Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
あたらしいHTTPの話をしよう
Search
Ippei Ogiwara
July 03, 2014
Technology
6
6.3k
あたらしいHTTPの話をしよう
あたらしいHTTP/1.1、RFC7230-7239のざっくりしたまとめ
http://blog.hmm.jp/entry/new-http1.1-rfcs
Ippei Ogiwara
July 03, 2014
Tweet
Share
More Decks by Ippei Ogiwara
See All by Ippei Ogiwara
AWS re:Inforce 2019 re:Cap
iogi
3
4.2k
Other Decks in Technology
See All in Technology
実践アプリケーション設計 ②トランザクションスクリプトへの対応
recruitengineers
PRO
2
140
自治体職員がガバクラの AWS 閉域ネットワークを理解するのにやって良かった個人検証環境
takeda_h
2
380
人を動かすことについて考える
ichimichi
2
320
どこで動かすか、誰が動かすか 〜 kintoneのインフラ基盤刷新と運用体制のシフト 〜
ueokande
0
180
マイクロモビリティシェアサービスを支える プラットフォームアーキテクチャ
grimoh
1
200
DeNA での思い出 / Memories at DeNA
orgachem
PRO
3
1.5k
[OCI Skill Mapping] AWSユーザーのためのOCI(2025年8月20日開催)
oracle4engineer
PRO
2
140
Understanding Go GC #coefl_go_jp
bengo4com
0
1.1k
実践データベース設計 ①データベース設計概論
recruitengineers
PRO
2
190
RAID6 を楔形文字で組んで現代人を怖がらせましょう(実装編)
mimifuwa
0
300
ソフトウェア エンジニアとしての 姿勢と心構え
recruitengineers
PRO
2
600
EKS Pod Identity における推移的な session tags
z63d
1
200
Featured
See All Featured
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Rebuilding a faster, lazier Slack
samanthasiow
83
9.1k
A Modern Web Designer's Workflow
chriscoyier
695
190k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
How STYLIGHT went responsive
nonsquared
100
5.7k
Balancing Empowerment & Direction
lara
2
590
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
9
780
What's in a price? How to price your products and services
michaelherold
246
12k
How GitHub (no longer) Works
holman
315
140k
Making Projects Easy
brettharned
117
6.3k
Transcript
৽͍͠)551ͷΛ͠Α͏ 3 Jul, 2014 @iogi
)551 )ZQFSUFYU5SBOTGFS1SPUPDPMWFSTJPO ESBGUJFUGIUUQCJTIUUQ
͡Όͳͯ͘
৽͍͠)551
IUUQTXXXNOPUOFUCMPHSGD@JT@EFBE
3'$ w 3'$)ZQFSUFYU5SBOTGFS1SPUPDPM)551 w ݄ʹϦϦʔε͞Εͨɻલ
*&5')551CJT8( w )551ͷඪ४ԽΛߦ͍ͬͯΔϫʔΩϯάάϧʔϓ w ฒߦͯ͠)551ͷվగߦ͍ͬͯΔ
3'$JTEFBE w 3'$PCTPMFUF ഇࢭ ʹϚʔΫ͞Εɺஔ͖ΘΔ 3'$ͷͭͷ3'$͕ެ։
3'$ w 3'$.FTTBHF4ZOUBYBOE3PVUJOHMPXMFWFMNFTTBHF QBSTJOHBOEDPOOFDUJPONBOBHFNFOU w 3'$4FNBOUJDTBOE$POUFOUNFUIPET TUBUVTDPEFT BOEIFBEFST w 3'$$POEJUJPOBM3FRVFTUTFH
*G.PEJpFE4JODF w 3'$3BOHF3FRVFTUTHFUUJOHQBSUJBMDPOUFOU w 3'$$BDIJOHCSPXTFSBOEJOUFSNFEJBSZDBDIFT w 3'$"VUIFOUJDBUJPOBGSBNFXPSLGPS)551 BVUIFOUJDBUJPO
3'$ w 3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w 3'$.FUIPE3FHJTUSBUJPOT w 3'$UIFTUBUVTDPEF w 3'$'PSXBSEFE)551FYUFOTJPO
Կ͕มΘͬͨͷ w ηΩϡϦςΟ্ͱͳ͍ͬͯͨ෦ͷमਖ਼ w 3'$Ͱແ͍ͷͷσϑΝΫτελϯμʔυͱͳ͍ͬͯͨ ͷΛఆٛ w ֤3'$ ͷʹɺ3'$͔Βͷมߋ͕ॻ
͔Ε͍ͯΔͷͰ֬ೝ
3'$.FTTBHF4ZOUBYSPVUJOH ओʹSFpOFNFOU w )551ͷ)551͕େจࣈʹݶఆɺόʔδϣϯࣈ͕ͦΕͧ Εܻʹݶఆ ࣮͕ଟܻΛαϙʔτͰ͖ͯͳ͍͔Β w ϔομͷෆਖ਼ͳXIJUFTQBDFෳߦϔομΛഇࢭ w CPEZͷMFOHUIͷܭࢉํ๏ΛಛघέʔεؚΊ໌֬Խ
w $IVOL-FOHUIDIVODLIFBEFSͱUSBJMFSΛؚΊͳ͍Α͏ʹ w $POOFDUJPODMPTFͷૹ৴࣌ͷಈ࡞Λ໌֬Խ
3'$4FNBOUJDTBOE$POUFOU w EFGBVMUDIBSTFU *40 ͷഇࢭ w 3FGFSFS w 4BNF0SJHJOͰϦϑΝϥΛૹΔ͖ w
BCPVUCMBOL͕ՃɻϦϑΝϥΛམͱ͍ͯ͠ΔͷͰແ͘ɺ ໌ࣔతʹଘࡏ͠ͳ͍͜ͱΛએݴ͢Δ w Ұ؏ੑͷͨΊ(&5ϦΫΤετ͕CPEZΛ࣋ͭ͜ͱΛڐՄ w εςʔλεͷΩϟογϡΛڐՄ w $POUFOU.%ϔομͷআ
$POUFOU.%ͷഇࢭ w 5IF$POUFOU.%IFBEFSpFMEIBTCFFOSFNPWFECFDBVTFJU XBTJODPOTJTUFOUMZJNQMFNFOUFEXJUISFTQFDUUPQBSUJBM SFTQPOTFT w 41VU0CKFDU࣌ʹɺQBZMPBEͷݕূʹ͏͜ͱ͕Ͱ͖Δ 0QUJPOBM w
IUUQEPDTBXTBNB[PODPN"NB[PO4MBUFTU"1* 3&450CKFDU165IUNM
3'$<>ओʹSFpOFNFOU w 3'$$POEJUJPOBM3FRVFTUT w *G.PEJpFE4JODFͷ͖݅ϦΫΤετͷఆٛ w 3'$3BOHF3FRVFTUT w 3BOHF3FRVFTUͷఆٛ w
3'$$BDIJOH w $POUFOU$BDIFͷఆٛ w 3'$"VUIFOUJDBUJPO w ΈΜͳେ͖#BTJD%JHFTUೝূͳͲͷτϐοΫ
3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w ೝূͷछྨΛఆ͍ٛͯ͠Δ͚ͩ ! +----------------+------------+-------------------------------------+! | Authentication | Reference |
Notes |! | Scheme Name | | |! +----------------+------------+-------------------------------------+! | Basic | [RFC2617], | |! | | Section 2 | |! | Bearer | [RFC6750] | |! | Digest | [RFC2617], | |! | | Section 3 | |! | Negotiate | [RFC4559], | This authentication scheme violates |! | | Section 3 | both HTTP semantics (being |! | | | connection-oriented) and syntax |! | | | (use of syntax incompatible with |! | | | the WWW-Authenticate and |! | | | Authorization header field syntax). |! | OAuth | [RFC5849], | |! | | Section | |! | | 3.5.1 | |! +----------------+------------+-------------------------------------+!
3'$*OJUJBM)551.FUIPE3FHJTUSBUJPOT w ͪ͜Β)551ͷϝιουͷՃఆٛͱ͍͏໊͔લͷ༧ w ओʹ8FC%BWͷϝιου
3'$4UBUVT$PEF 1FSNBOFOU3FEJSFDU w ৽͍͠ϦμΠϨΫτεςʔλε w ӬଓతͳϦμΠϨΫτ࣌ʹ1045ͷ༰ΛϦμΠϨΫτઌʹ ૹ৴ ! !
! ! w ඇରԠͷϒϥβ͕Ͳ͏ղऍ͢Δ͔ɺ·ͨඇରԠͷϒϥβ ΛαʔόଆͰஅͰ͖Δͷ͔ɺΉ͍ͣͱ͜Ζ Ӭଓత Ұ࣌త POST͔ΒGETͷϝιουมߋΛڐՄ 301 302 POST͔ΒGETͷมߋΛڐՄ͠ͳ͍ 308 307
YSFEJSFDUSFTQPOTFT w .PWFE1FSNBOFOUMZ߃ٱతͳϦμΠϨΫτ w 'PVOEݩʑ.PWFE5FNQPSBSJMZ͕ͩͬͨɺܝࣔ൘8JLJͳͲ ͰߘޙʹϒϥβΛଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹ͜ͷίʔυ͕ ༻͞ΕΔΑ͏ʹͳͬͨͨΊɺ'PVOEʹͳΓɺ৽ͨʹ ͕࡞͞Εͨɻ w
4FF0UIFSଞΛࢀরͤΑɻϦΫΤετͨ͠Ϧιʔε͔֬ʹͦ ͷ63-ʹ͋Δ͕ɺଞͷϦιʔεΛͬͯϨεϙϯεͱ͢ΔΑ͏ͳ ߹ʹ༻͢Δɻ ܝࣔ൘ͷߘޙʹଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹΘ ΕΔ͖ίʔυͱͯ͠ಋೖ͞Εͨɻ w 5FNQPSBSZ3FEJSFDUҰ࣌తͳϦμΠϨΫτɻͷຊདྷͷ༻ ๏ΛվΊͯఆٛͨ͠ͷɻ
3'$'PSXBSEFE)551&YUFOTJPO w 'PSXBSEFEϔομͷඪ४Խ w 9'PXBSEFE'PS 9'PSXBSEFE1SPUPͷϔομɺ9͕͍ ͍ͯΔͱ͓Γɺ3'$ඪ४ϔομͰͳ͍͕ɺσϑΝΫτελ ϯμʔυͱͳ͍ͬͯΔ w ݩʑ4RVJE͕ಋೖͨ͠
8JLJQFEJB w ඇඪ४Ώ͑ʹɺରԠঢ়گ͕·ͪ·ͪɺ'PSʹෳྻڍ͞Εͯ ͍Δͱࣦഊ͢ΔɺηΩϡϦςΟ্ͷݒ೦ͳͲ͍Ζ͍Ζ͋ͬͨ
'PSXBSEFEϔομ w lCZϦΫΤετΛड͚ͨϓϩΩγͷ$VTUPNFS'BDJOHଆͷ ࣝผࢠ w GPSϦΫΤετݩ 9''ͱಉ͡ w lIPTUzϓϩΩγ͕ड͚ͨ)PTUϔομ
w lQSPUPϓϩΩγ͕ड͚ͨϓϩτίϧ ! ! ! Forwarded: for="_gazonk"! Forwarded: For="[2001:db8:cafe::17]:4711"! Forwarded: for=192.0.2.60;proto=http;by=203.0.113.43! Forwarded: for=192.0.2.43, for=198.51.100.17
BEEJUJPOBMJEFOUJpFST w zVOLOPXOzࣝผࢠ w ୭͔Β͔Βͳ͍͚Ͳసૹͨ͠ͱ͍͏͜ͱΛ໌͍ࣔͨ͠ ͱ͖ʹ*1ɺϗετ໊ͷΘΓʹ͏ w 0CGVTDBUFE*EFOUJpFS ΅͔ͨࣝ͠ผࢠ
w ෦*1ΞυϨεΛൿີʹ͍͚ͨ͠Ͳɺσόοά༻్ʹ 'PSXBSEFEϔομΛग़ྗ͍ͨ͠ͱ͖ʹ@ VOEFSTDPSF ͔Β ࢝·ΔJEFOUJpFSΛ͑Δ Forwarded: for=_hidden, for=_SEVKISEK
9'PSXBSEFE͔ΒͷҠߦ w "QBDIFαʔόଆ͕ରԠ͞ΕͨΒฒߦͯ͠1SPYZଆͰରԠ ͞Ε͍ͯ͘ͷͰ w 9'PXBSEFEͷϔομͱڞଘͰ͖ΔͷͰɺ྆ํग़ྗͯ͠͠ ·͏ͷ͋Γ w બͰ͖ΔΑ͏ʹ͢Δ
·ͱΊ w ࠓ·Ͱࣄ࣮ඪ४ͱͳ͍ͬͯͨͷ͕ɺඪ४Խ͞ΕΔ w ͚Ͳɺόʔδϣϯಉ͡)551 ۠ผͰ͖ͳ͍ w ΫϥΠΞϯτଆɺαʔόଆͰରԠ༗ແɺϑΥʔϧόοΫ ͰҰ෦ࠞཚ͢Δ͜ͱ͕͋Δ͔͠Εͳ͍
w ਖ਼͍͠ಓΛఆ͍ٛͯ͠ΔͷΑ͍