RFC 7230부터 7235까지가 HTTP/1.1에 대한 문서다.
1. RFC 7230, HTTP/1.1: Message Syntax and Routing
2. RFC 7231, HTTP/1.1: Semantics and Content
3. RFC 7232, HTTP/1.1: Conditional Requests
4. RFC 7233, HTTP/1.1: Range Requests
5. RFC 7234, HTTP/1.1: Caching
6. RFC 7235, HTTP/1.1: Authentication
RFC 7231 : Semantics and Content
2. Resources
HTTP를 통해 전송되는 콘텐츠들을 resource라고 부른다. HTTP는 리소스를 다루는 인터페이스를 정의하는 것이다.
리소스에는 텍스트뿐 아리나 동영상이나 음성파일, 이미지 등도 포함된다.
3. Representations
리소스의 표현은 헤더 필드상에서 다음과 같이 정의됨.
+-------------------+-----------------+
| Header Field Name | Defined in... |
+-------------------+-----------------+
| Content-Type | Section 3.1.1.5 |
| Content-Encoding | Section 3.1.2.2 |
| Content-Language | Section 3.1.3.2 |
| Content-Location | Section 3.1.4.2 |
+-------------------+-----------------+Content-Type = media-type
Content-Type: text/html; charset=utf-8
Content-Type: multipart/form-data; boundary=somethingContent-Encoding = 1#content-coding
Content-Encoding: gzip
Content-Encoding: compress
Content-Encoding: deflate
Content-Encoding: br
Content-Encoding: deflate, gzipContent-Language = 1#language-tag
Content-Language: de-DE
Content-Language: en-US
Content-Language: de-DE, en-CAContent-Location : absolute-URI / partial-URI
REQUEST RESPONSE
Accept: application/json, text/json Content-Location: /documents/foo.json
Accept: application/xml, text/xml Content-Location: /documents/foo.xml
Accept: text/plain, text/* Content-Location: /documents/foo.txtCommon MIME types
+------------+-----------------------------------------------+-------------------------------------------------------------------------+
| Extension | Kind of document | MIME Type |
+------------+-----------------------------------------------+-------------------------------------------------------------------------+
| .aac | AAC audio | audio/aac
| .abw | AbiWord document | application/x-abiword
| .arc | Archive document (multiple files embedded) | application/x-freearc
| .avif | AVIF image | image/avif
| .avi | AVI: Audio Video Interleave | video/x-msvideo
| .azw | Amazon Kindle eBook format | application/vnd.amazon.ebook
| .bin | Any kind of binary data | application/octet-stream
| .bmp | Windows OS/2 Bitmap Graphics | image/bmp
| .bz | BZip archive | application/x-bzip
| .bz2 | BZip2 archive | application/x-bzip2
| .cda | CD audio | application/x-cdf
| .csh | C-Shell script | application/x-csh
| .css | Cascading Style Sheets (CSS) | text/css
| .csv | Comma-separated values (CSV) | text/csv
| .doc | Microsoft Word | application/msword
| .docx | Microsoft Word (OpenXML) | application/vnd.openxmlformats-officedocument.wordprocessingml.document
| .eot | MS Embedded OpenType fonts | application/vnd.ms-fontobject
| .epub | Electronic publication (EPUB) | application/epub+zip
| .gz | GZip Compressed Archive | application/gzip
| .gif | Graphics Interchange Format (GIF) | image/gif
| .htm/.html | HyperText Markup Language (HTML) | text/html
| .ico | Icon format | image/vnd.microsoft.icon
| .ics | iCalendar format | text/calendar
| .jar | Java Archive (JAR) | application/java-archive
| .jpeg/.jpg | JPEG images | image/jpeg
| .js | JavaScript | text/javascript
| .json | JSON format | application/json
| .jsonld | JSON-LD format | application/ld+json
| .mid/.midi | Musical Instrument Digital Interface (MIDI) | audio/midi, audio/x-midi
| .mjs | JavaScript module | text/javascript
| .mp3 | MP3 audio | audio/mpeg
| .mp4 | MP4 video | video/mp4
| .mpeg | MPEG Video | video/mpeg
| .mpkg | Apple Installer Package | application/vnd.apple.installer+xml
| .odp | OpenDocument presentation document | application/vnd.oasis.opendocument.presentation
| .ods | OpenDocument spreadsheet document | application/vnd.oasis.opendocument.spreadsheet
| .odt | OpenDocument text document | application/vnd.oasis.opendocument.text
| .oga | OGG audio | audio/ogg
| .ogv | OGG video | video/ogg
| .ogx | OGG | application/ogg
| .opus | Opus audio | audio/opus
| .otf | OpenType font | font/otf
| .png | Portable Network Graphics | image/png
| .pdf | Adobe Portable Document Format (PDF) | application/pdf
| .php | Hypertext Preprocessor (Personal Home Page) | application/x-httpd-php
| .ppt | Microsoft PowerPoint | application/vnd.ms-powerpoint
| .pptx | Microsoft PowerPoint (OpenXML) | application/vnd.openxmlformats-officedocument.presentationml.presentation
| .rar | RAR archive | application/vnd.rar
| .rtf | Rich Text Format (RTF) | application/rtf
| .sh | Bourne shell script | application/x-sh
| .svg | Scalable Vector Graphics (SVG) | image/svg+xml
| .tar | Tape Archive (TAR) | application/x-tar
| .tif/.tiff | Tagged Image File Format (TIFF) | image/tiff
| .ts | MPEG transport stream | video/mp2t
| .ttf | TrueType Font | font/ttf
| .txt/Text | (generally ASCII or ISO 8859-n) | text/plain
| .vsd | Microsoft Visio | application/vnd.visio
| .wav | Waveform Audio Format | audio/wav
| .weba | WEBM audio | audio/webm
| .webm | WEBM video | video/webm
| .webp | WEBP image | image/webp
| .woff | Web Open Font Format (WOFF) | font/woff
| .woff2 | Web Open Font Format (WOFF) | font/woff2
| .xhtml | XHTML | application/xhtml+xml
| .xls | Microsoft Excel | application/vnd.ms-excel
| .xlsx | Microsoft Excel (OpenXML) | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
| .xml | XML | application/xml is recommended but text/xml is still used sometimes.
| .xul | XUL | application/vnd.mozilla.xul+xml
| .zip | ZIP archive | application/zip
| .3gp | 3GPP audio/video container | video/3gpp; audio/3gpp if it doesn't contain video
| .3g2 | 3GPP2 audio/video container | video/3gpp2; audio/3gpp2 if it doesn't contain video
| .7z | 7-zip archive | application/x-7z-compressed
+------------+-----------------------------------------------+-------------------------------------------------------------------------+4. Request Methods
메서드는 대문자로 표기해야 한다. 기본적으로 어떤 웹서버이든지 GET과 HEAD는 지원해야하고, 나머지 메서드는 선택사항이다.
+---------+-------------------------------------------------+-------+
| Method | Description | Sec. |
+---------+-------------------------------------------------+-------+
| GET | Transfer a current representation of the target | 4.3.1 |
| | resource. | |
| HEAD | Same as GET, but only transfer the status line | 4.3.2 |
| | and header section. | |
| POST | Perform resource-specific processing on the | 4.3.3 |
| | request payload. | |
| PUT | Replace all current representations of the | 4.3.4 |
| | target resource with the request payload. | |
| DELETE | Remove all current representations of the | 4.3.5 |
| | target resource. | |
| CONNECT | Establish a tunnel to the server identified by | 4.3.6 |
| | the target resource. | |
| OPTIONS | Describe the communication options for the | 4.3.7 |
| | target resource. | |
| TRACE | Perform a message loop-back test along the path | 4.3.8 |
| | to the target resource. | |
+---------+-------------------------------------------------+-------+5. Request Header Fields
클라이언트는 요청에 대한 추가적인 정보를 같이 보낼 수 있다. 이는 원하는 응답 형식을 밝히거나, 인증 자격을 서버 측에 알려주는 등의 역할을 한다.
HTTP controls
controls는 직접적으로 요청을 다루는 헤더 필드다.
+-------------------+--------------------------+
| Header Field Name | Defined in... |
+-------------------+--------------------------+
| Cache-Control | Section 5.2 of [RFC7234] |
| Expect | Section 5.1.1 |
| Host | Section 5.4 of [RFC7230] |
| Max-Forwards | Section 5.1.2 |
| Pragma | Section 5.4 of [RFC7234] |
| Range | Section 3.1 of [RFC7233] |
| TE | Section 4.3 of [RFC7230] |
+-------------------+--------------------------+HTTP conditional
타깃 리소스에 대한 상태에 따라 응답에 조건을 주는 것이다. 예를 들어 클라이언트는 한번 받은 리소스는 다시 요청할 필요가 없기 때문에 리소스가 변경된 경우에만 다시 응답해달라고 요청할 수 있다.
+---------------------+--------------------------+
| Header Field Name | Defined in... |
+---------------------+--------------------------+
| If-Match | Section 3.1 of [RFC7232] |
| If-None-Match | Section 3.2 of [RFC7232] |
| If-Modified-Since | Section 3.3 of [RFC7232] |
| If-Unmodified-Since | Section 3.4 of [RFC7232] |
| If-Range | Section 3.2 of [RFC7233] |
+---------------------+--------------------------+Content negotiation
콘텐츠 협상은 요청한 사용자에 따라 같은 응답 웹페이지에서도 언어나 리소스의 미디어 타입, 인코딩 방법 등을 달리 해주는 방법이다.
두가지 방법이 있는데,
- 서버 주도 협상은 클라이언트가 보내는 특정 HTTP 헤더를 이용하는 방법이다.
- 클라이언트 주도 협상은 서버에 의해 전달되는 300(다중 선택)이나 406(허용 안 함) 응답 코드를 이용하는 방법이다.
+-------------------+---------------+
| Header Field Name | Defined in... |
+-------------------+---------------+
| Accept | Section 5.3.2 |
| Accept-Charset | Section 5.3.3 |
| Accept-Encoding | Section 5.3.4 |
| Accept-Language | Section 5.3.5 |
+-------------------+---------------+Authentication Credentials
서버에 인증 자격을 전달하는 HTTP 요청 헤더 필드다.
+---------------------+--------------------------+
| Header Field Name | Defined in... |
+---------------------+--------------------------+
| Authorization | Section 4.2 of [RFC7235] |
| Proxy-Authorization | Section 4.4 of [RFC7235] |
+---------------------+--------------------------+Request Context
사용자에 대한 정보 등 추가 정보를 제공하는 헤더 필드다.
+-------------------+---------------+
| Header Field Name | Defined in... |
+-------------------+---------------+
| From | Section 5.5.1 |
| Referer | Section 5.5.2 |
| User-Agent | Section 5.5.3 |
+-------------------+---------------+6. Response Status Codes
1XX : Information
2xx : Success
3xx : Redirection
4XX : Client error
5XX : Server error
+------+-------------------------------+--------------------------+
| Code | Reason-Phrase | Defined in... |
+------+-------------------------------+--------------------------+
| 100 | Continue | Section 6.2.1 |
| 101 | Switching Protocols | Section 6.2.2 |
| 200 | OK | Section 6.3.1 |
| 201 | Created | Section 6.3.2 |
| 202 | Accepted | Section 6.3.3 |
| 203 | Non-Authoritative Information | Section 6.3.4 |
| 204 | No Content | Section 6.3.5 |
| 205 | Reset Content | Section 6.3.6 |
| 206 | Partial Content | Section 4.1 of [RFC7233] |
| 300 | Multiple Choices | Section 6.4.1 |
| 301 | Moved Permanently | Section 6.4.2 |
| 302 | Found | Section 6.4.3 |
| 303 | See Other | Section 6.4.4 |
| 304 | Not Modified | Section 4.1 of [RFC7232] |
| 305 | Use Proxy | Section 6.4.5 |
| 307 | Temporary Redirect | Section 6.4.7 |
| 400 | Bad Request | Section 6.5.1 |
| 401 | Unauthorized | Section 3.1 of [RFC7235] |
| 402 | Payment Required | Section 6.5.2 |
| 403 | Forbidden | Section 6.5.3 |
| 404 | Not Found | Section 6.5.4 |
| 405 | Method Not Allowed | Section 6.5.5 |
| 406 | Not Acceptable | Section 6.5.6 |
| 407 | Proxy Authentication Required | Section 3.2 of [RFC7235] |
| 408 | Request Timeout | Section 6.5.7 |
| 409 | Conflict | Section 6.5.8 |
| 410 | Gone | Section 6.5.9 |
| 411 | Length Required | Section 6.5.10 |
| 412 | Precondition Failed | Section 4.2 of [RFC7232] |
| 413 | Payload Too Large | Section 6.5.11 |
| 414 | URI Too Long | Section 6.5.12 |
| 415 | Unsupported Media Type | Section 6.5.13 |
| 416 | Range Not Satisfiable | Section 4.4 of [RFC7233] |
| 417 | Expectation Failed | Section 6.5.14 |
| 426 | Upgrade Required | Section 6.5.15 |
| 500 | Internal Server Error | Section 6.6.1 |
| 501 | Not Implemented | Section 6.6.2 |
| 502 | Bad Gateway | Section 6.6.3 |
| 503 | Service Unavailable | Section 6.6.4 |
| 504 | Gateway Timeout | Section 6.6.5 |
| 505 | HTTP Version Not Supported | Section 6.6.6 |
+------+-------------------------------+--------------------------+
기본으로 cache되는 코드 :
200, 203, 204, 206, 300, 301, 404, 405, 410, 414, 501
7. Response Header Fields
control data
+-------------------+--------------------------+
| Header Field Name | Defined in... |
+-------------------+--------------------------+
| Age | Section 5.1 of [RFC7234] |
| Cache-Control | Section 5.2 of [RFC7234] |
| Expires | Section 5.3 of [RFC7234] |
| Date | Section 7.1.1.2 |
| Location | Section 7.1.2 |
| Retry-After | Section 7.1.3 |
| Vary | Section 7.1.4 |
| Warning | Section 5.5 of [RFC7234] |
+-------------------+--------------------------+
Date = HTTP-date
Date: Tue, 15 Nov 1994 08:12:31 GMTLocation = URI-reference
Location: http://www.example.net/index.htmlRetry-After = HTTP-date / delay-seconds
//사용자 에이전트가 후속 요청을 하기 전에 얼마나 기다려야 하는지 표시
Retry-After: Fri, 31 Dec 1999 23:59:59 GMT
Retry-After: 120Vary = "*" / 1#field-name
Vary: accept-encoding, accept-languageValidator Header Fields
+-------------------+--------------------------+
| Header Field Name | Defined in... |
+-------------------+--------------------------+
| ETag | Section 2.3 of [RFC7232] |
| Last-Modified | Section 2.2 of [RFC7232] |
+-------------------+--------------------------+Authentication Challenges
+--------------------+--------------------------+
| Header Field Name | Defined in... |
+--------------------+--------------------------+
| WWW-Authenticate | Section 4.1 of [RFC7235] |
| Proxy-Authenticate | Section 4.3 of [RFC7235] |
+--------------------+--------------------------+Response Context
+-------------------+--------------------------+
| Header Field Name | Defined in... |
+-------------------+--------------------------+
| Accept-Ranges | Section 2.3 of [RFC7233] |
| Allow | Section 7.4.1 |
| Server | Section 7.4.2 |
+-------------------+--------------------------+Allow = #method
//대상 리소스가 지원하는 메서드
Allow: GET, HEAD, PUTServer = product *( RWS ( product / comment ) )
//서버가 사용하는 소프트웨어에 대한 정보
Server: CERN/3.0 libwww/2.178. IANA Considerations
9. Security Considerations
HTTP semantics와 인터넷을 통해 정보를 전송하기 위한 sementics의 사용에 대한 보안 이슈를 다루고 있다.
의지와 행동