Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - News
User Name
Linux - News This forum is for original Linux News. If you'd like to write content for LQ, feel free to contact us.
All threads in the forum need to be approved before they will appear.


  Search this Thread
Old 06-08-2014, 06:52 AM   #1
Rogue Class
Registered: Sep 2006
Location: OR, USA
Distribution: Slackware 14.1
Posts: 201
Blog Entries: 3

Rep: Reputation: 78
HTTP 1.1 updated

The biggest difference compared to the old spec, is that there is simply a lot more text. A lot of things are easier to understand and read, and parts where there were ambiguity has been resolved.

A second change is that the core specification has now been split up over 6 separate specs, whereas before there was just RFC 2616 for HTTP, and RFC 2617 for Basic and Digest authentication.

Just for those reasons alone it may make a lot of sense for API authors to read the specs from end-to-end. Guarenteed you'll learn and get inspired into doing better HTTP api design.

Furthermore the 308 status code is now standard, which provides a 4th redirect status. 308 is a permanent redirect. Clients that receive a 308 are expected to follow the redirect and execute the exact same request again. This, as opposed to the 301, where clients usually change the method into a GET.

RFC 7239 standardizes a Forwarded header, which is supposed to replace headers such as X-Forwarded-For and X-Forwarded-Proto.

A far from complete list of interesting things that have changed.
  • Clarifications around dealing with unexpected whitespace, which should fix response splitting vulnerabilities.
  • The limit of two connections per server has been removed.
  • HTTP/0.9 support has been dropped.
  • Default charset of ISO-8859-1 has been removed.
  • Servers are no longer required to handle all Content-* header fields.
  • Content-Range has been explicitly banned in PUT requests.
  • It's now suggested to use the about:blank uri in the Referer header when no referer exists, to distinguish between "there was no referrer" and "I don't want to send a referrer".
  • The 204, 404, 405, 414 and 501 status codes are now cachable.
  • The status codes 301 and 302 have been changed to allow user agents to rewrite the method from POST to GET. This is a good example of a case where everybody has been (incorrectly) already doing this, and the spec now reflects the real world implementation.
  • The Location header can now contain relative uri's as well as fragment identifiers.
  • Content-MD5 has been removed.
Old 06-09-2014, 03:39 AM   #2
Registered: May 2001
Posts: 29,358
Blog Entries: 55

Rep: Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545Reputation: 3545
Thanks for posting, I rarely keep track of RFCs...

*I've asked for this post to be copied or moved to our Linux News section but it's also something you could consider posting in your own LQ web log BTW.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
apache: http://localhost (work) http://ipaddress (not working) sarmad Linux - Newbie 7 02-05-2013 07:47 AM
How to block HTTP requisitions with invalid/blank http referer field brgsousa Linux - Software 2 10-18-2010 02:49 PM
Apache: Change http://localhost to mlandvo Linux - Server 1 08-12-2010 08:47 AM
[SOLVED] Adding package sources fails saying "http://http not found skykooler Ubuntu 2 07-02-2010 09:32 AM > Forums > Linux Forums > Linux - News

All times are GMT -5. The time now is 12:54 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration