Passa al contenuto principale

Hypertext Transfer Protocol (HTTP/1.1): Sintassi e Instradamento dei Messaggi

Document Information / 文档信息

  • RFC Number: 7230
  • Title: HTTP/1.1: Message Syntax and Routing
  • Published: June 2014
  • Authors: R. Fielding (Adobe), J. Reschke (greenbytes)
  • Status: Standards Track
  • Obsoletes: RFC 2616, RFC 2145
  • Updates: RFC 2817, RFC 2818

Abstract / 摘要

L'Hypertext Transfer Protocol (HTTP) è un protocollo stateless a livello di applicazione per sistemi informativi ipertestuali distribuiti e collaborativi.

This document provides an overview of HTTP architecture and its associated terminology, defines the "http" and "https" Uniform Resource Identifier (URI) schemes, defines the HTTP/1.1 message syntax and parsing requirements, and describes related security concerns for implementations.

Table of Contents / 目录

Main Sections / 主要章节

  1. Introduction (简介)

    • 1.1 Requirements Notation
    • 1.2 Syntax Notation

  2. Architecture (架构)

    • 2.1 Client/Server Messaging
    • 2.2 Implementation Diversity
    • 2.3 Intermediaries
    • 2.4 Caches
    • 2.5 Conformance and Error Handling
    • 2.6 Protocol Versioning
    • 2.7 Uniform Resource Identifiers

  3. Message Format (消息格式)

    • 3.1 Start Line
    • 3.2 Header Fields
    • 3.3 Message Body

  4. Transfer Codings (传输编码)

    • 4.1 Chunked Transfer Coding
    • 4.2 Compression Codings
    • 4.3 TE Header Field
    • 4.4 Trailer Header Field

  5. Message Routing (消息路由)

    • 5.1 Identifying a Target Resource
    • 5.2 Connecting Inbound
    • 5.3 Request Target
    • 5.4 Host Header Field
    • 5.5 Effective Request URI
    • 5.6 Associating a Response to a Request
    • 5.7 Message Forwarding

  6. Connection Management (连接管理)

    • 6.1 Connection Header Field
    • 6.2 Establishment
    • 6.3 Persistence
    • 6.4 Concurrency
    • 6.5 Failures and Timeouts
    • 6.6 Tear-down
    • 6.7 Upgrade Header Field

  7. ABNF List Extension (ABNF 列表扩展)

  8. IANA Considerations (IANA 考虑事项)

  9. Security Considerations (安全考虑事项)

Appendices / 附录

  • Appendix A - HTTP Version History
  • Appendix B - Collected ABNF
  • References (参考文献)

HTTP/1.1 Specification Series / HTTP/1.1 规范系列

RFC 7230 is the first part of the HTTP/1.1 specification series:

  1. RFC 7230 - Message Syntax and Routing (本文档)
  2. RFC 7231 - Semantics and Content
  3. RFC 7232 - Conditional Requests
  4. RFC 7233 - Range Requests
  5. RFC 7234 - Caching
  6. RFC 7235 - Authentication

Core Concepts / 核心概念

Key Terms / 关键术语

  • Client: Program that establishes a connection to send HTTP requests
  • Server: Program that accepts connections to service HTTP requests
  • User Agent: Client program that initiates requests (browsers, crawlers, etc.)
  • Origin Server: Program that can originate authoritative responses
  • Intermediary: Proxy, gateway, or tunnel
  • Cache: Local storage of previous responses

HTTP Message Structure / HTTP 消息结构

HTTP-message   = start-line
                 *( header-field CRLF )
                 CRLF
                 [ message-body ]

Request Example / 请求示例

GET /hello.txt HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0
Accept-Language: it

Response Example / 响应示例

HTTP/1.1 200 OK
Date: Mon, 27 Jul 2009 12:28:53 GMT
Server: Apache
Content-Length: 51
Content-Type: text/plain

Hello World! My payload includes a trailing CRLF.

Important Features / 重要特性

  1. Stateless Protocol - Each request is processed independently
  2. Persistent Connections - HTTP/1.1 uses persistent connections by default
  3. Chunked Transfer Encoding - Allows sending data without knowing total length
  4. Intermediary Support - Supports proxies, gateways, and tunnels
  5. Protocol Upgrade - Supports upgrading to other protocols (e.g., WebSocket)

Security Considerations / 安全考虑

  1. Input Validation - Always validate and sanitize user input
  2. Length Limits - Implement limits on request line and header field lengths
  3. Use HTTPS - Use TLS encryption for sensitive communications
  4. Prevent Request Smuggling - Strictly follow message parsing rules
  5. Intermediary Security - Carefully handle proxies and gateways
  6. Privacy Protection - Protect personal information in server logs

Copyright Notice / 版权声明

Copyright © 2014 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions.

Related Resources / 相关资源

📌 Start Reading: Begin with Section 1 - Introduction