme）.........................................................37

12. 安全考虑（Security Considerations）...................................................................................39

12.1 客户授权（Authentication of Clients）.......................................................................39

12.2 安全方法（Safe Methods）..........................................................................................39

12.3 服务器日志信息的弊端（Abuse of Server Log..........................................................39

12.4 敏感信息传输（Transfer of Sensitive Information）..................................................39

12.5 基于文件及路径名的攻击（Attacks Based On File and Path Names）.....................40

13. 感谢（Acknowledgments）....................................................................................................41

14. 参考书目（References）..........................................................................................................42

15. 作者地址（Authors' Addresses）...........................................................................................44

附录（Appendices）........................................................................................................................45

A. Internet介质类型消息/http（Internet Media Type...........................................................45

B. 容错应用（Tolerant Applications）.................................................................................45

C. 与MIME的关系（Relationship to MIME）....................................................................45

C.1 转换为规范形式（Conversion to Canonical Form）............................................46

C.2 日期格式转换（Conversion of Date Formats）....................................................46

C.3 内容编码介绍（Introduction of Content-Encoding）...........................................46

C.4 无内容传输编码（No Content-Transfer-Encoding）...........................................46

C.5 多个主体的HTTP标题域（HTTP Header Fields in..............................................47

D. 附加特性（Additional Features）...................................................................................47

D.1 附加请求方法（Additional Request Methods）...................................................47

D.2 附加标题域定义（Additional Header Field Definitions）...................................48