HTTP/1.1 Drafts: Combined Table of Contents

HTTP/1.1, part 1: URIs, Connections, and Message Parsing

• 1.   Introduction
  • 1.1   Purpose
  • 1.2   Requirements
  • 1.3   Terminology
  • 1.4   Overall Operation
• 2.   Notational Conventions and Generic Grammar
  • 2.1   Augmented BNF
  • 2.2   Basic Rules
• 3.   Protocol Parameters
  • 3.1   HTTP Version
  • 3.2   Uniform Resource Identifiers
    • 3.2.1   General Syntax
    • 3.2.2   http URL
    • 3.2.3   URI Comparison
  • 3.3   Date/Time Formats
    • 3.3.1   Full Date
  • 3.4   Transfer Codings
    • 3.4.1   Chunked Transfer Coding
• 4.   HTTP Message
  • 4.1   Message Types
  • 4.2   Message Headers
  • 4.3   Message Body
  • 4.4   Message Length
  • 4.5   General Header Fields
• 5.   Request
  • 5.1   Request-Line
    • 5.1.1   Method
    • 5.1.2   Request-URI
  • 5.2   The Resource Identified by a Request
• 6.   Response
  • 6.1   Status-Line
    • 6.1.1   Status Code and Reason Phrase
• 7.   Connections
  • 7.1   Persistent Connections
    • 7.1.1   Purpose
    • 7.1.2   Overall Operation
      • 7.1.2.1   Negotiation
      • 7.1.2.2   Pipelining
    • 7.1.3   Proxy Servers
    • 7.1.4   Practical Considerations
  • 7.2   Message Transmission Requirements
    • 7.2.1   Persistent Connections and Flow Control
    • 7.2.2   Monitoring Connections for Error Status Messages
    • 7.2.3   Use of the 100 (Continue) Status
    • 7.2.4   Client Behavior if Server Prematurely Closes Connection
• 8.   Header Field Definitions
  • 8.1   Connection
  • 8.2   Content-Length
  • 8.3   Date
    • 8.3.1   Clockless Origin Server Operation
  • 8.4   Host
  • 8.5   TE
  • 8.6   Trailer
  • 8.7   Transfer-Encoding
  • 8.8   Upgrade
  • 8.9   Via
• 9.   IANA Considerations
• 10.   Security Considerations
  • 10.1   Personal Information
  • 10.2   Abuse of Server Log Information
  • 10.3   Attacks Based On File and Path Names
  • 10.4   DNS Spoofing
  • 10.5   Proxies and Caching
  • 10.6   Denial of Service Attacks on Proxies
• 11.   Acknowledgments
• 12.   References
• Authors' Addresses
• A.   Internet Media Type message/http and application/http
• B.   Tolerant Applications
• C.   Conversion of Date Formats
• D.   Compatibility with Previous Versions
  • D.1   Changes from HTTP/1.0
    • D.1.1   Changes to Simplify Multi-homed Web Servers and Conserve IP Addresses
  • D.2   Compatibility with HTTP/1.0 Persistent Connections
  • D.3   Changes from RFC 2068
• Intellectual Property and Copyright Statements
• Index

HTTP/1.1, part 2: Message Semantics

• 1.   Introduction
• 2.   Product Tokens
• 3.   Method
• 4.   Request Header Fields
• 5.   Status Code and Reason Phrase
• 6.   Response Header Fields
• 7.   Entity
• 8.   Method Definitions
  • 8.1   Safe and Idempotent Methods
    • 8.1.1   Safe Methods
    • 8.1.2   Idempotent Methods
  • 8.2   OPTIONS
  • 8.3   GET
  • 8.4   HEAD
  • 8.5   POST
  • 8.6   PUT
  • 8.7   DELETE
  • 8.8   TRACE
  • 8.9   CONNECT
• 9.   Status Code Definitions
  • 9.1   Informational 1xx
    • 9.1.1   100 Continue
    • 9.1.2   101 Switching Protocols
  • 9.2   Successful 2xx
    • 9.2.1   200 OK
    • 9.2.2   201 Created
    • 9.2.3   202 Accepted
    • 9.2.4   203 Non-Authoritative Information
    • 9.2.5   204 No Content
    • 9.2.6   205 Reset Content
    • 9.2.7   206 Partial Content
  • 9.3   Redirection 3xx
    • 9.3.1   300 Multiple Choices
    • 9.3.2   301 Moved Permanently
    • 9.3.3   302 Found
    • 9.3.4   303 See Other
    • 9.3.5   304 Not Modified
    • 9.3.6   305 Use Proxy
    • 9.3.7   306 (Unused)
    • 9.3.8   307 Temporary Redirect
  • 9.4   Client Error 4xx
    • 9.4.1   400 Bad Request
    • 9.4.2   401 Unauthorized
    • 9.4.3   402 Payment Required
    • 9.4.4   403 Forbidden
    • 9.4.5   404 Not Found
    • 9.4.6   405 Method Not Allowed
    • 9.4.7   406 Not Acceptable
    • 9.4.8   407 Proxy Authentication Required
    • 9.4.9   408 Request Timeout
    • 9.4.10   409 Conflict
    • 9.4.11   410 Gone
    • 9.4.12   411 Length Required
    • 9.4.13   412 Precondition Failed
    • 9.4.14   413 Request Entity Too Large
    • 9.4.15   414 Request-URI Too Long
    • 9.4.16   415 Unsupported Media Type
    • 9.4.17   416 Requested Range Not Satisfiable
    • 9.4.18   417 Expectation Failed
  • 9.5   Server Error 5xx
    • 9.5.1   500 Internal Server Error
    • 9.5.2   501 Not Implemented
    • 9.5.3   502 Bad Gateway
    • 9.5.4   503 Service Unavailable
    • 9.5.5   504 Gateway Timeout
    • 9.5.6   505 HTTP Version Not Supported
• 10.   Header Field Definitions
  • 10.1   Allow
  • 10.2   Expect
  • 10.3   From
  • 10.4   Location
  • 10.5   Max-Forwards
  • 10.6   Referer
  • 10.7   Retry-After
  • 10.8   Server
  • 10.9   User-Agent
• 11.   IANA Considerations
• 12.   Security Considerations
  • 12.1   Transfer of Sensitive Information
  • 12.2   Encoding Sensitive Information in URI's
  • 12.3   Location Headers and Spoofing
• 13.   Acknowledgments
• 14.   References
• Authors' Addresses
• A.   Changes from RFC 2068
• Intellectual Property and Copyright Statements
• Index

HTTP/1.1, part 3: Message Payload and Content Negotiation

• 1.   Introduction
• 2.   Protocol Parameters
  • 2.1   Character Sets
    • 2.1.1   Missing Charset
  • 2.2   Content Codings
  • 2.3   Media Types
    • 2.3.1   Canonicalization and Text Defaults
    • 2.3.2   Multipart Types
  • 2.4   Quality Values
  • 2.5   Language Tags
• 3.   Entity
  • 3.1   Entity Header Fields
  • 3.2   Entity Body
    • 3.2.1   Type
    • 3.2.2   Entity Length
• 4.   Content Negotiation
  • 4.1   Server-driven Negotiation
  • 4.2   Agent-driven Negotiation
  • 4.3   Transparent Negotiation
• 5.   Header Field Definitions
  • 5.1   Accept
  • 5.2   Accept-Charset
  • 5.3   Accept-Encoding
  • 5.4   Accept-Language
  • 5.5   Content-Encoding
  • 5.6   Content-Language
  • 5.7   Content-Location
  • 5.8   Content-MD5
  • 5.9   Content-Type
• 6.   IANA Considerations
• 7.   Security Considerations
  • 7.1   Privacy Issues Connected to Accept Headers
  • 7.2   Content-Disposition Issues
• 8.   Acknowledgments
• 9.   References
• Authors' Addresses
• A.   Differences Between HTTP Entities and RFC 2045 Entities
  • A.1   MIME-Version
  • A.2   Conversion to Canonical Form
  • A.3   Introduction of Content-Encoding
  • A.4   No Content-Transfer-Encoding
  • A.5   Introduction of Transfer-Encoding
  • A.6   MHTML and Line Length Limitations
• B.   Additional Features
  • B.1   Content-Disposition
• C.   Changes from RFC 2068
• Intellectual Property and Copyright Statements
• Index

HTTP/1.1, part 4: Conditional Requests

• 1.   Introduction
• 2.   Entity Tags
• 3.   Status Code Definitions
  • 3.1   304 Not Modified
  • 3.2   412 Precondition Failed
• 4.   Weak and Strong Validators
• 5.   Rules for When to Use Entity Tags and Last-Modified Dates
• 6.   Header Field Definitions
  • 6.1   ETag
  • 6.2   If-Match
  • 6.3   If-Modified-Since
  • 6.4   If-None-Match
  • 6.5   If-Unmodified-Since
  • 6.6   Last-Modified
• 7.   IANA Considerations
• 8.   Security Considerations
• 9.   Acknowledgments
• 10.   References
• Authors' Addresses
• Intellectual Property and Copyright Statements
• Index

HTTP/1.1, part 5: Range Requests and Partial Responses

• 1.   Introduction
• 2.   Range Units
• 3.   Status Code Definitions
  • 3.1   206 Partial Content
  • 3.2   416 Requested Range Not Satisfiable
• 4.   Combining Byte Ranges
• 5.   Header Field Definitions
  • 5.1   Accept-Ranges
  • 5.2   Content-Range
  • 5.3   If-Range
  • 5.4   Range
    • 5.4.1   Byte Ranges
    • 5.4.2   Range Retrieval Requests
• 6.   IANA Considerations
• 7.   Security Considerations
• 8.   Acknowledgments
• 9.   References
• Authors' Addresses
• A.   Internet Media Type multipart/byteranges
• B.   Changes from RFC 2068
• Intellectual Property and Copyright Statements
• Index

HTTP/1.1, part 6: Caching

• 1.   Introduction
  • 1.1   Terminology
  • 1.2   Delta Seconds
• 2.   Caching in HTTP
  • 2.1   Overview
    • 2.1.1   Cache Correctness
    • 2.1.2   Warnings
    • 2.1.3   Cache-control Mechanisms
    • 2.1.4   Explicit User Agent Warnings
    • 2.1.5   Exceptions to the Rules and Warnings
    • 2.1.6   Client-controlled Behavior
  • 2.2   Expiration Model
    • 2.2.1   Server-Specified Expiration
    • 2.2.2   Heuristic Expiration
    • 2.2.3   Age Calculations
    • 2.2.4   Expiration Calculations
    • 2.2.5   Disambiguating Expiration Values
    • 2.2.6   Disambiguating Multiple Responses
  • 2.3   Validation Model
    • 2.3.1   Last-Modified Dates
    • 2.3.2   Entity Tag Cache Validators
    • 2.3.3   Non-validating Conditionals
  • 2.4   Response Cacheability
  • 2.5   Constructing Responses From Caches
    • 2.5.1   End-to-end and Hop-by-hop Headers
    • 2.5.2   Non-modifiable Headers
    • 2.5.3   Combining Headers
  • 2.6   Caching Negotiated Responses
  • 2.7   Shared and Non-Shared Caches
  • 2.8   Errors or Incomplete Response Cache Behavior
  • 2.9   Side Effects of GET and HEAD
  • 2.10   Invalidation After Updates or Deletions
  • 2.11   Write-Through Mandatory
  • 2.12   Cache Replacement
  • 2.13   History Lists
• 3.   Header Field Definitions
  • 3.1   Age
  • 3.2   Cache-Control
    • 3.2.1   What is Cacheable
    • 3.2.2   What May be Stored by Caches
    • 3.2.3   Modifications of the Basic Expiration Mechanism
    • 3.2.4   Cache Revalidation and Reload Controls
    • 3.2.5   No-Transform Directive
    • 3.2.6   Cache Control Extensions
  • 3.3   Expires
  • 3.4   Pragma
  • 3.5   Vary
  • 3.6   Warning
• 4.   IANA Considerations
• 5.   Security Considerations
• 6.   Acknowledgments
• 7.   References
• Authors' Addresses
• A.   Changes from RFC 2068
• Intellectual Property and Copyright Statements
• Index

HTTP/1.1, part 7: Authentication

• 1.   Introduction
• 2.   Status Code Definitions
  • 2.1   401 Unauthorized
  • 2.2   407 Proxy Authentication Required
• 3.   Header Field Definitions
  • 3.1   Authorization
  • 3.2   Proxy-Authenticate
  • 3.3   Proxy-Authorization
  • 3.4   WWW-Authenticate
• 4.   IANA Considerations
• 5.   Security Considerations
  • 5.1   Authentication Credentials and Idle Clients
• 6.   Acknowledgments
• 7.   References
• Authors' Addresses
• Intellectual Property and Copyright Statements
• Index