Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
あたらしいHTTPの話をしよう
Search
Ippei Ogiwara
July 03, 2014
Technology
6
6.1k
あたらしいHTTPの話をしよう
あたらしいHTTP/1.1、RFC7230-7239のざっくりしたまとめ
http://blog.hmm.jp/entry/new-http1.1-rfcs
Ippei Ogiwara
July 03, 2014
Tweet
Share
More Decks by Ippei Ogiwara
See All by Ippei Ogiwara
AWS re:Inforce 2019 re:Cap
iogi
3
4.2k
Other Decks in Technology
See All in Technology
ChatGPT for IT Service Management (IT Pro)
dahatake
7
1.4k
FrontDoorとWebAppsを組み合わせた際のリダイレクト処理の注意点
kenichirokimura
1
460
アクセス制御にまつわる改善 / Improving access control
itkq
0
490
20240418_Google ColabにLLMが搭載されたようなのでPython x データ分析の勉強方法を考えてみる
doradora09
0
120
Azure犬駆動開発の記録/GlobalAzureFukuoka2024_20240420
nina01
1
180
サーバー間 GraphQL と webmock-graphql の話 / server-to-server graphql and webmock-graphql
qsona
2
170
20240416_devopsdaystokyo
kzkmaeda
1
210
プラットフォームってつくることより計測することが重要なんじゃないかという話 / Platform Engineering Meetup #8
taishin
0
320
テストプロセスで大事にしていること #jasstnano
makky_tyuyan
0
160
どうするコスト最適化のトレードオフ
tetsuyaooooo
1
460
開発生産性大幅アップ!Postman VS Code拡張機能
nagix
2
350
長期間TiDBを使ってきた話 @ 私たちはなぜNewSQLを使うのかTiDB選定5社が語る選定理由と活用LT / Experiences with TiDB Over Time
chibiegg
2
860
Featured
See All Featured
Producing Creativity
orderedlist
PRO
336
39k
Design by the Numbers
sachag
274
18k
jQuery: Nuts, Bolts and Bling
dougneiner
59
7.1k
4 Signs Your Business is Dying
shpigford
175
21k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
[RailsConf 2023] Rails as a piece of cake
palkan
22
3.9k
Debugging Ruby Performance
tmm1
70
11k
5 minutes of I Can Smell Your CMS
philhawksworth
199
19k
Build your cross-platform service in a week with App Engine
jlugia
225
17k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
77
42k
Designing for humans not robots
tammielis
248
25k
Designing the Hi-DPI Web
ddemaree
276
33k
Transcript
৽͍͠)551ͷΛ͠Α͏ 3 Jul, 2014 @iogi
)551 )ZQFSUFYU5SBOTGFS1SPUPDPMWFSTJPO ESBGUJFUGIUUQCJTIUUQ
͡Όͳͯ͘
৽͍͠)551
IUUQTXXXNOPUOFUCMPHSGD@JT@EFBE
3'$ w 3'$)ZQFSUFYU5SBOTGFS1SPUPDPM)551 w ݄ʹϦϦʔε͞Εͨɻલ
*&5')551CJT8( w )551ͷඪ४ԽΛߦ͍ͬͯΔϫʔΩϯάάϧʔϓ w ฒߦͯ͠)551ͷվగߦ͍ͬͯΔ
3'$JTEFBE w 3'$PCTPMFUF ഇࢭ ʹϚʔΫ͞Εɺஔ͖ΘΔ 3'$ͷͭͷ3'$͕ެ։
3'$ w 3'$.FTTBHF4ZOUBYBOE3PVUJOHMPXMFWFMNFTTBHF QBSTJOHBOEDPOOFDUJPONBOBHFNFOU w 3'$4FNBOUJDTBOE$POUFOUNFUIPET TUBUVTDPEFT BOEIFBEFST w 3'$$POEJUJPOBM3FRVFTUTFH
*G.PEJpFE4JODF w 3'$3BOHF3FRVFTUTHFUUJOHQBSUJBMDPOUFOU w 3'$$BDIJOHCSPXTFSBOEJOUFSNFEJBSZDBDIFT w 3'$"VUIFOUJDBUJPOBGSBNFXPSLGPS)551 BVUIFOUJDBUJPO
3'$ w 3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w 3'$.FUIPE3FHJTUSBUJPOT w 3'$UIFTUBUVTDPEF w 3'$'PSXBSEFE)551FYUFOTJPO
Կ͕มΘͬͨͷ w ηΩϡϦςΟ্ͱͳ͍ͬͯͨ෦ͷमਖ਼ w 3'$Ͱແ͍ͷͷσϑΝΫτελϯμʔυͱͳ͍ͬͯͨ ͷΛఆٛ w ֤3'$ ͷʹɺ3'$͔Βͷมߋ͕ॻ
͔Ε͍ͯΔͷͰ֬ೝ
3'$.FTTBHF4ZOUBYSPVUJOH ओʹSFpOFNFOU w )551ͷ)551͕େจࣈʹݶఆɺόʔδϣϯࣈ͕ͦΕͧ Εܻʹݶఆ ࣮͕ଟܻΛαϙʔτͰ͖ͯͳ͍͔Β w ϔομͷෆਖ਼ͳXIJUFTQBDFෳߦϔομΛഇࢭ w CPEZͷMFOHUIͷܭࢉํ๏ΛಛघέʔεؚΊ໌֬Խ
w $IVOL-FOHUIDIVODLIFBEFSͱUSBJMFSΛؚΊͳ͍Α͏ʹ w $POOFDUJPODMPTFͷૹ৴࣌ͷಈ࡞Λ໌֬Խ
3'$4FNBOUJDTBOE$POUFOU w EFGBVMUDIBSTFU *40 ͷഇࢭ w 3FGFSFS w 4BNF0SJHJOͰϦϑΝϥΛૹΔ͖ w
BCPVUCMBOL͕ՃɻϦϑΝϥΛམͱ͍ͯ͠ΔͷͰແ͘ɺ ໌ࣔతʹଘࡏ͠ͳ͍͜ͱΛએݴ͢Δ w Ұ؏ੑͷͨΊ(&5ϦΫΤετ͕CPEZΛ࣋ͭ͜ͱΛڐՄ w εςʔλεͷΩϟογϡΛڐՄ w $POUFOU.%ϔομͷআ
$POUFOU.%ͷഇࢭ w 5IF$POUFOU.%IFBEFSpFMEIBTCFFOSFNPWFECFDBVTFJU XBTJODPOTJTUFOUMZJNQMFNFOUFEXJUISFTQFDUUPQBSUJBM SFTQPOTFT w 41VU0CKFDU࣌ʹɺQBZMPBEͷݕূʹ͏͜ͱ͕Ͱ͖Δ 0QUJPOBM w
IUUQEPDTBXTBNB[PODPN"NB[PO4MBUFTU"1* 3&450CKFDU165IUNM
3'$<>ओʹSFpOFNFOU w 3'$$POEJUJPOBM3FRVFTUT w *G.PEJpFE4JODFͷ͖݅ϦΫΤετͷఆٛ w 3'$3BOHF3FRVFTUT w 3BOHF3FRVFTUͷఆٛ w
3'$$BDIJOH w $POUFOU$BDIFͷఆٛ w 3'$"VUIFOUJDBUJPO w ΈΜͳେ͖#BTJD%JHFTUೝূͳͲͷτϐοΫ
3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w ೝূͷछྨΛఆ͍ٛͯ͠Δ͚ͩ ! +----------------+------------+-------------------------------------+! | Authentication | Reference |
Notes |! | Scheme Name | | |! +----------------+------------+-------------------------------------+! | Basic | [RFC2617], | |! | | Section 2 | |! | Bearer | [RFC6750] | |! | Digest | [RFC2617], | |! | | Section 3 | |! | Negotiate | [RFC4559], | This authentication scheme violates |! | | Section 3 | both HTTP semantics (being |! | | | connection-oriented) and syntax |! | | | (use of syntax incompatible with |! | | | the WWW-Authenticate and |! | | | Authorization header field syntax). |! | OAuth | [RFC5849], | |! | | Section | |! | | 3.5.1 | |! +----------------+------------+-------------------------------------+!
3'$*OJUJBM)551.FUIPE3FHJTUSBUJPOT w ͪ͜Β)551ͷϝιουͷՃఆٛͱ͍͏໊͔લͷ༧ w ओʹ8FC%BWͷϝιου
3'$4UBUVT$PEF 1FSNBOFOU3FEJSFDU w ৽͍͠ϦμΠϨΫτεςʔλε w ӬଓతͳϦμΠϨΫτ࣌ʹ1045ͷ༰ΛϦμΠϨΫτઌʹ ૹ৴ ! !
! ! w ඇରԠͷϒϥβ͕Ͳ͏ղऍ͢Δ͔ɺ·ͨඇରԠͷϒϥβ ΛαʔόଆͰஅͰ͖Δͷ͔ɺΉ͍ͣͱ͜Ζ Ӭଓత Ұ࣌త POST͔ΒGETͷϝιουมߋΛڐՄ 301 302 POST͔ΒGETͷมߋΛڐՄ͠ͳ͍ 308 307
YSFEJSFDUSFTQPOTFT w .PWFE1FSNBOFOUMZ߃ٱతͳϦμΠϨΫτ w 'PVOEݩʑ.PWFE5FNQPSBSJMZ͕ͩͬͨɺܝࣔ൘8JLJͳͲ ͰߘޙʹϒϥβΛଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹ͜ͷίʔυ͕ ༻͞ΕΔΑ͏ʹͳͬͨͨΊɺ'PVOEʹͳΓɺ৽ͨʹ ͕࡞͞Εͨɻ w
4FF0UIFSଞΛࢀরͤΑɻϦΫΤετͨ͠Ϧιʔε͔֬ʹͦ ͷ63-ʹ͋Δ͕ɺଞͷϦιʔεΛͬͯϨεϙϯεͱ͢ΔΑ͏ͳ ߹ʹ༻͢Δɻ ܝࣔ൘ͷߘޙʹଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹΘ ΕΔ͖ίʔυͱͯ͠ಋೖ͞Εͨɻ w 5FNQPSBSZ3FEJSFDUҰ࣌తͳϦμΠϨΫτɻͷຊདྷͷ༻ ๏ΛվΊͯఆٛͨ͠ͷɻ
3'$'PSXBSEFE)551&YUFOTJPO w 'PSXBSEFEϔομͷඪ४Խ w 9'PXBSEFE'PS 9'PSXBSEFE1SPUPͷϔομɺ9͕͍ ͍ͯΔͱ͓Γɺ3'$ඪ४ϔομͰͳ͍͕ɺσϑΝΫτελ ϯμʔυͱͳ͍ͬͯΔ w ݩʑ4RVJE͕ಋೖͨ͠
8JLJQFEJB w ඇඪ४Ώ͑ʹɺରԠঢ়گ͕·ͪ·ͪɺ'PSʹෳྻڍ͞Εͯ ͍Δͱࣦഊ͢ΔɺηΩϡϦςΟ্ͷݒ೦ͳͲ͍Ζ͍Ζ͋ͬͨ
'PSXBSEFEϔομ w lCZϦΫΤετΛड͚ͨϓϩΩγͷ$VTUPNFS'BDJOHଆͷ ࣝผࢠ w GPSϦΫΤετݩ 9''ͱಉ͡ w lIPTUzϓϩΩγ͕ड͚ͨ)PTUϔομ
w lQSPUPϓϩΩγ͕ड͚ͨϓϩτίϧ ! ! ! Forwarded: for="_gazonk"! Forwarded: For="[2001:db8:cafe::17]:4711"! Forwarded: for=192.0.2.60;proto=http;by=203.0.113.43! Forwarded: for=192.0.2.43, for=198.51.100.17
BEEJUJPOBMJEFOUJpFST w zVOLOPXOzࣝผࢠ w ୭͔Β͔Βͳ͍͚Ͳసૹͨ͠ͱ͍͏͜ͱΛ໌͍ࣔͨ͠ ͱ͖ʹ*1ɺϗετ໊ͷΘΓʹ͏ w 0CGVTDBUFE*EFOUJpFS ΅͔ͨࣝ͠ผࢠ
w ෦*1ΞυϨεΛൿີʹ͍͚ͨ͠Ͳɺσόοά༻్ʹ 'PSXBSEFEϔομΛग़ྗ͍ͨ͠ͱ͖ʹ@ VOEFSTDPSF ͔Β ࢝·ΔJEFOUJpFSΛ͑Δ Forwarded: for=_hidden, for=_SEVKISEK
9'PSXBSEFE͔ΒͷҠߦ w "QBDIFαʔόଆ͕ରԠ͞ΕͨΒฒߦͯ͠1SPYZଆͰରԠ ͞Ε͍ͯ͘ͷͰ w 9'PXBSEFEͷϔομͱڞଘͰ͖ΔͷͰɺ྆ํग़ྗͯ͠͠ ·͏ͷ͋Γ w બͰ͖ΔΑ͏ʹ͢Δ
·ͱΊ w ࠓ·Ͱࣄ࣮ඪ४ͱͳ͍ͬͯͨͷ͕ɺඪ४Խ͞ΕΔ w ͚Ͳɺόʔδϣϯಉ͡)551 ۠ผͰ͖ͳ͍ w ΫϥΠΞϯτଆɺαʔόଆͰରԠ༗ແɺϑΥʔϧόοΫ ͰҰ෦ࠞཚ͢Δ͜ͱ͕͋Δ͔͠Εͳ͍
w ਖ਼͍͠ಓΛఆ͍ٛͯ͠ΔͷΑ͍