Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
あたらしいHTTPの話をしよう
Search
Ippei Ogiwara
July 03, 2014
Technology
6
6.2k
あたらしいHTTPの話をしよう
あたらしいHTTP/1.1、RFC7230-7239のざっくりしたまとめ
http://blog.hmm.jp/entry/new-http1.1-rfcs
Ippei Ogiwara
July 03, 2014
Tweet
Share
More Decks by Ippei Ogiwara
See All by Ippei Ogiwara
AWS re:Inforce 2019 re:Cap
iogi
3
4.2k
Other Decks in Technology
See All in Technology
Do you know “Environment Variables” ?
akimiya
0
150
From naive to advanced RAG: the complete guide
glaforge
0
650
新入社員 オンボーディング改善プロジェクト - シンプルな仕組みで変革のきっかけを
enpipi
0
440
地域DXにおけるGrafana活用事例
wacky
0
380
LINE-ChatGPT 倫理問題を整理する全力肯定彼氏くん [LuC4]に訪れたサービス開始以来の最大の危機
o_ob
2
300
Bluesky 2019〜2022
yamarten
1
120
入社半年(合計1年)でGoogle Cloud 認定を全冠した秘訣🤫
risatube
1
270
AWS DDKを利用したDataOps事始め
beex
1
170
0x5F3759DF
ykozw
0
330
プログラミング写経のすすめ
natsutan
0
160
管理画面とユーザー機能の調和を取り戻す!~クエリパフォーマンス改善の成功物語~ / Restore harmony between administrative and user functions!
minisera
1
280
Amplify Gen 2ではじめる 生成AIアプリ開発入門
tsukuboshi
0
400
Featured
See All Featured
StorybookのUI Testing Handbookを読んだ
zakiyama
26
5.2k
Producing Creativity
orderedlist
PRO
341
39k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
41
9.2k
Keith and Marios Guide to Fast Websites
keithpitt
408
22k
The Power of CSS Pseudo Elements
geoffreycrofte
71
5.3k
Making the Leap to Tech Lead
cromwellryan
131
8.9k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
23k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
46
4.9k
Optimizing for Happiness
mojombo
375
69k
Facilitating Awesome Meetings
lara
49
6k
Typedesign – Prime Four
hannesfritz
39
2.4k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
48k
Transcript
৽͍͠)551ͷΛ͠Α͏ 3 Jul, 2014 @iogi
)551 )ZQFSUFYU5SBOTGFS1SPUPDPMWFSTJPO ESBGUJFUGIUUQCJTIUUQ
͡Όͳͯ͘
৽͍͠)551
IUUQTXXXNOPUOFUCMPHSGD@JT@EFBE
3'$ w 3'$)ZQFSUFYU5SBOTGFS1SPUPDPM)551 w ݄ʹϦϦʔε͞Εͨɻલ
*&5')551CJT8( w )551ͷඪ४ԽΛߦ͍ͬͯΔϫʔΩϯάάϧʔϓ w ฒߦͯ͠)551ͷվగߦ͍ͬͯΔ
3'$JTEFBE w 3'$PCTPMFUF ഇࢭ ʹϚʔΫ͞Εɺஔ͖ΘΔ 3'$ͷͭͷ3'$͕ެ։
3'$ w 3'$.FTTBHF4ZOUBYBOE3PVUJOHMPXMFWFMNFTTBHF QBSTJOHBOEDPOOFDUJPONBOBHFNFOU w 3'$4FNBOUJDTBOE$POUFOUNFUIPET TUBUVTDPEFT BOEIFBEFST w 3'$$POEJUJPOBM3FRVFTUTFH
*G.PEJpFE4JODF w 3'$3BOHF3FRVFTUTHFUUJOHQBSUJBMDPOUFOU w 3'$$BDIJOHCSPXTFSBOEJOUFSNFEJBSZDBDIFT w 3'$"VUIFOUJDBUJPOBGSBNFXPSLGPS)551 BVUIFOUJDBUJPO
3'$ w 3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w 3'$.FUIPE3FHJTUSBUJPOT w 3'$UIFTUBUVTDPEF w 3'$'PSXBSEFE)551FYUFOTJPO
Կ͕มΘͬͨͷ w ηΩϡϦςΟ্ͱͳ͍ͬͯͨ෦ͷमਖ਼ w 3'$Ͱແ͍ͷͷσϑΝΫτελϯμʔυͱͳ͍ͬͯͨ ͷΛఆٛ w ֤3'$ ͷʹɺ3'$͔Βͷมߋ͕ॻ
͔Ε͍ͯΔͷͰ֬ೝ
3'$.FTTBHF4ZOUBYSPVUJOH ओʹSFpOFNFOU w )551ͷ)551͕େจࣈʹݶఆɺόʔδϣϯࣈ͕ͦΕͧ Εܻʹݶఆ ࣮͕ଟܻΛαϙʔτͰ͖ͯͳ͍͔Β w ϔομͷෆਖ਼ͳXIJUFTQBDFෳߦϔομΛഇࢭ w CPEZͷMFOHUIͷܭࢉํ๏ΛಛघέʔεؚΊ໌֬Խ
w $IVOL-FOHUIDIVODLIFBEFSͱUSBJMFSΛؚΊͳ͍Α͏ʹ w $POOFDUJPODMPTFͷૹ৴࣌ͷಈ࡞Λ໌֬Խ
3'$4FNBOUJDTBOE$POUFOU w EFGBVMUDIBSTFU *40 ͷഇࢭ w 3FGFSFS w 4BNF0SJHJOͰϦϑΝϥΛૹΔ͖ w
BCPVUCMBOL͕ՃɻϦϑΝϥΛམͱ͍ͯ͠ΔͷͰແ͘ɺ ໌ࣔతʹଘࡏ͠ͳ͍͜ͱΛએݴ͢Δ w Ұ؏ੑͷͨΊ(&5ϦΫΤετ͕CPEZΛ࣋ͭ͜ͱΛڐՄ w εςʔλεͷΩϟογϡΛڐՄ w $POUFOU.%ϔομͷআ
$POUFOU.%ͷഇࢭ w 5IF$POUFOU.%IFBEFSpFMEIBTCFFOSFNPWFECFDBVTFJU XBTJODPOTJTUFOUMZJNQMFNFOUFEXJUISFTQFDUUPQBSUJBM SFTQPOTFT w 41VU0CKFDU࣌ʹɺQBZMPBEͷݕূʹ͏͜ͱ͕Ͱ͖Δ 0QUJPOBM w
IUUQEPDTBXTBNB[PODPN"NB[PO4MBUFTU"1* 3&450CKFDU165IUNM
3'$<>ओʹSFpOFNFOU w 3'$$POEJUJPOBM3FRVFTUT w *G.PEJpFE4JODFͷ͖݅ϦΫΤετͷఆٛ w 3'$3BOHF3FRVFTUT w 3BOHF3FRVFTUͷఆٛ w
3'$$BDIJOH w $POUFOU$BDIFͷఆٛ w 3'$"VUIFOUJDBUJPO w ΈΜͳେ͖#BTJD%JHFTUೝূͳͲͷτϐοΫ
3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w ೝূͷछྨΛఆ͍ٛͯ͠Δ͚ͩ ! +----------------+------------+-------------------------------------+! | Authentication | Reference |
Notes |! | Scheme Name | | |! +----------------+------------+-------------------------------------+! | Basic | [RFC2617], | |! | | Section 2 | |! | Bearer | [RFC6750] | |! | Digest | [RFC2617], | |! | | Section 3 | |! | Negotiate | [RFC4559], | This authentication scheme violates |! | | Section 3 | both HTTP semantics (being |! | | | connection-oriented) and syntax |! | | | (use of syntax incompatible with |! | | | the WWW-Authenticate and |! | | | Authorization header field syntax). |! | OAuth | [RFC5849], | |! | | Section | |! | | 3.5.1 | |! +----------------+------------+-------------------------------------+!
3'$*OJUJBM)551.FUIPE3FHJTUSBUJPOT w ͪ͜Β)551ͷϝιουͷՃఆٛͱ͍͏໊͔લͷ༧ w ओʹ8FC%BWͷϝιου
3'$4UBUVT$PEF 1FSNBOFOU3FEJSFDU w ৽͍͠ϦμΠϨΫτεςʔλε w ӬଓతͳϦμΠϨΫτ࣌ʹ1045ͷ༰ΛϦμΠϨΫτઌʹ ૹ৴ ! !
! ! w ඇରԠͷϒϥβ͕Ͳ͏ղऍ͢Δ͔ɺ·ͨඇରԠͷϒϥβ ΛαʔόଆͰஅͰ͖Δͷ͔ɺΉ͍ͣͱ͜Ζ Ӭଓత Ұ࣌త POST͔ΒGETͷϝιουมߋΛڐՄ 301 302 POST͔ΒGETͷมߋΛڐՄ͠ͳ͍ 308 307
YSFEJSFDUSFTQPOTFT w .PWFE1FSNBOFOUMZ߃ٱతͳϦμΠϨΫτ w 'PVOEݩʑ.PWFE5FNQPSBSJMZ͕ͩͬͨɺܝࣔ൘8JLJͳͲ ͰߘޙʹϒϥβΛଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹ͜ͷίʔυ͕ ༻͞ΕΔΑ͏ʹͳͬͨͨΊɺ'PVOEʹͳΓɺ৽ͨʹ ͕࡞͞Εͨɻ w
4FF0UIFSଞΛࢀরͤΑɻϦΫΤετͨ͠Ϧιʔε͔֬ʹͦ ͷ63-ʹ͋Δ͕ɺଞͷϦιʔεΛͬͯϨεϙϯεͱ͢ΔΑ͏ͳ ߹ʹ༻͢Δɻ ܝࣔ൘ͷߘޙʹଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹΘ ΕΔ͖ίʔυͱͯ͠ಋೖ͞Εͨɻ w 5FNQPSBSZ3FEJSFDUҰ࣌తͳϦμΠϨΫτɻͷຊདྷͷ༻ ๏ΛվΊͯఆٛͨ͠ͷɻ
3'$'PSXBSEFE)551&YUFOTJPO w 'PSXBSEFEϔομͷඪ४Խ w 9'PXBSEFE'PS 9'PSXBSEFE1SPUPͷϔομɺ9͕͍ ͍ͯΔͱ͓Γɺ3'$ඪ४ϔομͰͳ͍͕ɺσϑΝΫτελ ϯμʔυͱͳ͍ͬͯΔ w ݩʑ4RVJE͕ಋೖͨ͠
8JLJQFEJB w ඇඪ४Ώ͑ʹɺରԠঢ়گ͕·ͪ·ͪɺ'PSʹෳྻڍ͞Εͯ ͍Δͱࣦഊ͢ΔɺηΩϡϦςΟ্ͷݒ೦ͳͲ͍Ζ͍Ζ͋ͬͨ
'PSXBSEFEϔομ w lCZϦΫΤετΛड͚ͨϓϩΩγͷ$VTUPNFS'BDJOHଆͷ ࣝผࢠ w GPSϦΫΤετݩ 9''ͱಉ͡ w lIPTUzϓϩΩγ͕ड͚ͨ)PTUϔομ
w lQSPUPϓϩΩγ͕ड͚ͨϓϩτίϧ ! ! ! Forwarded: for="_gazonk"! Forwarded: For="[2001:db8:cafe::17]:4711"! Forwarded: for=192.0.2.60;proto=http;by=203.0.113.43! Forwarded: for=192.0.2.43, for=198.51.100.17
BEEJUJPOBMJEFOUJpFST w zVOLOPXOzࣝผࢠ w ୭͔Β͔Βͳ͍͚Ͳసૹͨ͠ͱ͍͏͜ͱΛ໌͍ࣔͨ͠ ͱ͖ʹ*1ɺϗετ໊ͷΘΓʹ͏ w 0CGVTDBUFE*EFOUJpFS ΅͔ͨࣝ͠ผࢠ
w ෦*1ΞυϨεΛൿີʹ͍͚ͨ͠Ͳɺσόοά༻్ʹ 'PSXBSEFEϔομΛग़ྗ͍ͨ͠ͱ͖ʹ@ VOEFSTDPSF ͔Β ࢝·ΔJEFOUJpFSΛ͑Δ Forwarded: for=_hidden, for=_SEVKISEK
9'PSXBSEFE͔ΒͷҠߦ w "QBDIFαʔόଆ͕ରԠ͞ΕͨΒฒߦͯ͠1SPYZଆͰରԠ ͞Ε͍ͯ͘ͷͰ w 9'PXBSEFEͷϔομͱڞଘͰ͖ΔͷͰɺ྆ํग़ྗͯ͠͠ ·͏ͷ͋Γ w બͰ͖ΔΑ͏ʹ͢Δ
·ͱΊ w ࠓ·Ͱࣄ࣮ඪ४ͱͳ͍ͬͯͨͷ͕ɺඪ४Խ͞ΕΔ w ͚Ͳɺόʔδϣϯಉ͡)551 ۠ผͰ͖ͳ͍ w ΫϥΠΞϯτଆɺαʔόଆͰରԠ༗ແɺϑΥʔϧόοΫ ͰҰ෦ࠞཚ͢Δ͜ͱ͕͋Δ͔͠Εͳ͍
w ਖ਼͍͠ಓΛఆ͍ٛͯ͠ΔͷΑ͍