Web技術の基本 4回目 / Introduction to Web technologies 4th class

Slide 1

Slide 1 text

Webٕज़ͷجຊ 4ճ໨ Keisuke KAMIYA

Slide 2

Slide 2 text

ࠓճͷςʔϚ

Slide 3

Slide 3 text

HTTPͰ΍ΓऔΓ͢Δ࢓૊Έ - ޙ൒ઓ -

Slide 4

Slide 4 text

HTTPͷ͓͞Β͍

Slide 5

Slide 5 text

HTTP/1.1ͷ෮श

Slide 6

Slide 6 text

HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTP/1.1͸1997೥ॳ಄ʹެ։͞Εͨ • ࠓ·Ͱʹ2౓վఆ͞Ε͍ͯΔ ‣ 1999೥1݄ʹൃߦ͞ΕͨRFC2616 ‣ 2014೥6݄ʹൃߦ͞ΕͨRFC7230 • HTTP/1.1ͷओͳಛ௃͸࣍ͷ௨Γ ‣ HTTPΩʔϓΞϥΠϒ ‣ HTTPύΠϓϥΠϯ ໰ɿ2ͭͷػೳͱ͸ԿͩͬͨͰ͠ΐ͏͔

Slide 7

Slide 7 text

HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTPΩʔϓΞϥΠϒ  ίωΫγϣϯΛܧଓͯ͠ར༻͢Δ͜ͱ ‣ HTTP/1.0ҎલͰ͸, HTTPϦΫΤετΛ͢Δͨͼʹί ωΫγϣϯཱ֬Λ͍ͯͨ͠ʢ1౓௨৴ͨ͠Βͦͷͨͼ ʹίωΫγϣϯΛΫϩʔζ͍ͯͨ͠ʣ ‣ ඇৗʹޮ཰͕ѱ͍

Slide 8

Slide 8 text

HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTPΩʔϓΞϥΠϒ  ͦͷͨΊ, HTTP/1.1Ҏ߱Ͱ͸ίωΫγϣϯΛܧଓͯ͠ར༻͢Δ͜ͱ͕Մ ೳʹͳͬͨ. ίωΫγϣϯཱ֬ ϦΫΤετ Ϩεϙϯε ίωΫγϣϯ੾அ ίωΫγϣϯཱ֬ ϦΫΤετ Ϩεϙϯε ίωΫγϣϯ੾அ ίωΫγϣϯཱ֬ ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε ίωΫγϣϯ੾அ ඇHTTPΩʔϓΞϥΠϒ HTTPΩʔϓΞϥΠϒ

Slide 9

Slide 9 text

HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTPύΠϓϥΠϯ ‣ HTTP͸, ௨ৗHTTPϨεϙϯεΛड͚औͬͨ͋ͱ࣍ͷ ϦΫΤετΛൃߦ͢Δ ‣ ωοτϫʔΫͷঢ়ଶʹΑͬͯ͸, ஶ͍͠஗Ԇ͕ൃੜ → HTTPϨεϙϯεΛ଴ͭ͜ͱແ͘, ෳ਺ͷHTTPϦΫ ΤετΛૹ৴͢Δ͜ͱΛՄೳʹ͢ΔػೳΛHTTPύ ΠϓϥΠϯͱ͍͏

Slide 10

Slide 10 text

HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTPύΠϓϥΠϯ ίωΫγϣϯཱ֬ ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε ίωΫγϣϯ੾அ ίωΫγϣϯཱ֬ ίωΫγϣϯ੾அ ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε ϨεϙϯεΛ଴ͨͣʹ  ϦΫΤετΛૹ৴͢Δ HTTP/1.0Ҏલ HTTP/1.1Ҏ߱ ࣌ؒ୹ॖ

Slide 11

Slide 11 text

HTTP/2ͷ෮श

Slide 12

Slide 12 text

HTTP/2ͷ΍ΓͱΓ • ࣌୅ͱڞʹWebϖʔδ͸ෳࡶԽ͍͖ͯ͠, ը૾αΠζ΍ εΫϦϓταΠζ͕େ͖͘ͳ͍ͬͯͬͨ • HTTP/1.1ͰύΠϓϥΠϯػೳ͕௥Ճ͞Ε, ଟ͘ͷσʔλ Λޮ཰తʹసૹ͢Δ͜ͱ͕Մೳʹͳͬͨ΋ͷͷ, ύΠϓ ϥΠϯػೳ͸େ͖ͳΦʔόʔϔουʹͳΔ ‣ ৽ͨͳόʔδϣϯͰ͋ΔHTTP/2͕ఏҊ͞Εͨ

Slide 13

Slide 13 text

HTTP/2ͷ΍ΓͱΓ • HTTP/2  Googleͷ։ൃͨ͠, ௨৴ͷߴ଎ԽΛ໨తͱ࣮ͨ͠ݧతͳ ϓϩτίϧSPDYͱ͍͏ϓϩτίϧΛϕʔεʹ࡞੒ͨ͠ϓ ϩτίϧ. 2015೥ͷ5݄ʹਖ਼ࣜͳඪ४Խ͕ͳ͞Εͨ • ࣍ͷΑ͏ͳಛ௃͕͋Δ ‣ ετϦʔϜʹΑΔଟॏԽ ‣ όΠφϦܗࣜͰૹΔ͜ͱͰߋͳΔ࠷దԽ͕Մೳ ‣ ϔομʔͷѹॖ ‣ αʔόϓογϡ

Slide 14

Slide 14 text

HTTP/2ͷ΍ΓͱΓʢετϦʔϜʹΑΔଟॏԽʣ • ετϦʔϜʹΑΔଟॏԽ ‣ HTTP/1.0Ҏલ  HTTPϦΫΤετ͸, HTTPϨεϙϯεΛ଴ͬͨޙʹૹ৴ ՄೳͱͳΔ ‣ HTTP/1.1  ύΠϓϥΠϯʹΑΓ, ಉ࣌ʹෳ਺ͷϦΫΤετΛૹ৴͢ Δ͜ͱ͕Մೳʹͳͬͨ → ʮHTTPϦΫΤετͷॱ൪ͰϨεϙϯεΛฦ͢ʯͱ͍ ͏੍໿͕͍͍ͭͯͨ

Slide 15

Slide 15 text

HTTP/2ͷ΍ΓͱΓʢετϦʔϜʹΑΔଟॏԽʣ • Webϒϥ΢β͔Βෳ਺ͷϦΫΤετ͕ඈΜͰ͖ͯ΋, ͋ Δ1ͭͷHTTPϨεϙϯεͷॲཧʹ͕͔͔࣌ؒΔ৔߹, શ ͯͷϨεϙϯελΠϜ͕૿Ճ͢Δͱ͍͏໰୊఺͕͋ͬͨ ‣ ͜ͷ໰୊Λղܾ͢ΔͨΊ, 1ͭͷ઀ଓ্ʹετϦʔϜ ͱݺ͹ΕΔԾ૝తͳ૒ํ޲γʔέϯεΛ࡞ͬͯରࡦ

Slide 16

Slide 16 text

HTTP/2ͷ΍ΓͱΓʢετϦʔϜʹΑΔଟॏԽʣ HTTP/2઀ଓʢ1ίωΫγϣϯʣ ετϦʔϜᶃ ετϦʔϜᶄ ετϦʔϜᶅ ετϦʔϜᶆ ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε

Slide 17

Slide 17 text

HTTP/2ͷ΍ΓͱΓʢετϦʔϜʹΑΔଟॏԽʣ ϦΫΤετᶃ Ϩεϙϯεᶃ Ϩεϙϯεᶄ HTTPύΠϓϥΠϯ ετϦʔϜʹΑΔଟॏԽ ࣌ؒ୹ॖ ϦΫΤετᶄ ϦΫΤετᶅ ॲཧ଴ͪ Ϩεϙϯεᶅ ϦΫΤετᶃ ϦΫΤετᶄ ϦΫΤετᶅ Ϩεϙϯεᶃ Ϩεϙϯεᶄ Ϩεϙϯεᶅ ϦΫΤετͷॱ൪Ͱ  ϨεϙϯεΛฦ͢ඞཁ͋Γ ετϦʔϜ͕ҟͳΕ͹   Ϩεϙϯεͷॱ൪͸  ੍ݶ͞Εͳ͍ ෮श͓ΘΓ

Slide 18

Slide 18 text

໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

Slide 19

Slide 19 text

໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

Slide 20

Slide 20 text

HTTP/2ͷ΍ΓͱΓ • HTTP/2ͷಛ௃ ‣ ετϦʔϜʹΑΔଟॏԽ ‣ όΠφϦܗࣜͰૹΔ͜ͱͰߋͳΔ࠷దԽ͕Մೳ ‣ ϔομʔͷѹॖ ‣ αʔόϓογϡ ࠓճ͸ͪ͜Βͷ಺༰

Slide 21

Slide 21 text

όΠφϦܗࣜͷར༻

Slide 22

Slide 22 text

HTTP/2Ͱͷվྑ఺ʢόΠφϦܗࣜͷར༻ʣ • HTTP/1.1ҎલͰ͸, HTTPϦΫΤετ΍HTTPϨεϙϯε ͸ςΩετܗࣜͷϑΥʔϚοτͰૹ͍ͬͯͨ ‣ όΠφϦܗࣜͷ΄͏͕, ࠷దԽΛ͔͚΍͍͢ʢαΠζ ͕ݮগ͢Δʣ ‣ όΠφϦσʔλΛૹ৴͢Δ৔߹, Ұ౓ςΩετܗࣜʹ ม׵͢Δඞཁ͕ແ͍ͨΊ, ॲཧ͕࣌ؒૣ͘ͳΔ ‣ ղੳ͕γϯϓϧ

Slide 23

Slide 23 text

HTTP/2Ͱͷվྑ఺ʢόΠφϦܗࣜͷར༻ʣ • HTTP/1.1ҎલͰ͸, શͯͷσʔλ͕ςΩετܗࣜͰಉ࣌ ʹૹΒΕ͍ͯͨ ‣ HTTP/2Ͱ͸, όΠφϦϑϨʔϜͱݺ͹ΕΔ୯Ґʹ෼ׂ ͞Εૹ৴͞ΕΔ )PTUFYBNQMFDPN $POUFOU5ZQFJNBHFKQFH 6TFS"HFOU.P[JMMB .FTTBHF 1045VQMPBE)551 .FTTBHF NFUIPE1045 TDIFNFIUUQT BVUIPSJUZFYBNQMFDPN QBUIVQMPBE DPOUFOUUZQFJNBHFKQFH VTFSBHFOU.P[JMMB HTTPϦΫΤετʢςΩετσʔλʣ HEADERSϑϨʔϜʢόΠφϦσʔλʣ DATAϑϨʔϜʢόΠφϦσʔλʣ

Slide 24

Slide 24 text

ϔομʔѹॖ

Slide 25

Slide 25 text

HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ • HTTP͸εςʔτϨεͳϓϩτίϧͳͷͰ, ඞཁͳ৘ใ͸ ຖ౓ૹΔඞཁ͕͋Δ ‣ Ұ౓ૹͬͨ৘ใΛ࠶ͼૹΔඞཁ͕͋Γ, ৑௕ - ϒϥ΢βͷछྨ, WebαʔόͷόʔδϣϯͳͲ • HTTP/1.xͰ͸, ͜ͷσʔλ͕ϓϨʔϯςΩετͰૹ৴͞ Ε͓ͯΓ, సૹ1ճ͋ͨΓ500ʙ800όΠτ΄Ͳ͔͔Δ ‣ ΑΖ͍͠ͳΒ͹ѹॖͩ

Slide 26

Slide 26 text

HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ • HTTP/2Ͱ͸, ϔομʔ৘ใͷࠩ෼͚ͩΛૹ৴͢Δ HPACKͱ͍͏ѹॖํࣜΛར༻͍ͯ͠Δ NFUIPE(&5 TDIFNFIUUQT BVUIPSJUZFYBNQMFDPN QBUIJOEFYIUNM DPOUFOUUZQFUFYUIUNM VTFSBHFOU.P[JMMB NFUIPE(&5 TDIFNFIUUQT BVUIPSJUZFYBNQMFDPN QBUIJNBHFKQH DPOUFOUUZQFJNBHFKQFH VTFSBHFOU.P[JMMB 1ճ໨ͷHTTPϦΫΤετ 2ճ໨ͷHTTPϦΫΤετ ͜ͷ෦෼ͷΈૹ৴

Slide 27

Slide 27 text

HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ • ૹ৴ଆड৴ଆͰςʔϒϧΛ࣋ͭ ‣ ੩తςʔϒϧͱಈతςʔϒϧΛ࣋ͭ ‣ มߋΛه࿥͍ͯ͘͠Πϝʔδ • Ҏલʹग़ݱͨ͠σʔλʹؔͯ͠͸, ͦͷςʔϒϧͷΠϯ σοΫεΛૹΔ͜ͱͰσʔλྔΛ࡟ݮ • సૹ͞ΕΔσʔλʢมߋ͕͋ͬͨσʔλʣ͸, ϋϑϚϯ ූ߸Խ͞Εͯૹ৴͞ΕΔ

Slide 28

Slide 28 text

HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ • ಈతςʔϒϧ(Dynamic Table)  લճૹ৴ͨ͠ϔομʔ໊ͱ஋ͷϖΞΛΠϯσοΫεԽͨ͠ Ϧετ • ੩తςʔϒϧ(Static Table)  ૹ৴͞ΕΔස౓ͷߴ͍ϔομʔ໊ͱ஋ͷϖΞ. ΫϥΠΞϯτ ͱαʔόͷ྆ํͰอ࣋͞Ε͓ͯΓ, ૹ৴͢Δϔομʹςʔϒ ϧͷ಺༰ؚ͕·Ε͍ͯΔ৔߹͸, ΠϯσοΫεΛૹ৴͢Δ • ͔ͭͯ͸Reference setͱݴ͏΋ͷ͕͋Γ·ͯ͠…

Slide 29

Slide 29 text

HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ NFUIPE(&5 TDIFNFIUUQT BVUIPSJUZFYBNQMFDPN QBUI DPOUFOUUZQFUFYUIUNM VTFSBHFOU.P[JMMB 1ճ໨ͷHTTPϦΫΤετ Reference set JE ϔομʔ໊ ஋ NFUIPE (&5 TDIFNF )5514 QBUI BVUIPSJUZ Static table ᶃࠩ෼֬ೝ ᶄݕࡧ FYBNQMFDPN DPOUFOUUZQFUFYUIUNM VTFSBHFOU.P[JMMB ᶅΤϯίʔυ

Slide 30

Slide 30 text

HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ NFUIPE(&5 TDIFNFIUUQT BVUIPSJUZFYBNQMFDPN QBUIIPHFIUNM DPOUFOUUZQFUFYUIUNM VTFSBHFOU.P[JMMB 1ճ໨ͷHTTPϦΫΤετ Reference set JE ϔομʔ໊ ஋ NFUIPE (&5 TDIFNF )5514 QBUI BVUIPSJUZ Static table ᶃࠩ෼֬ೝ ᶄݕࡧ IPHFIUNM ᶅΤϯίʔυ : method GET : scheme https : authority example.com : path / content-type text/html user-agent Mozilla/5.0 ݱࡏ͸Reference set͸࢓༷͔Β࡟আ͞Ε͍ͯΔ →ڞ༗͕େม, ॲཧ͕൥ࡶ

Slide 31

Slide 31 text

αʔόϓογϡ

Slide 32

Slide 32 text

HTTP/2Ͱͷվྑ఺ʢαʔόʔϓογϡʣ • HTTPϦΫΤετͷ಺༰Λجʹ, WebαʔόଆͰඞཁͳ ϑΝΠϧΛ൑அ͠, ࣄલʹWebϒϥ΢βʹૹ৴͢Δ ‣ HTML಺ʹը૾͕ຒΊࠐ·Ε͍ͯͨ৔߹, Webϒϥ΢ β͔Βը૾ͷϦΫΤετΛड͚ͳͯ͘΋, ࣄલʹը૾ σʔλΛసૹ͢Δࣄ͕Մೳ

Slide 33

Slide 33 text

HTTP/2Ͱͷվྑ఺ʢαʔόʔϓογϡʣ HTTPϦΫΤετ JOEFYIUNMΛ͍ͩ͘͞ αʔόʔϓογϡᶃ αʔόʔϓογϡᶄ HTTPϨεϙϯε KQH DTT IUNM JOEFYIUNMΛදࣔ͢ΔͨΊʹ ඞཁͳJNBHFKQHΛૹΓ·͢ TUZMFDTT΋ඞཁͳͷͰૹΓ·͢ JOEFYIUNMΛૹΓ·͢ Webαʔό Webϒϥ΢β HTTP/2Ͱͷվྑ఺ ऴྃ ↑ຊདྷͷϨεϙϯε

Slide 34

Slide 34 text

໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

Slide 35

Slide 35 text

HTTPSͷ࢓૊Έ • ۙ೥, WebαΠτΛ௨ͯ͡γϣοϐϯά΍όϯΩϯά, νέοτͷ༧໿ͳͲͷαʔϏεΛར༻͢Δػձ͕૿Ճ • Χʔυͷ൪߸ͳͲͷݸਓ৘ใ΍, ஫จ಺༰ͷվ͟ΜͳͲ ͷةݥੑʹৗʹ͞Β͞Ε͍ͯΔ • ΑΓηΩϡΞͳHTTPϓϩτίϧٴͼURIεΩʔϜΛ HTTPSͱݺͿ

Slide 36

Slide 36 text

HTTPSͷ࢓૊Έ • HTTPS(HTTP over SSL/TLS)  SSL(Secure Sockets Layer)΍TLS(Transport Layer Security)্ͰߦΘΕΔηΩϡΞͳHTTP௨৴ͷ͜ͱ • SSL/TLS  ௨৴࿏҉߸ԽͷͨΊͷϓϩτίϧ. SSLͱTLS͸େ࿮ͱ ͯ͠͸ಉ͡΋ͷͰ͸͋Δ͕, ݫີʹ͸ผ෺(TLS͸SSL ΛҾ͖ܧ͍ͩ࣍ੈ୅ن֨) ࢀߟϦϯΫɿhttps://ssl.sakura.ad.jp/column/ssl_tls/

Slide 37

Slide 37 text

HTTPSͷ࢓૊Έ • ௨ৗͷHTTPΛ࢖ͬͨ௨৴Ͱ͸, 80൪ϙʔτΛϦοεϯ͠ ͍ͯΔ͕, HTTPSͷ৔߹͸443൪ϙʔτ(SSL/TLSͷϙʔ τ)ΛϦοεϯ͍ͯ͠Δ • ҎԼͷ3ͭͷ࢓૊ΈΛ༻͍ͯWebαΠτͷ҆શੑΛ֬อ ‣ ҉߸Խ௨৴ʢ౪೉๷ࢭʣ ‣ վ͟Μ๷ࢭ ‣ ͳΓ͢·͠๷ࢭ

Slide 38

Slide 38 text

౪೉๷ࢭʢ҉߸Խ௨৴ʣ

Slide 39

Slide 39 text

HTTPSͷ࢓૊Έʢ҉߸Խ௨৴ʣ • WebαΠτΛӾཡ͢Δࡍʹ͸, ࣮ࡍʹ͸ز͔ͭͷαʔό Λܦ༝͢Δ ‣ ୈࡾऀͷ௨৴಺༰Λ๣ड͢Δ͜ͱ͸ൺֱత؆୯ • ສ͕Ұ๣ड͞Εͯ΋಺༰Λղಡ͞Εͳ͍Α͏ʹ, σʔλ Λ҉߸Խͯ͠ૹ৴

Slide 40

Slide 40 text

վ͟Μ๷ࢭ

Slide 41

Slide 41 text

HTTPSͷ࢓૊Έʢվ͟Μ๷ࢭʣ • ௨৴࿏্Ͱσʔλ͕վ͟Μ͞Εͯ͠·͏ͷ͸ࠔΔ ‣ ωοτόϯΩϯάͷৼࠐઌΛม͑ΒΕΔͱ͔ • ରࡦͱͯ͠, ϝοηʔδμΠδΣετ͕ར༻͞ΕΔ ‣ ϋογϡ஋Λ࢖ͬͨվ͟Μ๷ࢭ ৼࠐɿѼઌ #͞Μ ৼࠐɿѼઌ "͞Μ BCD μΠδΣετ ᶄվ͟Μ͞ΕΔ ৼࠐɿѼઌ #͞Μ BCD DEF ᶅड͚औͬͨσʔλ͔Β ϋογϡ஋Λܭࢉͯ͠ൺֱ ᶃϝοηʔδμΠδΣετΛར༻ͯ͠, ૹ৴͢Δσʔλͷϋογϡ஋ΛٻΊΔ ϝοηʔδμΠδΣετʹΑΔվ͟Μ๷ࢭ

Slide 42

Slide 42 text

ͳΓ͢·͠๷ࢭ

Slide 43

Slide 43 text

HTTPSͷ࢓૊ΈʢͳΓ͢·͠๷ࢭʣ • ৗ࣌SSLԽ͢ΔͨΊʹαʔόূ໌ॻ͕ඞਢ • SSLαʔόূ໌ॻͱݺ͹ΕΔిࢠূ໌ॻΛ഑ஔ͢Δ͜ͱ Ͱ, ΫϥΠΞϯτଆ͸WebαΠτΛӡӦ͢Δऀͷ਎ݩΛ ֬ೝ͢Δ͜ͱ͕ग़དྷΔ ‣ ূ໌ॻ͸ൃߦΛೝΊΒΕͨೝূہͷΈ͕ൃߦՄೳͰ ͋Γ, ৴པͰ͖ͳ͍ൃߦݩͷSSLαʔόূ໌ॻ͕ར༻ ͞Ε͍ͯΔ৔߹͸Webϒϥ΢β্ʹܯࠂը໘͕දࣔ ͞ΕΔ

Slide 44

Slide 44 text

HTTPSͷ࢓૊ΈʢͳΓ͢·͠๷ࢭʣ • ࠷ۙ͸ৗ࣌SSL͕ਪ঑͞Ε͍ͯΔ ‣ શͯͷϖʔδʢϑΥʔϜ౳͕ͳͯ͘΋ʣʹSSLΛ࢖༻ ͢Δ͜ͱ • GoogleΛ࢝Ίͱͨ͠اۀ΋SSLԽʹڧͩ͘͜ΘͬͯΔ ‣ ΋͸΍HTTPͷ࣌୅Ͱ͸ͳ͍ɹάʔάϧ͕͜͜·Ͱ “SSLԽ”ʹͩ͜ΘΔΘ͚  http://www.itmedia.co.jp/enterprise/articles/1710/ 24/news037.html HTTPSͷ࢓૊Έ ऴྃ

Slide 45

Slide 45 text

໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

Slide 46

Slide 46 text

HTTPSͷ΍ΓͱΓ • SSL/TLSϋϯυγΣΠΫ  HTTPSͰ௨৴Λ։࢝͢ΔͨΊʹߦͳ͏΍ΓऔΓ. TCPί ωΫγϣϯ͕֬ೝ͞Εͨޙ, େ͖͘෼͚ͯҎԼͷ4ͭͷ खॱΛ౿Ή͜ͱͰ௨৴͕։࢝͞ΕΔ 1. ҉߸Խํࣜͷܾఆ 2. ௨৴૬खͷূ໌ 3. 伴ͷަ׵ 4. ҉߸Խํࣜͷ֬ೝ

Slide 47

Slide 47 text

HTTPSͷ΍ΓͱΓ 1. ҉߸Խํࣜͷܾఆ • ੈͷதʹ҉߸Խํࣜ͸ଟ਺ଘࡏ͢Δ(SHA-2, RSAͳͲ) ͨΊ, Ͳͷ҉߸ԽํࣜΛར༻͢Δͷ͔ΛWebϒϥ΢β ͱWebαʔόͰܾΊ͓ͯ͘ඞཁ͕͋Δ. • HTTPSͰར༻͞ΕΔSSL or TLSͷόʔδϣϯ, ϝο ηʔδμΠδΣετͷํࣜʹ͍ͭͯ΋ಉ࣌ʹܾఆ

Slide 48

Slide 48 text

HTTPSͷ΍ΓͱΓ 2. ௨৴૬खͷূ໌ • Webϒϥ΢β͕௨৴͍ͯ͠ΔWebαʔό͕ਖ਼͍͠૬ खͰ͋Δ͔Ͳ͏͔Λ, SSLαʔόূ໌ॻΛجʹݕূ • ਖ਼͍͠WebαʔόͰ͋Δͱ֬ೝͰ͖ͳ͔ͬͨ৔߹, ϒ ϥ΢β্ʹܯࠂ͕දࣔ͞ΕΔ

Slide 49

Slide 49 text

HTTPSͷ΍ΓͱΓ 3. 伴ͷަ׵ • σʔλసૹʹར༻͢Δʮڞ௨伴ʯΛަ׵͢Δ • ͜ͷڞ௨伴Λ༻͍ͯσʔλΛ҉߸Խ, ෮߸͢Δ • ͜ͷ伴͸Ͳ͏ૹ৴͢Δͷ͔ʢ҉߸Խແ͠͸ةݥʣ ‣ ެ։伴҉߸ํࣜΛ༻͍ͯ҉߸Խ͠ૹ৴͢Δ • HTTPS͸, ެ։伴҉߸ํࣜͱڞ௨伴҉߸ํࣜΛ྆ํ ࢖ͬͨϋΠϒϦουํࣜ

Slide 50

Slide 50 text

HTTPSͷ΍ΓͱΓ 4. ҉߸Խํࣜͷ֬ೝ • ࣮ࡍʹར༻͢Δ҉߸Խํࣜͷ࠷ऴ֬ೝΛߦͳ͏ • ͜ͷϑΣʔζ͕׬ྃ͢Δͱ, Webϒϥ΢βͱWebαʔ όؒʹ͓͍ͯ҉߸Խ௨৴͕։࢝͞ΕΔ

Slide 51

Slide 51 text

HTTPSͷ΍ΓͱΓ ʲClient Helloʳ͜Μͳ҉߸Խํ͕ࣜར༻ՄೳͰ͢ ʲServer Helloʳ͜ͷ҉߸ԽํࣜΛར༻͠·͠ΐ͏ ҉߸Խํࣜͷܾఆ ʲServer CertiﬁcateʳࢲͷSSLαʔόূ໌ॻͰ͢ ʲServer Hello Doneʳ͢΂ͯͷ৘ใΛૹΓ·ͨ͠ ௨৴૬खͷূ໌ ʲClient Key Exchangeʳڞ༗伴ΛૹΓ·͢ 伴ͷަ׵ ʲFinishedʳ४උOKͰ͢ ʲFinishedʳ४උOKͰ͢ ʲChange Cipher Specʳ͜ͷ҉߸ԽํࣜΛ࢖͍·͠ΐ͏ ʲChange Cipher Specʳ͜ͷ҉߸ԽํࣜͰOKͰ͢ ҉߸Խํࣜͷ֬ೝ

Slide 52

Slide 52 text

໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

Slide 53

Slide 53 text

εςʔτϑϧͱεςʔτϨε • HTTPͷಛ௃ͷ1ͭʹεςʔτϨε͕ڍ͛ΒΕΔ ‣ Ҏલͷঢ়ଶΛอ࣋͠ͳ͍ͨΊ, ෳ਺ͷॲཧΛؔ࿈෇͚ Δ͜ͱ͕Ͱ͖ͳ͍ • εςʔτϨεʹରͯ͠, εςʔτϑϧ΋ଘࡏ ‣ Ҏલͷঢ়ଶʢίϯςΫετʣΛอ͓࣋ͯ͘͠

Slide 54

Slide 54 text

εςʔτϑϧͱεςʔτϨε • εςʔτϨε  ϦΫΤετ͸ඞཁͳ৘ใΛશؚͯΜͰ͍ͳ͚Ε͹ͳΒ ͳ͍ → ͸ʁͲ͏͍͏͜ͱʁʢྫΛݟͯΈ·͠ΐ͏ʣ

Slide 55

Slide 55 text

εςʔτϑϧͱεςʔτϨε εςʔτϑϧͷྫ ٬: ϋϯόʔΨʔηοτΛ͓ئ͍͠·͢ ళһ: αΠυϝχϡʔ͸Կʹͳ͍͞·͔͢? ٬: ϙςτͰ ళһ: υϦϯΫ͸Կʹͳ͍͞·͔͢? ٬: δϯδϟʔΤʔϧͰ ళһ: +50ԁͰυϦϯΫΛLαΠζʹͰ͖·͕͍͔͕͢Ͱ͔͢? ٬: MͰ͍͍Ͱ͢ ళһ: Ҏ্ͰΑΖ͍͠Ͱ͔͢? ٬: ͸͍ ళһ: ͔͜͠·Γ·ͨ͠ Ҿ༻ɿhttp://yohei-y.blogspot.jp/2007/10/blog-post.html

Slide 56

Slide 56 text

εςʔτϑϧͱεςʔτϨε εςʔτϨεͷྫ ٬: ϋϯόʔΨʔηοτΛ͓ئ͍͠·͢ ళһ: αΠυϝχϡʔ͸Կʹͳ͍͞·͔͢? ٬: ϋϯόʔΨʔηοτΛϙςτͰ͓ئ͍͠·͢ ళһ: υϦϯΫ͸Կʹͳ͍͞·͔͢? ٬: ϋϯόʔΨʔηοτΛϙςτͱδϯδϟʔΤʔϧͰ͓ئ͍͠·͢ ళһ: +50ԁͰυϦϯΫΛLαΠζʹͰ͖·͕͍͔͕͢Ͱ͔͢? ٬: ϋϯόʔΨʔηοτΛϙςτͱδϯδϟʔΤʔϧ(M)Ͱ͓ئ͍͠·͢ ళһ: Ҏ্ͰΑΖ͍͠Ͱ͔͢? ٬: ϋϯόʔΨʔηοτΛϙςτͱδϯδϟʔΤʔϧ(M)Ͱ͓ئ͍͠·͢ɻҎ্ ళһ: ͔͜͠·Γ·ͨ͠ Ҿ༻ɿhttp://yohei-y.blogspot.jp/2007/10/blog-post.html

Slide 57

Slide 57 text

εςʔτϑϧͱεςʔτϨε ྆ऀͷҧ͍͸ͳʹ͔ʁ ‣ ళһ͞Μ͕͓٬͞ΜͷཔΜͩ৘ใ(ίϯςΩετ)Λ֮ ͍͑ͯΔʢอ͍࣋ͯ͠Δʣ͔Ͳ͏͔ ‣ εςʔτϨεͳγεςϜͰ͸, ళһ͞Μ͕৘ใΛอ࣋ ͍ͯ͠ͳ͍ͨΊ, ϦΫΤετ͕ͲΜͲΜ௕͘ͳΓ৑௕ ʹͳΔ → ͳͥ࢖͏ͷ͔ʁ

Slide 58

Slide 58 text

εςʔτϑϧͱεςʔτϨε εςʔϨεͷར఺ εςʔτϨεͷܽ఺ • ୯ҰͷϦΫΤετʹશͯͷ৘ใؚ͕·ΕΔ • ηογϣϯͷ؅ཧ͕γϯϓϧʹͳΔ • εέʔϥϏϦςΟͷ޲্ • ωοτϫʔΫύϑΥʔϚϯεͷ௿Լ

Slide 59

Slide 59 text

໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

Slide 60

Slide 60 text

Cookie • Web͕ਐԽ͢Δʹ͚ͭͯ, εςʔτϨεͩͱෆศΛײ͡Δ৔ ໘͕૿͑ͨ ‣ γϣοϐϯάαΠτͷʮ঎඼ΛબͿʯʮങ͍෺͔͝ʹೖ ΕΔʯʮ͔͝ͷத਎Λ֬ೝ͢Δʯʮܾࡁ͢Δʯͱ͍ͬͨ ಈ࡞͸, Webαʔόతʹ͸ҟͳΔϦΫΤετͰ΋, Webϒ ϥ΢βଆͰ͸ؔ࿈ͷ͋Δ1࿈ͷૢ࡞ - ങ͍෺͔͝ʹ঎඼ΛೖΕͯ΋, ʮങ͍෺͔͝ʹ͍Εͨʯ ͱ͍͏ಈ࡞͕อ࣋͞Εͳ͍ͨΊ, ͔͝ͷத਎͕ແ͍ঢ়ଶ ʹͳͬͯ͠·͏

Slide 61

Slide 61 text

Cookie • ࣮ࡍͷγϣοϐϯάαΠτͰ͸, ʮങ͍෺͔͝ʹೖΕͨ ͷʹೖ͍ͬͯͳ͍ʯͱ͍ͬͨΑ͏ͳ͜ͱ͸΄΅ແ͍ ‣ ঢ়ଶΛอଘ͢Δผͷ࢓૊Έ͕ଘࡏ͍ͯ͠Δ͔Β - Cookieͱ͍͏࢓૊Έ͕ଘࡏ͢Δ

Slide 62

Slide 62 text

Cookie • Cookie  Webαʔό͕઀ଓ͖ͯͨ͠Webϒϥ΢βʹରͯ͠ૹ৴ ͢Δখ͞ͳσʔλ. Ұൠʹ, Webϒϥ΢βʹอ࣋ͯ͠໯ ͍͍ͨσʔλΛCookieͱͯ͠อ࣋͢Δ. • Cookie͸ओʹҎԼͷ3ͭͷ༻్Ͱ࢖༻͞ΕΔ 1. ηογϣϯͷ؅ཧʢϩάΠϯ৘ใ, Χʔτ৘ใʣ 2. ݸਓઃఆʢϢʔβʔͷઃఆʣ 3. τϥοΩϯάʢϢʔβʔͷߦಈΛ෼ੳ͢Δʣ

Slide 63

Slide 63 text

Cookie • Cookie΍ΓͱΓͷྲྀΕ 1. Webαʔό΁઀ଓ͖ͯͨ͠Webϒϥ΢βʹରͯ͠, อଘͯ͠΋Β͍͍ͨ৘ใΛCookieͱͯ͠ૹΔʢϨε ϙϯεϔομʔʹ, Set-CookieଐੑΛ௥Ճʣ 2. CookieΛड͚औͬͨWebϒϥ΢β͸ͦΕΛอଘ͠, ࣍ʹαʔόʹ઀ଓ͢Δࡍʹอଘ͓͍ͯͨ͠Cookie Λૹ৴͢Δ

Slide 64

Slide 64 text

Cookie • γϣοϐϯάαΠτΛྫʹߟ͑Δͱ 1. Webαʔό͸ΞΫηε͖ͯͨ͠Webϒϥ΢βΛࣝ ผ͢ΔͨΊͷ৘ใΛCookieͱͯ͠ૹΔ 2. Webαʔό͕γϣοϐϯάαΠτʹΞΫηε͢Δࡍ ͸, ϒϥ΢βࣝผͷͨΊͷ৘ใʢCookieʣΛϦΫΤ ετϔομʹؚΊͯૹ৴͢Δ

Slide 65

Slide 65 text

Cookie ᶃ࠷ॳͷWebαʔό΁ͷ઀ଓ ᶄCookie΋ಉ࣌ʹૹ৴ ᶅ2ճΊͷWebαʔό΁ͷ઀ଓ ʜ 4FU$PPLJFOBNFWBMVFFYQJSFTEBUFEPNBJO%*."*/@/".& ʜ .FTTBHF 1045VQMPBE)551 HTTPϨεϙϯε ॳճͷHTTPϨεϙϯεͷ ϝοηʔδϔομʔʹ CookieΛؚΊͯૹ৴ ʜ $PPLJFOBNFWBMVF ʜ .FTTBHF 1045VQMPBE)551 HTTPϦΫΤετ CookieΛड͚औͬͨ͋ͱ͸, CookieΛHTTPϦΫΤετϔομʔʹ ؚΊͯૹ৴͢Δ

Slide 66

Slide 66 text

Cookie • Cookieͷૹ৴ʹ͸ϝοηʔδϔομ͕ར༻͞ΕΔ(ਤͷ ྘৭ͷ෦෼Ͱͨ͠Ͷʁʣ • Webαʔό͸HTTPϨεϙϯεʹSet-CookieϔομʔΛ ؚΊΔ͜ͱͰCookieΛૹ৴͢Δ • Webϒϥ΢β͸, HTTPϦΫΤετʹCookieϔομΛؚ ΊΔ͜ͱͰ, CookieΛૹ৴͢Δ ʜ 4FU$PPLJFOBNFWBMVFFYQJSFTEBUFEPNBJO%*."*/@/".& ʜ .FTTBHF 1045VQMPBE)551 ਤ: ϝοηʔδϔομ

Slide 67

Slide 67 text

Cookie • Set-Cookieϔομ͸Cookieͷ஋Λઃఆ͢Δ͚ͩͰͳ͘, Cookieͷ༗ޮ ظݶ΍HTTPSͰͷΈ΍ΓऔΓΛߦͳ͏(Secure Cookie)ઃఆΛ͢Δ͜ͱ ͕Ͱ͖Δ. ‣ Secure CookieΛ࢖ͬͨ৔߹Ͱ΋, ػີ৘ใ͸ૹड৴ͯ͠͸͍͚ͳ͍ • ༗ޮظݶΛઃఆ͠ͳ͍CookieΛηογϣϯCookieͱ͍͏ʢWebϒϥ ΢βΛফ͢ͱಉ࣌ʹফڈ͞ΕΔʣ ‣ ༗ޮظݶΛઃఆ͢Δͱͦͷظؒ͸࢒ΔͨΊ, γϣοϐϯάαΠτͳ ͲͰ͸҆શੑͷ؍఺͔ΒηογϣϯCookieΛ࢖͍ͬͯΔͱ͜Ζ͕ ଟ͍

Slide 68

Slide 68 text

Cookie ໊લ ಺༰ छผ 4FU$PPLJF ঢ়ଶΛอ࣋ɾ؅ཧ͢ΔͨΊͷ ৘ใʢ$PPLJFʣ ϨεϙϯεϔομϑΟʔϧυ $PPLJF 8FCαʔό͔Βड͚औͬͨ $PPLJFͷ஋ ϦΫΤετϔομϑΟʔϧυ CookieͰར༻͞ΕΔϔομϑΟʔϧυ

Slide 69

Slide 69 text

Cookie ໊લ ಺༰ OBNFWBMVF $PPLJFʹ෇͚Δ໊લͱͦͷ஋ FYQJSFTEBUF $PPLJFͷ༗ޮظݶ͜ͷଐੑ͕ͳ͍৔߹ ηογϣϯ$PPLJFͱͯ͠ѻ͏ NBYBHFTFDPOET $PPLJFͷੜଘ࣌ؒΛඵ਺Ͱࢦఆ TFDVSF )5514Ͱ௨৴ͯ͠Δ৔߹ͷΈ$PPLJFΛૹ৴ IUUQPOMZ +BWB4DSJQU͔Βͷ$PPLJF΁ͷࢀর੍ݶʢ944Λ๷͙ͨΊʣ EPNBJO%0."*/@/".& $PPLJF͕ར༻͞ΕΔυϝΠϯ໊ QBUI1"5) $PPLJF͕ར༻͞ΕΔαʔό্ͷύε Set-CookieϔομϑΟʔϧυʹهड़͢Δଐੑ

Slide 70

Slide 70 text

໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

Slide 71

Slide 71 text

ηογϣϯ • ηογϣϯ  ؔ࿈ͷ͋Δ1࿈ͷॲཧͷ։͔࢝Βऴྃ·Ͱͷશظؒ ૹ৴ଆ ड৴ଆ ঎඼ΛબͿ OK ങ͍෺͔͝ʹೖΕΔ OK ങ͍෺͔͝ͷத਎Λ֬ೝ OK ܾࡁ OK ηογϣϯ ίωΫγϣϯ

Slide 72

Slide 72 text

ηογϣϯ • ෳ਺ͷΫϥΠΞϯτ͔ΒΞΫηε͞ΕΔWebαʔό͸, ηο γϣϯΛͲͷΑ͏ʹ؅ཧ͢Δͷ͔ʁ ‣ CookieΛ༻͍ͯηογϣϯΛ؅ཧ͢Δ ‣ Cookie͕࢖͑ͳ͍৔߹͸URLʹؚΊΔͱ͖΋͋Δ͕, ηΩϡ ϦςΟͷ໘͔Βਪ঑͞Εͳ͍ํ๏Ͱ͋Δ • ηογϣϯ؅ཧʹ͓͍ͯ, Webϒϥ΢βΛࣝผ͢ΔͨΊͷࣝผ ࢠ(id)ΛηογϣϯIDͱݺͿ ‣ ηογϣϯID͸WebαʔόͰੜ੒͞Ε, CookieʹؚΊͯWeb ϒϥ΢βʹૹ৴͞ΕΔ

Slide 73

Slide 73 text

ηογϣϯ 4*%BBBBBB 4*%CCCCCC webαʔό webϒϥ΢βB webϒϥ΢βA ηογϣϯ*% Ϣʔβʔ ϩάΠϯ ങ͍෺͔͝ BBBBBB TBUP 536& Ξ΢λʔº γϟπº CCCCCC HVFTU '"-4& γϡʔζº දɿWebαʔό͕อଘ͍ͯ͠Δηογϣϯσʔλ

Slide 74

Slide 74 text

ηογϣϯ • ηογϣϯIDΛड͚औͬͯҎ߱͸, ϦΫΤετϔομʹ ηογϣϯIDΛؚΊͯૹ৴͢Δ͜ͱͰ, Webαʔόͱͷ ηογϣϯΛҡ࣋͢Δ͜ͱ͕ग़དྷΔ. • ʮങ͍෺͔͝ʹͳʹΛ͍Ε͔ͨʯͱݴͬͨ৘ใ͸, ηο γϣϯIDͱඥ෇͍ͯʮηογϣϯσʔλʯͱͯ͠Web αʔόʹอଘ͞ΕΔ.

Slide 75

Slide 75 text

ηογϣϯ webαʔό webϒϥ΢βA Set-Cookie:SID=aaaaaa Cookie:SID=aaaaaa CookieʹؚΊͯ౉͢ ϦϯΫͷURLʹؚΊΔ webαʔό webϒϥ΢βA http://example.com/cart?SID=aaaaaa ͱ͍͏ϦϯΫ෇͖ͷWebϖʔδΛૹ৴ ϦϯΫ͕ΫϦοΫ͞ΕΔͱ, ηογϣϯID෇͖ ͰWebαʔό΁ϦΫΤετ͕ૹ৴͞ΕΔ http://example.com/cart?SID=aaaaaa ηογϣϯIDΛURLͷύϥϝʔλͱͯ͠ૹ৴

Slide 76

Slide 76 text

໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

Slide 77

Slide 77 text

URI • URI(Uniform Resource Identiﬁer)  ৘ใ΍σʔλͱ͍ͬͨϦιʔεΛࣝผ͢Δهड़ํ๏ ‣ ಛʹ, Ϧιʔε͕ଘࡏ͢Δ৔ॴΛࣔ͢΋ͷΛ URL(Uniform Resource Locator)ͱ͍͏ • URIͷ͏ͪ, ৔ॴ͸໰ΘͣʹϦιʔεͷ໊લΛࣔ͢΋ͷΛ URN(Uniform Resource Name)ͱ͍͏ URIͷҰൠతͳදݱܗࣜ ʢεΩʔϜ໊ʣɿʢεΩʔϜ͝ͱͷදݱܗࣜʣ

Slide 78

Slide 78 text

URI εΩʔϜ εΩʔϜ͝ͱͷදݱܗࣜ IUUQ FYBNQMFDPNOFXTJOEFYIUNM  FYBNQMFDPNʹ͋ΔOFXϑΥϧμ಺ͷJOEFYIUNMϑΝΠϧ GUQ FYBNQMFDPNEPDTOFXTEPD  FYBNQMFDPNʹ͋ΔEPDTϑΥϧμ಺ͷOFXEPDϑΝΠϧ VSO JTCO JTCOίʔυͰࣔ͞ΕΔॻྨ VSO JFUGSGD JFUGʹΑͬͯ؅ཧ͞Ε͍ͯΔ3'$ͷॻྨ URIͷྫ εΩʔϜ໊ɿεΩʔϜ͝ͱͷදݱܗࣜ

Slide 79

Slide 79 text

URI • ϦΫΤετURI  HTTPʹ͓͍ͯ΋, ϦιʔεΛಛఆ͢ΔͨΊʹURIΛར༻ ͍ͯ͠Δ. ઈରURIܗࣜͱ૬ରURIܗ͕ࣜ͋Δ ઈରURIͰͷදه ૬ରURIͰͷදه (&5IUUQFYBNQMFDPNOFXTJOEFYIUNM)551 )PTUFYBNQMFDPN http͔Β࢝·ΔURIͰ, ϗετ໊ٴͼύε໊ͷશ͕ͯϦΫΤετߦʹهड़͞ΕΔ. HTTPϦΫΤετ͕ϓϩΩγαʔόΛܦ༝͢Δ৔߹, ઈରURI͕ར༻͞ΕΔ. (&5OFXTJOEFYIUNM)551 )PTUFYBNQMFDPN /͔Β࢝·ΔURIͰ, ύε໊ͷΈϦΫΤετߦʹهड़͞ΕΔ ௨ৗ͸૬ରURIΛར༻ͯ͠HTTPϦΫΤετ͕ૹ৴͞ΕΔ

Slide 80

Slide 80 text

URI • ύʔηϯτΤϯίʔσΟϯά  URLͰར༻Ͱ͖Δจࣈ͸ఆΊΒΕ͓ͯΓ, ʮ༧໿จࣈʯ ͱʮඇ༧໿จࣈʯ͕ଘࡏ͢Δ. ‣ ༧໿จࣈ  ҎԼͷΑ͏ͳ஋. ۠੾ΓͳͲͰ࢖ΘΕΔ reserved = gen-delims / sub-delims gen-delims = ":" / "/" / "?" / "#" / "[" / "]" / "@" sub-delims = "!" / "$" / "&" / "'" / "(" / ")" / "*" / "+" / "," / ";" / "=" Ҿ༻ɿhttps://tools.ietf.org/html/rfc3986#page-11

Slide 81

Slide 81 text

URI • ඇ༧໿จࣈ  ਺ࣈ΍ΞϧϑΝϕοτͳͲࣗ༝ʹURIʹ࢖༻Ͱ͖ΔจࣈͰ, Ξϧ ϑΝϕοτͷେจࣈখจࣈ, ਺ࣈ, ϋΠϑϯ, υοτ, Ξϯμʔε ίΞ, νϧμؚ͕·ΕΔ  • URIͰ͸ඇ༧໿จࣈ͔ࣗ͠༝ʹ࢖͏͜ͱ͕Ͱ͖ͳ͍ ‣ ༧໿จࣈ, ඇ༧໿จࣈҎ֎ͷจࣈΛURIͰར༻͢Δ৔߹, ύʔ ηϯτΤϯίʔσΟϯάͱ͍͏ํ๏Λ༻͍ͯΤϯίʔυ͢ Δඞཁ͕͋Δ unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"

Slide 82

Slide 82 text

URI • ύʔηϯτΤϯίʔσΟϯάͰ͸, ʮ%ʯʹ͍ͭͮͯจ ࣈίʔυΛ16ਐ਺Ͱදͨ͠ܗʹม׵͞ΕΔ จࣈίʔυ ύʔηϯτΤϯίʔσΟϯάޙ 4IJGU+*4 ""7#$ &6$+1 """"$##" 65' &&&" &&% “͍͍ఱؾ”ΛύʔηϯτΤϯίʔσΟϯά͢Δྫ

Slide 83

Slide 83 text

URI • ੜ੒͞ΕͨURI͸, ৗʹύʔηϯτΤϯίʔσΟϯά͞ Εͨঢ়ଶͰ͋Δ. ‣ ࣍ͷΑ͏ͳ΋ͷ͸URIͱͯ͠ೝΊΒΕͳ͍ • ෳ਺ճσίʔυͯ͠͸͍͚ͳ͍ http://example.com?foo=;ʔ&bar=%E3%81%B0%E3%83%BC

Slide 84

Slide 84 text

༨ஊ

Slide 85

Slide 85 text

༨ஊ • ͳΜͰHTTP/2.0͡Όͳͯ͘HTTP/2ͳͷʁ  The Working Group decided to drop the minor version (“.0”) because it has caused a lot of confusion in HTTP/1.x. In other words, the HTTP version only indicates wire compatibility, not feature sets or “marketing.” ‣ ϓϩτίϧͷޓ׵ੑ͚ͩΛද͢ͱ͸Ͳ͏͍͏͜ͱͳΜ Ͱ͠ΐ͏͔ʁ ‣ ͋ͱͲΜͳޡղ͕͋ͬͨΜͩΖ͏… Ҿ༻ɿhttps://http2.github.io/faq/#is-it-http20-or-http2

Slide 86

Slide 86 text

ࢀߟαΠτ౳

Slide 87

Slide 87 text

ࢀߟαΠτ౳ • HTTP/2 Frequently Asked Questions  https://http2.github.io/faq/ • HTTP/2ͷ֓ཁ  https://developers.google.com/web/fundamentals/ performance/http2 • HPACK:Header Compression for HTTP/2  https://tools.ietf.org/html/rfc7541 • HTTP/2 ೖ໳  https://techblog.yahoo.co.jp/infrastructure/http2/ introduction_to_http2/

Slide 88

Slide 88 text

ࢀߟαΠτ౳ • SSLͱTLSͷҧ͍ͱ͸  https://ssl.sakura.ad.jp/column/ssl_tls/ • SSLΛཧղ͢ΔͨΊͷجૅωΰγΤʔγϣϯ[PDF]  https://www.jp.websecurity.symantec.com/welcome/pdf/ wp_ssl_negotiation.pdf • HTTPSͷৄࡉ  http://www.atmarkit.co.jp/ait/articles/1704/13/news030.html • Uniform Resource Identiﬁer(URI): Generic Syntax  https://tools.ietf.org/html/rfc3986