需要什么HTTP响应标头 [英] What HTTP response headers are required
问题描述
需要从服务器向客户端发送哪些HTTP响应头?
What HTTP response headers are required to be sent from server to the client?
我正在努力优化HTTP响应头以最小化HTTP响应开销。我知道开销有点夸张,但我喜欢干净的输出。
I working to optimize the HTTP response headers to minimize the HTTP response overhead. I know "overhead" is somewhat exaggerated, but I like a clean output.
我看到很多网站都会发送冗余缓存标题。
I see a lot of websites, which sends redundant cache headers.
例如
指定 Expires 和<$ c $都是多余的c> Cache-Control:max-age ,或同时指定 Last-Modified 和 ETag 。
It is redundant to specify both Expires and Cache-Control: max-age, or to specify both Last-Modified and ETag.
- Source
- HTTP / 1.1:标题字段定义
推荐答案
这取决于你定义的要求:无论在什么情况下都没有必须与每个响应一起发送的头字段,但是您确实应该发送标题字段。接近的唯一标题字段是日期,但即使它有不需要的情况。
It depends on what you define as being required: there are no header fields that must be sent with every response no matter what the circumstances are, but there are header fields that you really should send. The only header field that comes close is Date, but even it has circumstances under which it is not required.
在 RFC 2119 的说法中,术语必须意味着某些东西是规范要求且不符合要求将无效。 RFC( 7230 , 7231 , 7232 , 7233 , 7234 ,或 7235 必须在所有情况下由原始服务器发送。
In the parlance of RFC 2119, the term MUST means that something is a requirement of the specification and not meeting the requirement would be invalid. There are no header fields defined by RFCs 7230, 7231, 7232, 7233, 7234, or 7235 that MUST be sent by an origin server in all cases.
以下标题,例如,可以省略(尽管你可能应该发送它们):
The following headers, for example, can be omitted (though you probably should send them):
原始服务器不得发送
日期标题字段如果它没有
有一个时钟能够在协调世界时提供合理近似的
当前实例。如果响应位于1xx
(信息)或5xx(服务器错误)类状态代码中,则原始服务器可以
发送日期标头字段。
原始服务器必须在所有其他情况下发送日期标题字段。
An origin server MUST NOT send a
Dateheader field if it does not have a clock capable of providing a reasonable approximation of the current instance in Coordinated Universal Time. An origin server MAY send aDateheader field if the response is in the 1xx (Informational) or 5xx (Server Error) class of status codes. An origin server MUST send aDateheader field in all other cases.
注意引用的最后一句。如果原始服务器能够提供UTC的合理近似日期,则日期标题字段必须,但没有任何内容阻止服务器歪曲自己。
Note the last sentence of the quote. The Date header field MUST be sent if the origin server is capable of providing a "reasonable approximation" of the date in UTC, but there is nothing stopping a server from misrepresenting itself.
原始服务器可以在其中生成
服务器字段回复。
3.3.2。内容长度
3.3.2. Content-Length
除[有限数量的预定义案例]外,在没有
<$的情况下c $ c> Transfer-Encoding ,当有效负载主体大小已知时,原始服务器应该发送Content-Length
头字段在发送
完整标题部分之前。
Aside from [a finite number of predefined cases], in the absence of
Transfer-Encoding, an origin server SHOULD send aContent-Lengthheader field when the payload body size is known prior to sending the complete header section.
关于 Content-Length的主题和 Transfer-Encoding ,请注意,两者都不能发送,在这种情况下,响应的长度由在之前收到的八位字节数决定。服务器关闭连接。
On the subject of Content-Length and Transfer-Encoding, note that neither can be sent, in which case the length of the response is "determined by the number of octets received prior to the server closing the connection."
如果
Content-Type标题字段为不存在,收件人
可以假设媒体类型application / octet-stream
(RFC2046,第4.5.1节)或检查数据确定其类型。
If a
Content-Typeheader field is not present, the recipient MAY either assume a media type ofapplication/octet-stream(RFC2046, Section 4.5.1) or examine the data to determine its type.
在某些情况下,可能需要特定的标头,例如:
There are circumstances under which particular headers can be required, for example:
- 不支持持久连接的原始服务器必须在每个没有1xx状态代码的响应中发送
连接:关闭。 - 原始服务器必须在405(不允许的方法)响应中生成
允许标头。 - 生成401(未授权)响应的源服务器必须发送包含至少一个质询的
WWW-Authenticate标头字段。
- An origin server that does not support persistent connections MUST send the
Connection: closein every response that does not have a 1xx status code. - An origin server MUST generate an
Allowheader in a 405 (Method Not Allowed) response. - An origin server generating a 401 (Unauthorized) response MUST send a
WWW-Authenticateheader field containing at least one challenge.
这篇关于需要什么HTTP响应标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
