HTTP protocol – HTTP general header (common)
Common header field name
|Common header field name||explain|
|Cache-Control||Control cache behavior|
|Connection||Allows clients and servers to specify options related to request / response links|
|Date||Date and time of message creation|
Cache control request instruction:
|no-cache||nothing||Force authentication to the source server again|
|no-store||nothing||Specifies that the cache cannot store any part of the request locally|
|Max age = [sec]||must||For example, Max age = 31536000, cache for one year|
Cache control cache response instruction:
|public||A cache of responses can be provided to any party|
|private||Returns a response only to a specific user|
|no-cache||Its validity must be confirmed before caching|
|no-store||Specifies that the cache cannot store any part of the response locally|
|Max age = [sec]||Maximum age value of response|
no-cache: does not mean no caching. It means that before using cache resources, it must be checked by the server (revalidate can also achieve this function).
no-store: tell the browser not to cache it.
The content of the resource is very stable and will not change for a long time, so we can declare that the browser / CDN can cache the resource for a long time (3153600 seconds, i.e. one year),As long as the user does not manually clean up the browser cache, the internal server will no longer receive (current browser / CDN) requests for this resource for a year.
recommend： The optimal solution of front-end static resource cache and the trap of Max age
|keep-alive||Maintain long links|
Keep alive description supplement
Connection: keep alive is used forHTTP persistent connectionField for.
Comparison of requests in close mode and keep alive mode:
Advantages and disadvantages of keep alive
advantage: keep alive mode is more efficient because it avoids the overhead of connection establishment and release
shortcoming: long time TCP connection can easily lead to invalid occupation of system resources and waste of system resources
HTTP protocol – HTTP request header (common)
Request header field name
|Request header field name||explain|
|Host||Gives the host name and port number of the server that receives the request|
|Referer||Provides the URL of the document that contains the URL of the current request|
|User-Agent||Inform the server of the name of the application that initiated the request|
|Accept||Content types that the server can process (mime_type)|
|Accept-Encoding||Encoding method (gzip: LZ77 compression algorithm; compress: LZW compression algorithm; identity: self)|
|If-Modified-Since||Implementation of negotiation cache with last modified|
|If-None-Match||Cache with Etag|
|Authorization||User credentials; For example (bearer XXXX)|
|Cookie||Every time the browser sends a request, it will carry|
I am here
www.google.comThere’s one in the
www.baidu.comLink, then click here
Www.baidu.com, its header information includes:
Role of referer:
- Anti theft chain
I only allow my own website to access my own image server. What is my domain name
www.google.com, then the image server takes the referer every time to judge whether it is my own domain name
www.google.com, if yes, continue to visit, not intercept.
- Prevent malicious requests.
Dynamic request is time to have referer for my own website.
The request header is used to inform the (server) client of the content type that can be processed. This content type is represented by MIME type. The server canSelect one of many alternatives to apply, and use
Content-TypeThe reply header informs the client of its selection.
|<MIME_type>/<MIME_subtype>||A single exact MIME type, such as text / HTML|
|<MIME_type>/*||A MIME type, but no subclass is specified. Image / * can be used to refer to image / PNG, image / SVG, image / GIF and any other picture type.|
|*/*||MIME type of any type|
|; Q = (Q factor weight)||Value represents priority and is expressed by relative quality value, also known as weight.|
Accept: text/html Accept: image/* Accept: text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8
HTTP protocol – HTTP response header (common)
Response header field name
|Age||I don’t understand. What are you doing|
|Server||The name and version of the server application software|
|Vary||Determines a request header for the future|
|Set-Cookie||The server sends cookies to the client|
Vary implements dynamic services
For example, the content you provide to the mobile terminal is different, which can prevent your client from misusing the cache for the desktop terminal. It can help Google and other search engines find your mobile version of the page and tell them that cloaking is not needed.
Vary: Accept-EncodingDifferent clients may have different compression coding methods. Some clients may not support compression, so the data returned by the server cannot be compressed, and the server needs to return different data. The solution to this problem is to return specific data by adding the accept encoding of variable to tell the server the types supported
HTTP protocol – HTTP entity header (common)
Entity header field name
|Entity header field||information|
|Allow||Enumerates the collection of HTTP methods supported by the resource|
|Content-Encoding||Any encoding performed on the principal|
|Content-Length||The length or size of the body|
|Content-Type||The object type of this principal|
|ETag||Entity tag associated with this entity|
|Last-Modified||Date and time when the entity was last modified|
When the server receives an unsupported HTTP method, it displays the status code
405 Method Not AllowedReturned as a response. At the same time, all supported HTTP methods will be written to the header fieldAllowReturn after.
Cache expiration time is used to specify the expiration time of resources. It is a specific time point on the server side.
Expires is the header field of the web server response message. When responding to the HTTP request, it tells the browser that the browser can directly fetch data from the browser cache before the expiration time without requesting again.
Expires: Wed, 04 Jul 2012 08:26:05 GMT #Set expires and cache control via HTTP meta < meta http equiv = "expires" content = "wed, 04 Jul 2012 08:26:05 GMT" > // valid only for this page, not for pictures or other requests in the page
If the “Max age” or “s-max-age” instruction is set in the cache control response header, the expires header will be ignored
Expires is a product of HTTP / 1. It is limited by the local time. If the local time is modified, the cache may become invalid.
Content encoding and content type and server and client processing flow
#Response headers Content-Encoding： gzip Content-Type：text/plain;charset=iso-8859-1
Take the return of Hello information as an example:
ServertobrowserSent a message: Hello
first,ServerTo tellbrowser, the type of the data I sent you. Different types of data need to be set if the receiver’s processing methods are different
Content-Type：text/plain;charset=iso-8859-1Tell the browser what to do;
Because the computer only knows 0 and 1, the browser should receive:
01101000(h) 01100101(e) 01101100(l) 01101100(l) 01101111(o)
If we compress’ hello ‘with gzip algorithm; Then the binary string has changed; So we also need to tell the browser
Server -- > content type: text / plain and content encoding: gzip -->Browser -- > first parse the compression algorithm content encoding: gzip -- > First parse the compression algorithm content encoding: gzip -- > and then parse the content type
Relationship between last modified and if modified since
When the browser accesses the resource for the first time, the server returns the resource and adds last modified in response headers. The value is the last modification time of the resource on the server:
Last-Modified: Fri, 23 Oct 2020 07:33:48 GMT
If the browser requests the resource again, request headers will be added
If-Modified-Since: Fri, 23 Oct 2020 07:33:48 GMT
When the server receives this resource request again, it will
If-Modified-SinceThe value is compared with the last modification time of this resource in the server. If there is no change, 304 and an empty response body are returned and read directly from the cache; If the time of if modified since is less than the last modification time of this resource in the server, it indicates that the file has been updated, so the new resource file and 200 are returned;
Etag and if none match
When the browser accesses a resource for the first time, when the server returns the resource, a unique identifier of the current resource file is added to the response headers（As long as the resource changes, Etag will be regenerated）:
If the browser requests the resource again, request headers will be added
The server only needs to compare whether the if none match transmitted from the client is consistent with the Etag of the resource on its own server, so as to judge whether the resource has been modified relative to the client