注重体验与质量的电子书资源下载网站
分类于: 互联网 计算机基础 编程语言
简介
HTTP权威指南 豆 8.6分
资源最后更新于 2020-03-22 03:38:18
作者:David Gourley
译者:陈涓
出版社:人民邮电出版社
出版日期:2012-01
ISBN:9787115281487
文件格式: pdf
标签: HTTP 网络 计算机 互联网 协议 web开发 基础理论 编程
简介· · · · · ·
超文本转移协议(HypertextTransferProtocol,HTTP)是在万维网上进行通信时所使用的协议方案。HTTP有很多应用,但最著名的是用于web浏览器和web服务器之间的双工通信。
HTTP起初是一个简单的协议,因此你可能会认为关于这个协议没有太多好说的。但现在,你手上拿着的是却一本两磅重的书。如果你对我们怎么会写出一本650页的关于HTTP的书感到奇怪的话,可以去看一下目录。本书不仅仅是一本HTTP首部的参考手册;它是一本名副其实的web结构圣经。
本书中,我们尝试着将HTTP中一些互相关联且常被误解的规则梳理清楚,并编写了一系列基于各种主题的章节,对HTTP各方面的特性进行了介绍。纵观全书,我们对HTTP“为什么”这样做进行了详细的解释,而不仅仅停留在它是“怎么做”的。而且,为了节省大家寻找参考文献的时间,我们还对很多H...
目录
第一部分 HTTP:Web 的基础
第1 章 HTTP 概述 ............................................................................................................................3
1.1 HTTP——因特网的多媒体信使 ...............................................................................................4
1.2 Web 客户端和服务器 .................................................................................................................4
1.3 资源 ............................................................................................................................................5
1.3.1 媒体类型 ........................................................................................................................6
1.3.2 URI.................................................................................................................................7
1.3.3 URL ...............................................................................................................................7
1.3.4 URN ...............................................................................................................................8
1.4 事务 ............................................................................................................................................9
1.4.1 方法 ...............................................................................................................................9
1.4.2 状态码 ..........................................................................................................................10
1.4.3 Web 页面中可以包含多个对象 ..................................................................................10
1.5 报文 ..........................................................................................................................................11
1.6 连接 ..........................................................................................................................................13
1.6.1 TCP/IP ..........................................................................................................................13
1.6.2 连接、IP 地址及端口号 ..............................................................................................14
1.6.3 使用Telnet 实例 ..........................................................................................................16
1.7 协议版本 ..................................................................................................................................18
1.8 Web 的结构组件 .......................................................................................................................19
1.8.1 代理 ..............................................................................................................................19
1.8.2 缓存 ..............................................................................................................................20
1.8.3 网关 ..............................................................................................................................20
1.8.4 隧道 ..............................................................................................................................21
1.8.5 Agent 代理 ....................................................................................................................21
1.9 起始部分的结束语 ...................................................................................................................22
1.10 更多信息 ................................................................................................................................22
1.10.1 HTTP 协议信息 ........................................................................................................22
1.10.2 历史透视 ...................................................................................................................23
1.10.3 其他万维网信息 .......................................................................................................23
第2 章 URL 与资源 ........................................................................................................................25
2.1 浏览因特网资源 .......................................................................................................................26
2.2 URL 的语法 ..............................................................................................................................28
2.2.1 方案——使用什么协议 ..............................................................................................29
2.2.2 主机与端口 ..................................................................................................................30
2.2.3 用户名和密码 ..............................................................................................................30
2.2.4 路径 ..............................................................................................................................31
2.2.5 参数 ..............................................................................................................................31
2.2.6 查询字符串 ..................................................................................................................32
2.2.7 片段 ..............................................................................................................................33
2.3 URL 快捷方式 ..........................................................................................................................34
2.3.1 相对URL .....................................................................................................................34
2.3.2 自动扩展URL .............................................................................................................37
2.4 各种令人头疼的字符 ...............................................................................................................38
2.4.1 URL 字符集 .................................................................................................................38
2.4.2 编码机制 ......................................................................................................................38
2.4.3 字符限制 ......................................................................................................................39
2.4.4 另外一点说明 ..............................................................................................................40
2.5 方案的世界 ...............................................................................................................................40
2.6 未来展望 ..................................................................................................................................42
2.7 更多信息 ..................................................................................................................................44
第3 章 HTTP 报文 ..........................................................................................................................45
3.1 报文流 ......................................................................................................................................46
3.1.1 报文流入源端服务器 ..................................................................................................46
3.1.2 报文向下游流动 ..........................................................................................................47
3.2 报文的组成部分 .......................................................................................................................47
3.2.1 报文的语法 ..................................................................................................................48
3.2.2 起始行 ..........................................................................................................................50
3.2.3 首部 ..............................................................................................................................53
3.2.4 实体的主体部分 ..........................................................................................................55
3.2.5 版本0.9 的报文 ...........................................................................................................55
3.3 方法 ..........................................................................................................................................56
3.3.1 安全方法 ......................................................................................................................56
3.3.2 GET ...............................................................................................................................56
3.3.3 HEAD ...........................................................................................................................57
3.3.4 PUT ...............................................................................................................................57
3.3.5 POST .............................................................................................................................58
3.3.6 TRACE .........................................................................................................................58
3.3.7 OPTIONS......................................................................................................................60
3.3.8 DELETE .......................................................................................................................60
3.3.9 扩展方法 ......................................................................................................................61
3.4 状态码 ......................................................................................................................................62
3.4.1 100 ~ 199——信息性状态码 ....................................................................................62
3.4.2 200 ~ 299——成功状态码 ........................................................................................63
3.4.3 300 ~ 399——重定向状态码 ....................................................................................64
3.4.4 400 ~ 499——客户端错误状态码 ............................................................................68
3.4.5 500 ~ 599——服务器错误状态码 ............................................................................69
3.5 首部 ..........................................................................................................................................70
3.5.1 通用首部 ......................................................................................................................71
3.5.2 请求首部 ......................................................................................................................72
3.5.3 响应首部 ......................................................................................................................74
3.5.4 实体首部 ......................................................................................................................75
3.6 更多信息 ..................................................................................................................................77
第4 章 连接管理 ..............................................................................................................................79
4.1 TCP 连接..................................................................................................................................80
4.1.1 TCP 的可靠数据管道 ..................................................................................................80
4.1.2 TCP 流是分段的、由IP 分组传送.............................................................................81
4.1.3 保持TCP 连接的正确运行 .........................................................................................82
4.1.4 用TCP 套接字编程 .....................................................................................................84
4.2 对TCP 性能的考虑..................................................................................................................85
4.2.1 HTTP 事务的时延 .......................................................................................................86
4.2.2 性能聚焦区域 ..............................................................................................................87
4.2.3 TCP 连接的握手时延 ..................................................................................................87
4.2.4 延迟确认 ......................................................................................................................88
4.2.5 TCP 慢启动 ..................................................................................................................89
4.2.6 Nagle 算法与TCP_NODELAY ...................................................................................89
4.2.7 TIME_WAIT 累积与端口耗尽 ....................................................................................90
4.3 HTTP 连接的处理 ....................................................................................................................91
4.3.1 常被误解的Connection 首部 .................................................................................91
4.3.2 串行事务处理时延 ......................................................................................................92
4.4 并行连接 ..................................................................................................................................94
4.4.1 并行连接可能会提高页面的加载速度 ......................................................................94
4.4.2 并行连接不一定更快 ..................................................................................................95
4.4.3 并行连接可能让人“感觉”更快一些 ......................................................................95
4.5 持久连接 ..................................................................................................................................96
4.5.1 持久以及并行连接 ......................................................................................................96
4.5.2 HTTP/1.0+ Keep-Alive 连接 .......................................................................................97
4.5.3 keep-Alive 操作 ............................................................................................................98
4.5.4 keep-Alive 选项 ............................................................................................................98
4.5.5 keep-Alive 连接的限制和规则 ....................................................................................99
4.5.6 keep-Alive 和哑代理 ..................................................................................................100
4.5.7 插入Proxy-Connection ......................................................................................102
4.5.8 HTTP/1.1 持久连接 ...................................................................................................104
4.5.9 持久连接的限制和规则 ............................................................................................104
4.6 管道化连接 .............................................................................................................................105
4.7 关闭连接的奥秘 .....................................................................................................................106
4.7.1 “任意”解除连接 ......................................................................................................106
4.7.2 Content-Length 及截尾操作 ...............................................................................107
4.7.3 连接关闭容限、重试以及幂等性 ............................................................................107
4.7.4 正常关闭连接 ............................................................................................................108
4.8 更多信息 ................................................................................................................................110
4.8.1 HTTP 连接 .................................................................................................................110
4.8.2 HTTP 性能问题 .........................................................................................................110
4.8.3 TCP/IP ........................................................................................................................ 111
第二部分 HTTP 结构
第5 章 Web 服务器 ......................................................................................................................115
5.1 各种形状和尺寸的Web 服务器 ............................................................................................116
5.1.1 Web 服务器的实现 ....................................................................................................116
5.1.2 通用软件Web 服务器 ...............................................................................................117
5.1.3 Web 服务器设备 ........................................................................................................117
5.1.4 嵌入式Web 服务器 ...................................................................................................118
5.2 最小的Perl Web 服务器 ........................................................................................................118
5.3 实际的Web 服务器会做些什么 ............................................................................................120
5.4 第一步——接受客户端连接 .................................................................................................121
5.4.1 处理新连接 ................................................................................................................121
5.4.2 客户端主机名识别 ....................................................................................................122
5.4.3 通过ident 确定客户端用户 ......................................................................................122
5.5 第二步——接收请求报文 .....................................................................................................123
5.5.1 报文的内部表示法 ....................................................................................................124
5.5.2 连接的输入/ 输出处理结构 .....................................................................................125
5.6 第三步——处理请求 .............................................................................................................126
5.7 第四步——对资源的映射及访问 .........................................................................................126
5.7.1 docroot ........................................................................................................................127
5.7.2 目录列表 ....................................................................................................................129
5.7.3 动态内容资源的映射 ................................................................................................130
5.7.4 服务器端包含项(SSI) .............................................................................................131
5.7.5 访问控制 ....................................................................................................................131
5.8 第五步——构建响应 .............................................................................................................131
5.8.1 响应实体 ....................................................................................................................131
5.8.2 MIME 类型.................................................................................................................132
5.8.3 重定向 ........................................................................................................................133
5.9 第六步——发送响应 .............................................................................................................134
5.10 第七步——记录日志 ...........................................................................................................134
5.11 更多信息 ...............................................................................................................................134
第6 章 代理 ....................................................................................................................................135
6.1 Web 的中间实体 .....................................................................................................................136
6.1.1 私有和共享代理 ........................................................................................................136
6.1.2 代理与网关的对比 ....................................................................................................137
6.2 为什么使用代理 .....................................................................................................................138
6.3 代理会去往何处 .....................................................................................................................143
6.3.1 代理服务器的部署 ....................................................................................................144
6.3.2 代理的层次结构 ........................................................................................................144
6.3.3 代理是如何获取流量的 ............................................................................................147
6.4 客户端的代理设置 .................................................................................................................148
6.4.1 客户端的代理配置:手工 ........................................................................................149
6.4.2 客户端代理配置:PAC 文件 ....................................................................................149
6.4.3 客户端代理配置:WPAD .........................................................................................150
6.5 与代理请求有关的棘手问题 .................................................................................................151
6.5.1 代理URI 与服务器URI 的不同 ...............................................................................151
6.5.2 与虚拟主机一样的问题 ............................................................................................152
6.5.3 拦截代理会收到部分URI.........................................................................................153
6.5.4 代理既可以处理代理请求,也可以处理服务器请求 ............................................154
6.5.5 转发过程中对URI 的修改........................................................................................154
6.5.6 URI 的客户端自动扩展和主机名解析.....................................................................155
6.5.7 没有代理时URI 的解析............................................................................................155
6.5.8 有显式代理时URI 的解析........................................................................................156
6.5.9 有拦截代理时解析URI.............................................................................................156
6.6 追踪报文 ................................................................................................................................157
6.6.1 Via 首部.....................................................................................................................158
6.6.2 TRACE 方法 ..............................................................................................................162
6.7 代理认证 ................................................................................................................................164
6.8 代理的互操作性 .....................................................................................................................165
6.8.1 处理代理不支持的首部和方法 ................................................................................165
6.8.2 OPTIONS:发现可选特性的支持............................................................................166
6.8.3 Allow 首部 ................................................................................................................167
6.9 更多信息 ................................................................................................................................167
第7 章 缓存 ....................................................................................................................................169
7.1 冗余的数据传输 .....................................................................................................................170
7.2 带宽瓶颈 ................................................................................................................................170
7.3 瞬间拥塞 ................................................................................................................................171
7.4 距离时延 ................................................................................................................................172
7.5 命中和未命中的 .....................................................................................................................173
7.5.1 再验证 ........................................................................................................................173
7.5.2 命中率 ........................................................................................................................175
7.5.3 字节命中率 ................................................................................................................176
7.5.4 区分命中和未命中的情况 ........................................................................................176
7.6 缓存的拓扑结构 .....................................................................................................................177
7.6.1 私有缓存 ....................................................................................................................177
7.6.2 公有代理缓存 ............................................................................................................177
7.6.3 代理缓存的层次结构 ................................................................................................179
7.6.4 网状缓存、内容路由以及对等缓存 ........................................................................180
7.7 缓存的处理步骤 .....................................................................................................................181
7.7.1 第一步——接收 ........................................................................................................181
7.7.2 第二步——解析 ........................................................................................................182
7.7.3 第三步——查找 ........................................................................................................182
7.7.4 第四步——新鲜度检测 ............................................................................................182
7.7.5 第五步——创建响应 ................................................................................................182
7.7.6 第六步——发送 ........................................................................................................183
7.7.7 第七步——日志 ........................................................................................................183
7.7.8 缓存处理流程图 ........................................................................................................183
7.8 保持副本的新鲜 .....................................................................................................................183
7.8.1 文档过期 ....................................................................................................................184
7.8.2 过期日期和年龄 ........................................................................................................185
7.8.3 服务器再验证 ............................................................................................................185
7.8.4 用条件方法进行再验证 ............................................................................................186
7.8.5 If-Modified-Since:Date 再验证 .......................................................................187
7.8.6 If-None-Match实体标签再验证 .......................................................................189
7.8.7 强弱验证器 ................................................................................................................190
7.8.8 什么时候应该使用实体标签和最近修改日期 ........................................................190
7.9 对缓存能力的控制 .................................................................................................................191
7.9.1 no-Store 与no-Cache 响应首部 .........................................................................191
7.9.2 Max-Age 响应首部 ...................................................................................................192
7.9.3 Expires 响应首部 ...................................................................................................192
7.9.4 Must-Revalidate 响应首部 .................................................................................192
7.9.5 试探性过期 ................................................................................................................193
7.9.6 客户端的新鲜度限制 ................................................................................................194
7.9.7 注意事项 ....................................................................................................................194
7.10 设置缓存控制 .......................................................................................................................195
7.10.1 控制Apache 的HTTP 首部 ....................................................................................195
7.10.2 通过HTTP-EQUIV 控制HTML 缓存 ...................................................................196
7.11 详细算法 ...............................................................................................................................197
7.11.1 年龄和新鲜生存期 ...................................................................................................198
7.11.2 使用期的计算 ...........................................................................................................198
7.11.3 完整的使用期计算算法 ...........................................................................................201
7.11.4 新鲜生存期计算 .......................................................................................................202
7.11.5 完整的服务器—新鲜度算法 ...................................................................................202
7.12 缓存和广告 ...........................................................................................................................204
7.12.1 发布广告者的两难处境 ..........................................................................................204
7.12.2 发布者的响应 ..........................................................................................................204
7.12.3 日志迁移 ..................................................................................................................205
7.12.4 命中计数和使用限制 ..............................................................................................205
7.13 更多信息 ...............................................................................................................................205
第8 章 集成点:网关隧道及中继 .............................................................................................207
8.1 网关 ........................................................................................................................................208
8.2 协议网关 ................................................................................................................................210
8.2.1 HTTP/*:服务器端Web 网关 ..................................................................................211
8.2.2 HTTP/HTTPS:服务器端安全网关 .........................................................................212
8.2.3 HTTPS/HTTP 客户端安全加速器网关 ....................................................................212
8.3 资源网关 ................................................................................................................................213
8.3.1 通用网关接口(CGI) ................................................................................................215
8.3.2 服务器扩展API .........................................................................................................215
8.4 应用程序接口和Web 服务 ....................................................................................................216
8.5 隧道 ........................................................................................................................................217
8.5.1 用CONNECT 建立HTTP 隧道................................................................................217
8.5.2 数据隧道、定时及连接管理 ....................................................................................219
8.5.3 SSL 隧道.....................................................................................................................219
8.5.4 SSL 隧道与HTTP/HTTPS 网关的对比 ...................................................................220
8.5.5 隧道认证 ....................................................................................................................221
8.5.6 隧道的安全性考虑 ....................................................................................................221
8.6 中继 ........................................................................................................................................222
8.7 更多信息 ................................................................................................................................224
第9 章 Web 机器人 ......................................................................................................................225
9.1 爬虫及爬行方式 .....................................................................................................................226
9.1.1 从哪儿开始:根集 ....................................................................................................226
9.1.2 链接的提取以及相对链接的标准化 ........................................................................227
9.1.3 避免环路的出现 ........................................................................................................228
9.1.4 循环与复制 ................................................................................................................228
9.1.5 面包屑留下的痕迹 ....................................................................................................229
9.1.6 别名与机器人环路 ....................................................................................................230
9.1.7 规范化URL ...............................................................................................................230
9.1.8 文件系统连接环路 ....................................................................................................231
9.1.9 动态虚拟Web 空间 ...................................................................................................232
9.1.10 避免循环和重复 ......................................................................................................233
9.2 机器人的HTTP ......................................................................................................................236
9.2.1 识别请求首部 ............................................................................................................236
9.2.2 虚拟主机 ....................................................................................................................236
9.2.3 条件请求 ....................................................................................................................237
9.2.4 对响应的处理 ............................................................................................................238
9.2.5 User-Agent 目标 ....................................................................................................239
9.3 行为不当的机器人 .................................................................................................................239
9.4 拒绝机器人访问 .....................................................................................................................240
9.4.1 拒绝机器人访问标准 ................................................................................................241
9.4.2 Web 站点和robots.txt 文件 .......................................................................................242
9.4.3 robots.txt 文件的格式 ................................................................................................243
9.4.4 其他有关robots.txt 的知识 .......................................................................................246
9.4.5 缓存和robots.txt 的过期 ...........................................................................................246
9.4.6 拒绝机器人访问的Perl 代码 ....................................................................................247
9.4.7 HTML 的robot-control 元标签 ........................................................................249
9.5 机器人的规范 .........................................................................................................................251
9.6 搜索引擎 ................................................................................................................................254
9.6.1 大格局 ........................................................................................................................255
9.6.2 现代搜索引擎结构 ....................................................................................................255
9.6.3 全文索引 ....................................................................................................................255
9.6.4 发布查询请求 ............................................................................................................257
9.6.5 对结果进行排序,并提供查询结果 ........................................................................258
9.6.6 欺诈 ............................................................................................................................258
9.7 更多信息 ................................................................................................................................258
第10 章 HTTP-NG .......................................................................................................................261
10.1 HTTP 发展中存在的问题 ....................................................................................................262
10.2 HTTP-NG 的活动 .................................................................................................................263
10.3 模块化及功能增强 ...............................................................................................................263
10.4 分布式对象 ...........................................................................................................................264
10.5 第一层——报文传输 ...........................................................................................................264
10.6 第二层——远程调用 ...........................................................................................................265
10.7 第三层——Web 应用 ...........................................................................................................265
10.8 WebMUX ..............................................................................................................................265
10.9 二进制连接协议 ...................................................................................................................266
10.10 当前的状态 .........................................................................................................................267
10.11 更多信息 .............................................................................................................................267
第三部分 识别、认证与安全
第11 章 客户端识别与cookie 机制 ........................................................................................271
11.1 个性化接触 ...........................................................................................................................272
11.2 HTTP 首部 ............................................................................................................................273
11.3 客户端IP 地址 .....................................................................................................................274
11.4 用户登录 ...............................................................................................................................275
11.5 胖URL .................................................................................................................................277
11.6 cookie ...................................................................................................................................278
11.6.1 cookie 的类型 .........................................................................................................278
11.6.2 cookie 是如何工作的 .............................................................................................279
11.6.3 cookie 罐:客户端的状态 .....................................................................................280
11.6.4 不同站点使用不同的cookie .................................................................................282
11.6.5 cookie 成分 .............................................................................................................283
11.6.6 cookies 版本0(Netscape) ....................................................................................284
11.6.7 cookies 版本1(RFC 2965) ..................................................................................285
11.6.8 cookie 与会话跟踪 .................................................................................................288
11.6.9 cookie 与缓存 .........................................................................................................290
11.6.10 cookie、安全性和隐私 ........................................................................................291
11.7 更多信息 ...............................................................................................................................292
第12 章 基本认证机制 ................................................................................................................293
12.1 认证 ......................................................................................................................................294
12.1.1 HTTP 的质询/ 响应认证框架 ...............................................................................294
12.1.2 认证协议与首部 .....................................................................................................295
12.1.3 安全域 .....................................................................................................................296
12.2 基本认证 ...............................................................................................................................297
12.2.1 基本认证实例 .........................................................................................................298
12.2.2 Base-64 用户名/ 密码编码 ....................................................................................298
12.2.3 代理认证 .................................................................................................................299
12.3 基本认证的安全缺陷 ...........................................................................................................300
12.4 更多信息 ...............................................................................................................................301
第13 章 摘要认证 .........................................................................................................................303
13.1 摘要认证的改进 ...................................................................................................................304
13.1.1 用摘要保护密码的 .................................................................................................304
13.1.2 单向摘要 .................................................................................................................306
13.1.3 用随机数防止重放攻击 .........................................................................................307
13.1.4 摘要认证的握手机制 .............................................................................................307
13.2 摘要的计算 ...........................................................................................................................308
13.2.1 摘要算法的输入数据 .............................................................................................308
13.2.2 算法H(d) 和KD(s,d) .............................................................................................310
13.2.3 与安全性相关的数据(A1) ..................................................................................310
13.2.4 与报文有关的数据(A2) ......................................................................................310
13.2.5 摘要算法总述 ....................................................................................................................311
13.2.6 摘要认证会话 .........................................................................................................312
13.2.7 预授权 .....................................................................................................................312
13.2.8 随机数的选择 .........................................................................................................315
13.2.9 对称认证 .................................................................................................................315
13.3 增强保护质量 .......................................................................................................................316
13.3.1 报文完整性保护 .....................................................................................................316
13.3.2 摘要认证首部 .........................................................................................................317
13.4 应该考虑的实际问题 ...........................................................................................................317
13.4.1 多重质询 .................................................................................................................318
13.4.2 差错处理 .................................................................................................................318
13.4.3 保护空间 .................................................................................................................318
13.4.4 重写URI .................................................................................................................319
13.4.5 缓存 .........................................................................................................................319
13.5 安全性考虑 ...........................................................................................................................320
13.5.1 首部篡改 .................................................................................................................320
13.5.2 重放攻击 .................................................................................................................320
13.5.3 多重认证机制 .........................................................................................................320
13.5.4 词典攻击 .................................................................................................................321
13.5.5 恶意代理攻击和中间人攻击 .................................................................................321
13.5.6 选择明文攻击 .........................................................................................................321
13.5.7 存储密码 .................................................................................................................322
13.6 更多信息 ...............................................................................................................................322
第14 章 安全HTTP .....................................................................................................................323
14.1 保护HTTP 的安全 ...............................................................................................................324
14.2 数字加密 ...............................................................................................................................326
14.2.1 密码编制的机制与技巧 .........................................................................................326
14.2.2 密码 .........................................................................................................................327
14.2.3 密码机 .....................................................................................................................328
14.2.4 使用了密钥的密码 .................................................................................................328
14.2.5 数字密码 .................................................................................................................328
14.3 对称密钥加密技术 ...............................................................................................................330
14.3.1 密钥长度与枚举攻击 .............................................................................................330
14.3.2 建立共享密钥 .........................................................................................................332
14.4 公开密钥加密技术 ...............................................................................................................332
14.4.1 RSA .........................................................................................................................333
14.4.2 混合加密系统和会话密钥 .....................................................................................334
14.5 数字签名 ...............................................................................................................................334
14.6 数字证书 ...............................................................................................................................336
14.6.1 证书的主要内容 .....................................................................................................336
14.6.2 X.509 v3 证书 .........................................................................................................337
14.6.3 用证书对服务器进行认证 .....................................................................................338
14.7 HTTPS——细节介绍 ...........................................................................................................339
14.7.1 HTTPS 概述 ............................................................................................................339
14.7.2 HTTPS 方案 ............................................................................................................340
14.7.3 建立安全传输 .........................................................................................................341
14.7.4 SSL 握手 .................................................................................................................341
14.7.5 服务器证书 .............................................................................................................343
14.7.6 站点证书的有效性 .................................................................................................344
14.7.7 虚拟主机与证书 .....................................................................................................345
14.8 HTTPS 客户端实例 ..............................................................................................................345
14.8.1 OpenSSL .................................................................................................................346
14.8.2 简单的HTTPS 客户端 ...........................................................................................347
14.8.3 执行OpenSSL 客户端 ...........................................................................................350
14.9 通过代理以隧道形式传输安全流量 ...................................................................................351
14.10 更多信息 .............................................................................................................................353
14.10.1 HTTP 安全性 ........................................................................................................353
14.10.2 SSL 与TLS ...........................................................................................................353
14.10.3 公开密钥基础设施 ...............................................................................................354
14.10.4 数字密码 ...............................................................................................................354
第四部分 实体、编码和国际化
第15 章 实体和编码 .....................................................................................................................357
15.1 报文是箱子,实体是货物 ...................................................................................................359
15.1.1 实体主体 .................................................................................................................360
15.2 Content-Length: 实体的大小 ......................................................................................361
15.2.1 检测截尾 .................................................................................................................361
15.2.2 错误的Content-Length ....................................................................................362
15.2.3 Content-Length 与持久连接 ............................................................................362
15.2.4 内容编码 .................................................................................................................362
15.2.5 确定实体主体长度的规则 .....................................................................................362
15.3 实体摘要 ...............................................................................................................................364
15.4 媒体类型和字符集 ...............................................................................................................364
15.4.1 文本的字符编码 .....................................................................................................365
15.4.2 多部分媒体类型 .....................................................................................................365
15.4.3 多部分表格提交 .....................................................................................................366
15.4.4 多部分范围响应 .....................................................................................................367
15.5 内容编码 ...............................................................................................................................368
15.5.1 内容编码过程 .........................................................................................................368
15.5.2 内容编码类型 .........................................................................................................369
15.5.3 Accept-Encoding 首部 .....................................................................................369
15.6 传输编码和分块编码 ...........................................................................................................371
15.6.1 可靠传输 .................................................................................................................371
15.6.2 Transfer-Encoding 首部 .................................................................................372
15.6.3 分块编码 .................................................................................................................373
15.6.4 内容编码与传输编码的结合 .................................................................................375
15.6.5 传输编码的规则 .....................................................................................................375
15.7 随时间变化的实例 ...............................................................................................................375
15.8 验证码和新鲜度 ...................................................................................................................376
15.8.1 新鲜度 .....................................................................................................................377
15.8.2 有条件的请求与验证码 .........................................................................................378
15.9 范围请求 ...............................................................................................................................380
15.10 差异编码 .............................................................................................................................382
15.11 更多信息 .............................................................................................................................385
第16 章 国际化 ..............................................................................................................................387
16.1 HTTP 对国际性内容的支持 ................................................................................................388
16.2 字符集与HTTP ....................................................................................................................389
16.2.1 字符集是把字符转换为二进制码的编码 .............................................................389
16.2.2 字符集和编码如何工作 .........................................................................................390
16.2.3 字符集不对,字符就不对 .....................................................................................391
16.2.4 标准化的MIME charset 值 ....................................................................................391
16.2.5 Content-Type 首部和Charset 首部以及META 标志 .................................393
16.2.6 Accept-Charset 首部 ........................................................................................393
16.3 多语言字符编码入门 ...........................................................................................................394
16.3.1 字符集术语 .............................................................................................................394
16.3.2 字符集的命名很糟糕 .............................................................................................395
16.3.3 字符 .........................................................................................................................396
16.3.4 字形、连笔以及表示形式 .....................................................................................396
16.3.5 编码后的字符集 .....................................................................................................397
16.3.6 字符编码方案 .........................................................................................................399
16.4 语言标记与HTTP ................................................................................................................402
16.4.1 Content-Language 首部 ...................................................................................402
16.4.2 Accept-Language 首部 .....................................................................................403
16.4.3 语言标记的类型 .....................................................................................................404
16.4.4 子标记 .....................................................................................................................404
16.4.5 大小写 .....................................................................................................................405
16.4.6 IANA 语言标记注册 ..............................................................................................405
16.4.7 第一个子标记——名字空间 .................................................................................405
16.4.8 第二个子标记——名字空间 .................................................................................406
16.4.9 其余子标记——名字空间 .....................................................................................407
16.4.10 配置和语言有关的首选项 ...................................................................................407
16.4.11 语言标记参考表 ...................................................................................................407
16.5 国际化的URI .......................................................................................................................408
16.5.1 全球性的可转抄能力与有意义的字符的较量 .....................................................408
16.5.2 URI 字符集合 .........................................................................................................408
16.5.3 转义和反转义 .........................................................................................................409
16.5.4 转义国际化字符 .....................................................................................................409
16.5.5 URI 中的模态切换 .................................................................................................410
16.6 其他需要考虑的地方 ...........................................................................................................410
16.6.1 首部和不合规范的数据 .........................................................................................410
16.6.2 日期 .........................................................................................................................411
16.6.3 域名 .........................................................................................................................411
16.7 更多信息 ...............................................................................................................................411
16.7.1 附录 .........................................................................................................................411
16.7.2 互联网的国际化 .....................................................................................................411
16.7.3 国际标准 .................................................................................................................412
第17 章 内容协商与转码 ............................................................................................................413
17.1 内容协商技术 .......................................................................................................................414
17.2 客户端驱动的协商 ...............................................................................................................415
17.3 服务器驱动的协商 ...............................................................................................................415
17.3.1 内容协商首部集 .....................................................................................................416
17.3.2 内容协商首部中的质量值 .....................................................................................417
17.3.3 随其他首部集而变化 .............................................................................................417
17.3.4 Apache 中的内容协商 ............................................................................................417
17.3.5 服务器端扩展 .........................................................................................................418
17.4 透明协商 ...............................................................................................................................419
17.4.1 进行缓存与备用候选 .............................................................................................419
17.4.2 Vary 首部 ...............................................................................................................420
17.5 转码 ......................................................................................................................................422
17.5.1 格式转换 .................................................................................................................422
17.5.2 信息综合 .................................................................................................................423
17.5.3 内容注入 .................................................................................................................423
17.5.4 对比转码与静态预生成 .........................................................................................423
17.6 下一步计划 ...........................................................................................................................424
17.7 更多信息 ...............................................................................................................................424
第五部分 内容发布与分发
第18 章 Web 主机托管 ...............................................................................................................429
18.1 主机托管服务 .......................................................................................................................430
18.2 虚拟主机托管 .......................................................................................................................431
18.2.1 虚拟服务器请求缺乏主机信息 .............................................................................432
18.2.2 设法让虚拟主机托管正常工作 .............................................................................433
18.2.3 HTTP/1.1 的Host 首部 ..........................................................................................437
18.3 使网站更可靠 .......................................................................................................................438
18.3.1 镜像的服务器集群 .................................................................................................438
18.3.2 内容分发网络 .........................................................................................................440
18.3.3 CDN 中的反向代理缓存 .......................................................................................440
18.3.4 CDN 中的代理缓存 ...............................................................................................440
18.4 让网站更快 ...........................................................................................................................441
18.5 更多信息 ...............................................................................................................................441
第19 章 发布系统 .........................................................................................................................443
19.1 FrontPage 为支持发布而做的服务器扩展 .........................................................................444
19.1.1 FrontPage 服务器扩展 ...........................................................................................444
19.1.2 FrontPage 术语表 ...................................................................................................445
19.1.3 FrontPage 的RPC 协议 ..........................................................................................445
19.1.4 FrontPage 的安全模型 ...........................................................................................448
19.2 WebDAV 与协作写作 ..........................................................................................................449
19.2.1 WebDAV 的方法.....................................................................................................449
19.2.2 WebDAV 与XML ...................................................................................................450
19.2.3 WebDAV 首部集.....................................................................................................451
19.2.4 WebDAV 的锁定与防止覆写.................................................................................452
19.2.5 LOCK 方法 ...............................................................................................................453
19.2.6 UNLOCK 方法 ..........................................................................................................456
19.2.7 属性和元数据 .........................................................................................................456
19.2.8 PROPFIND 方法 .....................................................................................................457
19.2.9 PROPPATCH 方法 ...................................................................................................459
19.2.10 集合与名字空间管理 ...........................................................................................460
19.2.11 MKCOL 方法...........................................................................................................460
19.2.12 DELETE 方法 ........................................................................................................461
19.2.13 COPY 与MOVE 方法 .............................................................................................462
19.2.14 增强的HTTP/1.1 方法 .........................................................................................465
19.2.15 WebDAV 中的版本管理.......................................................................................466
19.2.16 WebDAV 的未来发展...........................................................................................466
19.3 更多信息 ...............................................................................................................................467
第20 章 重定向与负载均衡 .......................................................................................................469
20.1 为什么要重定向 ...................................................................................................................470
20.2 重定向到何地 .......................................................................................................................471
20.3 重定向协议概览 ...................................................................................................................471
20.4 通用的重定向方法 ...............................................................................................................474
20.4.1 HTTP 重定向 ..........................................................................................................474
20.4.2 DNS 重定向 ............................................................................................................475
20.4.3 任播寻址 .................................................................................................................480
20.4.4 IP MAC 转发 ..........................................................................................................481
20.4.5 IP 地址转发 ............................................................................................................482
20.4.6 网元控制协议 .........................................................................................................484
20.5 代理的重定向方法 ...............................................................................................................485
20.5.1 显式浏览器配置 .....................................................................................................485
20.5.2 代理自动配置 .........................................................................................................485
20.5.3 Web 代理自动发现协议 .........................................................................................487
20.6 缓存重定向方法 ...................................................................................................................492
20.7 因特网缓存协议 ...................................................................................................................496
20.8 缓存阵列路由协议 ...............................................................................................................497
20.9 超文本缓存协议 ...................................................................................................................500
20.9.1 HTCP 认证 ..............................................................................................................502
20.9.2 设置缓存策略 .........................................................................................................503
20.10 更多信息 .............................................................................................................................504
第21 章 日志记录与使用情况跟踪 ..........................................................................................505
21.1 记录的内容 ...........................................................................................................................506
21.2 日志格式 ...............................................................................................................................507
21.2.1 常见日志格式 .........................................................................................................507
21.2.2 组合日志格式 .........................................................................................................508
21.2.3 Netscape 的扩展日志格式 .....................................................................................509
21.2.4 Netscape 扩展2 日志格式 .....................................................................................510
21.2.5 Squid 代理日志格式 ...............................................................................................512
21.3 命中率测量 ...........................................................................................................................515
21.3.1 概述 .........................................................................................................................515
21.3.2 Meter 首部 ..............................................................................................................516
21.4 关于隐私的考虑 ...................................................................................................................517
21.5 更多信息 ...............................................................................................................................518
第六部分 附 录
附录A URI 方案 ............................................................................................................................521
附录B HTTP 状态码 ....................................................................................................................529
附录C HTTP 首部参考 ...............................................................................................................533
附录D MIME 类型 ........................................................................................................................557
附录E Base-64 编码 ....................................................................................................................603
附录F 摘要认证 .............................................................................................................................607
附录G 语言标记 ............................................................................................................................615
附录H MIME 字符集注册表.......................................................................................................641
索引 ......................................................................................................................................................661
第1 章 HTTP 概述 ............................................................................................................................3
1.1 HTTP——因特网的多媒体信使 ...............................................................................................4
1.2 Web 客户端和服务器 .................................................................................................................4
1.3 资源 ............................................................................................................................................5
1.3.1 媒体类型 ........................................................................................................................6
1.3.2 URI.................................................................................................................................7
1.3.3 URL ...............................................................................................................................7
1.3.4 URN ...............................................................................................................................8
1.4 事务 ............................................................................................................................................9
1.4.1 方法 ...............................................................................................................................9
1.4.2 状态码 ..........................................................................................................................10
1.4.3 Web 页面中可以包含多个对象 ..................................................................................10
1.5 报文 ..........................................................................................................................................11
1.6 连接 ..........................................................................................................................................13
1.6.1 TCP/IP ..........................................................................................................................13
1.6.2 连接、IP 地址及端口号 ..............................................................................................14
1.6.3 使用Telnet 实例 ..........................................................................................................16
1.7 协议版本 ..................................................................................................................................18
1.8 Web 的结构组件 .......................................................................................................................19
1.8.1 代理 ..............................................................................................................................19
1.8.2 缓存 ..............................................................................................................................20
1.8.3 网关 ..............................................................................................................................20
1.8.4 隧道 ..............................................................................................................................21
1.8.5 Agent 代理 ....................................................................................................................21
1.9 起始部分的结束语 ...................................................................................................................22
1.10 更多信息 ................................................................................................................................22
1.10.1 HTTP 协议信息 ........................................................................................................22
1.10.2 历史透视 ...................................................................................................................23
1.10.3 其他万维网信息 .......................................................................................................23
第2 章 URL 与资源 ........................................................................................................................25
2.1 浏览因特网资源 .......................................................................................................................26
2.2 URL 的语法 ..............................................................................................................................28
2.2.1 方案——使用什么协议 ..............................................................................................29
2.2.2 主机与端口 ..................................................................................................................30
2.2.3 用户名和密码 ..............................................................................................................30
2.2.4 路径 ..............................................................................................................................31
2.2.5 参数 ..............................................................................................................................31
2.2.6 查询字符串 ..................................................................................................................32
2.2.7 片段 ..............................................................................................................................33
2.3 URL 快捷方式 ..........................................................................................................................34
2.3.1 相对URL .....................................................................................................................34
2.3.2 自动扩展URL .............................................................................................................37
2.4 各种令人头疼的字符 ...............................................................................................................38
2.4.1 URL 字符集 .................................................................................................................38
2.4.2 编码机制 ......................................................................................................................38
2.4.3 字符限制 ......................................................................................................................39
2.4.4 另外一点说明 ..............................................................................................................40
2.5 方案的世界 ...............................................................................................................................40
2.6 未来展望 ..................................................................................................................................42
2.7 更多信息 ..................................................................................................................................44
第3 章 HTTP 报文 ..........................................................................................................................45
3.1 报文流 ......................................................................................................................................46
3.1.1 报文流入源端服务器 ..................................................................................................46
3.1.2 报文向下游流动 ..........................................................................................................47
3.2 报文的组成部分 .......................................................................................................................47
3.2.1 报文的语法 ..................................................................................................................48
3.2.2 起始行 ..........................................................................................................................50
3.2.3 首部 ..............................................................................................................................53
3.2.4 实体的主体部分 ..........................................................................................................55
3.2.5 版本0.9 的报文 ...........................................................................................................55
3.3 方法 ..........................................................................................................................................56
3.3.1 安全方法 ......................................................................................................................56
3.3.2 GET ...............................................................................................................................56
3.3.3 HEAD ...........................................................................................................................57
3.3.4 PUT ...............................................................................................................................57
3.3.5 POST .............................................................................................................................58
3.3.6 TRACE .........................................................................................................................58
3.3.7 OPTIONS......................................................................................................................60
3.3.8 DELETE .......................................................................................................................60
3.3.9 扩展方法 ......................................................................................................................61
3.4 状态码 ......................................................................................................................................62
3.4.1 100 ~ 199——信息性状态码 ....................................................................................62
3.4.2 200 ~ 299——成功状态码 ........................................................................................63
3.4.3 300 ~ 399——重定向状态码 ....................................................................................64
3.4.4 400 ~ 499——客户端错误状态码 ............................................................................68
3.4.5 500 ~ 599——服务器错误状态码 ............................................................................69
3.5 首部 ..........................................................................................................................................70
3.5.1 通用首部 ......................................................................................................................71
3.5.2 请求首部 ......................................................................................................................72
3.5.3 响应首部 ......................................................................................................................74
3.5.4 实体首部 ......................................................................................................................75
3.6 更多信息 ..................................................................................................................................77
第4 章 连接管理 ..............................................................................................................................79
4.1 TCP 连接..................................................................................................................................80
4.1.1 TCP 的可靠数据管道 ..................................................................................................80
4.1.2 TCP 流是分段的、由IP 分组传送.............................................................................81
4.1.3 保持TCP 连接的正确运行 .........................................................................................82
4.1.4 用TCP 套接字编程 .....................................................................................................84
4.2 对TCP 性能的考虑..................................................................................................................85
4.2.1 HTTP 事务的时延 .......................................................................................................86
4.2.2 性能聚焦区域 ..............................................................................................................87
4.2.3 TCP 连接的握手时延 ..................................................................................................87
4.2.4 延迟确认 ......................................................................................................................88
4.2.5 TCP 慢启动 ..................................................................................................................89
4.2.6 Nagle 算法与TCP_NODELAY ...................................................................................89
4.2.7 TIME_WAIT 累积与端口耗尽 ....................................................................................90
4.3 HTTP 连接的处理 ....................................................................................................................91
4.3.1 常被误解的Connection 首部 .................................................................................91
4.3.2 串行事务处理时延 ......................................................................................................92
4.4 并行连接 ..................................................................................................................................94
4.4.1 并行连接可能会提高页面的加载速度 ......................................................................94
4.4.2 并行连接不一定更快 ..................................................................................................95
4.4.3 并行连接可能让人“感觉”更快一些 ......................................................................95
4.5 持久连接 ..................................................................................................................................96
4.5.1 持久以及并行连接 ......................................................................................................96
4.5.2 HTTP/1.0+ Keep-Alive 连接 .......................................................................................97
4.5.3 keep-Alive 操作 ............................................................................................................98
4.5.4 keep-Alive 选项 ............................................................................................................98
4.5.5 keep-Alive 连接的限制和规则 ....................................................................................99
4.5.6 keep-Alive 和哑代理 ..................................................................................................100
4.5.7 插入Proxy-Connection ......................................................................................102
4.5.8 HTTP/1.1 持久连接 ...................................................................................................104
4.5.9 持久连接的限制和规则 ............................................................................................104
4.6 管道化连接 .............................................................................................................................105
4.7 关闭连接的奥秘 .....................................................................................................................106
4.7.1 “任意”解除连接 ......................................................................................................106
4.7.2 Content-Length 及截尾操作 ...............................................................................107
4.7.3 连接关闭容限、重试以及幂等性 ............................................................................107
4.7.4 正常关闭连接 ............................................................................................................108
4.8 更多信息 ................................................................................................................................110
4.8.1 HTTP 连接 .................................................................................................................110
4.8.2 HTTP 性能问题 .........................................................................................................110
4.8.3 TCP/IP ........................................................................................................................ 111
第二部分 HTTP 结构
第5 章 Web 服务器 ......................................................................................................................115
5.1 各种形状和尺寸的Web 服务器 ............................................................................................116
5.1.1 Web 服务器的实现 ....................................................................................................116
5.1.2 通用软件Web 服务器 ...............................................................................................117
5.1.3 Web 服务器设备 ........................................................................................................117
5.1.4 嵌入式Web 服务器 ...................................................................................................118
5.2 最小的Perl Web 服务器 ........................................................................................................118
5.3 实际的Web 服务器会做些什么 ............................................................................................120
5.4 第一步——接受客户端连接 .................................................................................................121
5.4.1 处理新连接 ................................................................................................................121
5.4.2 客户端主机名识别 ....................................................................................................122
5.4.3 通过ident 确定客户端用户 ......................................................................................122
5.5 第二步——接收请求报文 .....................................................................................................123
5.5.1 报文的内部表示法 ....................................................................................................124
5.5.2 连接的输入/ 输出处理结构 .....................................................................................125
5.6 第三步——处理请求 .............................................................................................................126
5.7 第四步——对资源的映射及访问 .........................................................................................126
5.7.1 docroot ........................................................................................................................127
5.7.2 目录列表 ....................................................................................................................129
5.7.3 动态内容资源的映射 ................................................................................................130
5.7.4 服务器端包含项(SSI) .............................................................................................131
5.7.5 访问控制 ....................................................................................................................131
5.8 第五步——构建响应 .............................................................................................................131
5.8.1 响应实体 ....................................................................................................................131
5.8.2 MIME 类型.................................................................................................................132
5.8.3 重定向 ........................................................................................................................133
5.9 第六步——发送响应 .............................................................................................................134
5.10 第七步——记录日志 ...........................................................................................................134
5.11 更多信息 ...............................................................................................................................134
第6 章 代理 ....................................................................................................................................135
6.1 Web 的中间实体 .....................................................................................................................136
6.1.1 私有和共享代理 ........................................................................................................136
6.1.2 代理与网关的对比 ....................................................................................................137
6.2 为什么使用代理 .....................................................................................................................138
6.3 代理会去往何处 .....................................................................................................................143
6.3.1 代理服务器的部署 ....................................................................................................144
6.3.2 代理的层次结构 ........................................................................................................144
6.3.3 代理是如何获取流量的 ............................................................................................147
6.4 客户端的代理设置 .................................................................................................................148
6.4.1 客户端的代理配置:手工 ........................................................................................149
6.4.2 客户端代理配置:PAC 文件 ....................................................................................149
6.4.3 客户端代理配置:WPAD .........................................................................................150
6.5 与代理请求有关的棘手问题 .................................................................................................151
6.5.1 代理URI 与服务器URI 的不同 ...............................................................................151
6.5.2 与虚拟主机一样的问题 ............................................................................................152
6.5.3 拦截代理会收到部分URI.........................................................................................153
6.5.4 代理既可以处理代理请求,也可以处理服务器请求 ............................................154
6.5.5 转发过程中对URI 的修改........................................................................................154
6.5.6 URI 的客户端自动扩展和主机名解析.....................................................................155
6.5.7 没有代理时URI 的解析............................................................................................155
6.5.8 有显式代理时URI 的解析........................................................................................156
6.5.9 有拦截代理时解析URI.............................................................................................156
6.6 追踪报文 ................................................................................................................................157
6.6.1 Via 首部.....................................................................................................................158
6.6.2 TRACE 方法 ..............................................................................................................162
6.7 代理认证 ................................................................................................................................164
6.8 代理的互操作性 .....................................................................................................................165
6.8.1 处理代理不支持的首部和方法 ................................................................................165
6.8.2 OPTIONS:发现可选特性的支持............................................................................166
6.8.3 Allow 首部 ................................................................................................................167
6.9 更多信息 ................................................................................................................................167
第7 章 缓存 ....................................................................................................................................169
7.1 冗余的数据传输 .....................................................................................................................170
7.2 带宽瓶颈 ................................................................................................................................170
7.3 瞬间拥塞 ................................................................................................................................171
7.4 距离时延 ................................................................................................................................172
7.5 命中和未命中的 .....................................................................................................................173
7.5.1 再验证 ........................................................................................................................173
7.5.2 命中率 ........................................................................................................................175
7.5.3 字节命中率 ................................................................................................................176
7.5.4 区分命中和未命中的情况 ........................................................................................176
7.6 缓存的拓扑结构 .....................................................................................................................177
7.6.1 私有缓存 ....................................................................................................................177
7.6.2 公有代理缓存 ............................................................................................................177
7.6.3 代理缓存的层次结构 ................................................................................................179
7.6.4 网状缓存、内容路由以及对等缓存 ........................................................................180
7.7 缓存的处理步骤 .....................................................................................................................181
7.7.1 第一步——接收 ........................................................................................................181
7.7.2 第二步——解析 ........................................................................................................182
7.7.3 第三步——查找 ........................................................................................................182
7.7.4 第四步——新鲜度检测 ............................................................................................182
7.7.5 第五步——创建响应 ................................................................................................182
7.7.6 第六步——发送 ........................................................................................................183
7.7.7 第七步——日志 ........................................................................................................183
7.7.8 缓存处理流程图 ........................................................................................................183
7.8 保持副本的新鲜 .....................................................................................................................183
7.8.1 文档过期 ....................................................................................................................184
7.8.2 过期日期和年龄 ........................................................................................................185
7.8.3 服务器再验证 ............................................................................................................185
7.8.4 用条件方法进行再验证 ............................................................................................186
7.8.5 If-Modified-Since:Date 再验证 .......................................................................187
7.8.6 If-None-Match实体标签再验证 .......................................................................189
7.8.7 强弱验证器 ................................................................................................................190
7.8.8 什么时候应该使用实体标签和最近修改日期 ........................................................190
7.9 对缓存能力的控制 .................................................................................................................191
7.9.1 no-Store 与no-Cache 响应首部 .........................................................................191
7.9.2 Max-Age 响应首部 ...................................................................................................192
7.9.3 Expires 响应首部 ...................................................................................................192
7.9.4 Must-Revalidate 响应首部 .................................................................................192
7.9.5 试探性过期 ................................................................................................................193
7.9.6 客户端的新鲜度限制 ................................................................................................194
7.9.7 注意事项 ....................................................................................................................194
7.10 设置缓存控制 .......................................................................................................................195
7.10.1 控制Apache 的HTTP 首部 ....................................................................................195
7.10.2 通过HTTP-EQUIV 控制HTML 缓存 ...................................................................196
7.11 详细算法 ...............................................................................................................................197
7.11.1 年龄和新鲜生存期 ...................................................................................................198
7.11.2 使用期的计算 ...........................................................................................................198
7.11.3 完整的使用期计算算法 ...........................................................................................201
7.11.4 新鲜生存期计算 .......................................................................................................202
7.11.5 完整的服务器—新鲜度算法 ...................................................................................202
7.12 缓存和广告 ...........................................................................................................................204
7.12.1 发布广告者的两难处境 ..........................................................................................204
7.12.2 发布者的响应 ..........................................................................................................204
7.12.3 日志迁移 ..................................................................................................................205
7.12.4 命中计数和使用限制 ..............................................................................................205
7.13 更多信息 ...............................................................................................................................205
第8 章 集成点:网关隧道及中继 .............................................................................................207
8.1 网关 ........................................................................................................................................208
8.2 协议网关 ................................................................................................................................210
8.2.1 HTTP/*:服务器端Web 网关 ..................................................................................211
8.2.2 HTTP/HTTPS:服务器端安全网关 .........................................................................212
8.2.3 HTTPS/HTTP 客户端安全加速器网关 ....................................................................212
8.3 资源网关 ................................................................................................................................213
8.3.1 通用网关接口(CGI) ................................................................................................215
8.3.2 服务器扩展API .........................................................................................................215
8.4 应用程序接口和Web 服务 ....................................................................................................216
8.5 隧道 ........................................................................................................................................217
8.5.1 用CONNECT 建立HTTP 隧道................................................................................217
8.5.2 数据隧道、定时及连接管理 ....................................................................................219
8.5.3 SSL 隧道.....................................................................................................................219
8.5.4 SSL 隧道与HTTP/HTTPS 网关的对比 ...................................................................220
8.5.5 隧道认证 ....................................................................................................................221
8.5.6 隧道的安全性考虑 ....................................................................................................221
8.6 中继 ........................................................................................................................................222
8.7 更多信息 ................................................................................................................................224
第9 章 Web 机器人 ......................................................................................................................225
9.1 爬虫及爬行方式 .....................................................................................................................226
9.1.1 从哪儿开始:根集 ....................................................................................................226
9.1.2 链接的提取以及相对链接的标准化 ........................................................................227
9.1.3 避免环路的出现 ........................................................................................................228
9.1.4 循环与复制 ................................................................................................................228
9.1.5 面包屑留下的痕迹 ....................................................................................................229
9.1.6 别名与机器人环路 ....................................................................................................230
9.1.7 规范化URL ...............................................................................................................230
9.1.8 文件系统连接环路 ....................................................................................................231
9.1.9 动态虚拟Web 空间 ...................................................................................................232
9.1.10 避免循环和重复 ......................................................................................................233
9.2 机器人的HTTP ......................................................................................................................236
9.2.1 识别请求首部 ............................................................................................................236
9.2.2 虚拟主机 ....................................................................................................................236
9.2.3 条件请求 ....................................................................................................................237
9.2.4 对响应的处理 ............................................................................................................238
9.2.5 User-Agent 目标 ....................................................................................................239
9.3 行为不当的机器人 .................................................................................................................239
9.4 拒绝机器人访问 .....................................................................................................................240
9.4.1 拒绝机器人访问标准 ................................................................................................241
9.4.2 Web 站点和robots.txt 文件 .......................................................................................242
9.4.3 robots.txt 文件的格式 ................................................................................................243
9.4.4 其他有关robots.txt 的知识 .......................................................................................246
9.4.5 缓存和robots.txt 的过期 ...........................................................................................246
9.4.6 拒绝机器人访问的Perl 代码 ....................................................................................247
9.4.7 HTML 的robot-control 元标签 ........................................................................249
9.5 机器人的规范 .........................................................................................................................251
9.6 搜索引擎 ................................................................................................................................254
9.6.1 大格局 ........................................................................................................................255
9.6.2 现代搜索引擎结构 ....................................................................................................255
9.6.3 全文索引 ....................................................................................................................255
9.6.4 发布查询请求 ............................................................................................................257
9.6.5 对结果进行排序,并提供查询结果 ........................................................................258
9.6.6 欺诈 ............................................................................................................................258
9.7 更多信息 ................................................................................................................................258
第10 章 HTTP-NG .......................................................................................................................261
10.1 HTTP 发展中存在的问题 ....................................................................................................262
10.2 HTTP-NG 的活动 .................................................................................................................263
10.3 模块化及功能增强 ...............................................................................................................263
10.4 分布式对象 ...........................................................................................................................264
10.5 第一层——报文传输 ...........................................................................................................264
10.6 第二层——远程调用 ...........................................................................................................265
10.7 第三层——Web 应用 ...........................................................................................................265
10.8 WebMUX ..............................................................................................................................265
10.9 二进制连接协议 ...................................................................................................................266
10.10 当前的状态 .........................................................................................................................267
10.11 更多信息 .............................................................................................................................267
第三部分 识别、认证与安全
第11 章 客户端识别与cookie 机制 ........................................................................................271
11.1 个性化接触 ...........................................................................................................................272
11.2 HTTP 首部 ............................................................................................................................273
11.3 客户端IP 地址 .....................................................................................................................274
11.4 用户登录 ...............................................................................................................................275
11.5 胖URL .................................................................................................................................277
11.6 cookie ...................................................................................................................................278
11.6.1 cookie 的类型 .........................................................................................................278
11.6.2 cookie 是如何工作的 .............................................................................................279
11.6.3 cookie 罐:客户端的状态 .....................................................................................280
11.6.4 不同站点使用不同的cookie .................................................................................282
11.6.5 cookie 成分 .............................................................................................................283
11.6.6 cookies 版本0(Netscape) ....................................................................................284
11.6.7 cookies 版本1(RFC 2965) ..................................................................................285
11.6.8 cookie 与会话跟踪 .................................................................................................288
11.6.9 cookie 与缓存 .........................................................................................................290
11.6.10 cookie、安全性和隐私 ........................................................................................291
11.7 更多信息 ...............................................................................................................................292
第12 章 基本认证机制 ................................................................................................................293
12.1 认证 ......................................................................................................................................294
12.1.1 HTTP 的质询/ 响应认证框架 ...............................................................................294
12.1.2 认证协议与首部 .....................................................................................................295
12.1.3 安全域 .....................................................................................................................296
12.2 基本认证 ...............................................................................................................................297
12.2.1 基本认证实例 .........................................................................................................298
12.2.2 Base-64 用户名/ 密码编码 ....................................................................................298
12.2.3 代理认证 .................................................................................................................299
12.3 基本认证的安全缺陷 ...........................................................................................................300
12.4 更多信息 ...............................................................................................................................301
第13 章 摘要认证 .........................................................................................................................303
13.1 摘要认证的改进 ...................................................................................................................304
13.1.1 用摘要保护密码的 .................................................................................................304
13.1.2 单向摘要 .................................................................................................................306
13.1.3 用随机数防止重放攻击 .........................................................................................307
13.1.4 摘要认证的握手机制 .............................................................................................307
13.2 摘要的计算 ...........................................................................................................................308
13.2.1 摘要算法的输入数据 .............................................................................................308
13.2.2 算法H(d) 和KD(s,d) .............................................................................................310
13.2.3 与安全性相关的数据(A1) ..................................................................................310
13.2.4 与报文有关的数据(A2) ......................................................................................310
13.2.5 摘要算法总述 ....................................................................................................................311
13.2.6 摘要认证会话 .........................................................................................................312
13.2.7 预授权 .....................................................................................................................312
13.2.8 随机数的选择 .........................................................................................................315
13.2.9 对称认证 .................................................................................................................315
13.3 增强保护质量 .......................................................................................................................316
13.3.1 报文完整性保护 .....................................................................................................316
13.3.2 摘要认证首部 .........................................................................................................317
13.4 应该考虑的实际问题 ...........................................................................................................317
13.4.1 多重质询 .................................................................................................................318
13.4.2 差错处理 .................................................................................................................318
13.4.3 保护空间 .................................................................................................................318
13.4.4 重写URI .................................................................................................................319
13.4.5 缓存 .........................................................................................................................319
13.5 安全性考虑 ...........................................................................................................................320
13.5.1 首部篡改 .................................................................................................................320
13.5.2 重放攻击 .................................................................................................................320
13.5.3 多重认证机制 .........................................................................................................320
13.5.4 词典攻击 .................................................................................................................321
13.5.5 恶意代理攻击和中间人攻击 .................................................................................321
13.5.6 选择明文攻击 .........................................................................................................321
13.5.7 存储密码 .................................................................................................................322
13.6 更多信息 ...............................................................................................................................322
第14 章 安全HTTP .....................................................................................................................323
14.1 保护HTTP 的安全 ...............................................................................................................324
14.2 数字加密 ...............................................................................................................................326
14.2.1 密码编制的机制与技巧 .........................................................................................326
14.2.2 密码 .........................................................................................................................327
14.2.3 密码机 .....................................................................................................................328
14.2.4 使用了密钥的密码 .................................................................................................328
14.2.5 数字密码 .................................................................................................................328
14.3 对称密钥加密技术 ...............................................................................................................330
14.3.1 密钥长度与枚举攻击 .............................................................................................330
14.3.2 建立共享密钥 .........................................................................................................332
14.4 公开密钥加密技术 ...............................................................................................................332
14.4.1 RSA .........................................................................................................................333
14.4.2 混合加密系统和会话密钥 .....................................................................................334
14.5 数字签名 ...............................................................................................................................334
14.6 数字证书 ...............................................................................................................................336
14.6.1 证书的主要内容 .....................................................................................................336
14.6.2 X.509 v3 证书 .........................................................................................................337
14.6.3 用证书对服务器进行认证 .....................................................................................338
14.7 HTTPS——细节介绍 ...........................................................................................................339
14.7.1 HTTPS 概述 ............................................................................................................339
14.7.2 HTTPS 方案 ............................................................................................................340
14.7.3 建立安全传输 .........................................................................................................341
14.7.4 SSL 握手 .................................................................................................................341
14.7.5 服务器证书 .............................................................................................................343
14.7.6 站点证书的有效性 .................................................................................................344
14.7.7 虚拟主机与证书 .....................................................................................................345
14.8 HTTPS 客户端实例 ..............................................................................................................345
14.8.1 OpenSSL .................................................................................................................346
14.8.2 简单的HTTPS 客户端 ...........................................................................................347
14.8.3 执行OpenSSL 客户端 ...........................................................................................350
14.9 通过代理以隧道形式传输安全流量 ...................................................................................351
14.10 更多信息 .............................................................................................................................353
14.10.1 HTTP 安全性 ........................................................................................................353
14.10.2 SSL 与TLS ...........................................................................................................353
14.10.3 公开密钥基础设施 ...............................................................................................354
14.10.4 数字密码 ...............................................................................................................354
第四部分 实体、编码和国际化
第15 章 实体和编码 .....................................................................................................................357
15.1 报文是箱子,实体是货物 ...................................................................................................359
15.1.1 实体主体 .................................................................................................................360
15.2 Content-Length: 实体的大小 ......................................................................................361
15.2.1 检测截尾 .................................................................................................................361
15.2.2 错误的Content-Length ....................................................................................362
15.2.3 Content-Length 与持久连接 ............................................................................362
15.2.4 内容编码 .................................................................................................................362
15.2.5 确定实体主体长度的规则 .....................................................................................362
15.3 实体摘要 ...............................................................................................................................364
15.4 媒体类型和字符集 ...............................................................................................................364
15.4.1 文本的字符编码 .....................................................................................................365
15.4.2 多部分媒体类型 .....................................................................................................365
15.4.3 多部分表格提交 .....................................................................................................366
15.4.4 多部分范围响应 .....................................................................................................367
15.5 内容编码 ...............................................................................................................................368
15.5.1 内容编码过程 .........................................................................................................368
15.5.2 内容编码类型 .........................................................................................................369
15.5.3 Accept-Encoding 首部 .....................................................................................369
15.6 传输编码和分块编码 ...........................................................................................................371
15.6.1 可靠传输 .................................................................................................................371
15.6.2 Transfer-Encoding 首部 .................................................................................372
15.6.3 分块编码 .................................................................................................................373
15.6.4 内容编码与传输编码的结合 .................................................................................375
15.6.5 传输编码的规则 .....................................................................................................375
15.7 随时间变化的实例 ...............................................................................................................375
15.8 验证码和新鲜度 ...................................................................................................................376
15.8.1 新鲜度 .....................................................................................................................377
15.8.2 有条件的请求与验证码 .........................................................................................378
15.9 范围请求 ...............................................................................................................................380
15.10 差异编码 .............................................................................................................................382
15.11 更多信息 .............................................................................................................................385
第16 章 国际化 ..............................................................................................................................387
16.1 HTTP 对国际性内容的支持 ................................................................................................388
16.2 字符集与HTTP ....................................................................................................................389
16.2.1 字符集是把字符转换为二进制码的编码 .............................................................389
16.2.2 字符集和编码如何工作 .........................................................................................390
16.2.3 字符集不对,字符就不对 .....................................................................................391
16.2.4 标准化的MIME charset 值 ....................................................................................391
16.2.5 Content-Type 首部和Charset 首部以及META 标志 .................................393
16.2.6 Accept-Charset 首部 ........................................................................................393
16.3 多语言字符编码入门 ...........................................................................................................394
16.3.1 字符集术语 .............................................................................................................394
16.3.2 字符集的命名很糟糕 .............................................................................................395
16.3.3 字符 .........................................................................................................................396
16.3.4 字形、连笔以及表示形式 .....................................................................................396
16.3.5 编码后的字符集 .....................................................................................................397
16.3.6 字符编码方案 .........................................................................................................399
16.4 语言标记与HTTP ................................................................................................................402
16.4.1 Content-Language 首部 ...................................................................................402
16.4.2 Accept-Language 首部 .....................................................................................403
16.4.3 语言标记的类型 .....................................................................................................404
16.4.4 子标记 .....................................................................................................................404
16.4.5 大小写 .....................................................................................................................405
16.4.6 IANA 语言标记注册 ..............................................................................................405
16.4.7 第一个子标记——名字空间 .................................................................................405
16.4.8 第二个子标记——名字空间 .................................................................................406
16.4.9 其余子标记——名字空间 .....................................................................................407
16.4.10 配置和语言有关的首选项 ...................................................................................407
16.4.11 语言标记参考表 ...................................................................................................407
16.5 国际化的URI .......................................................................................................................408
16.5.1 全球性的可转抄能力与有意义的字符的较量 .....................................................408
16.5.2 URI 字符集合 .........................................................................................................408
16.5.3 转义和反转义 .........................................................................................................409
16.5.4 转义国际化字符 .....................................................................................................409
16.5.5 URI 中的模态切换 .................................................................................................410
16.6 其他需要考虑的地方 ...........................................................................................................410
16.6.1 首部和不合规范的数据 .........................................................................................410
16.6.2 日期 .........................................................................................................................411
16.6.3 域名 .........................................................................................................................411
16.7 更多信息 ...............................................................................................................................411
16.7.1 附录 .........................................................................................................................411
16.7.2 互联网的国际化 .....................................................................................................411
16.7.3 国际标准 .................................................................................................................412
第17 章 内容协商与转码 ............................................................................................................413
17.1 内容协商技术 .......................................................................................................................414
17.2 客户端驱动的协商 ...............................................................................................................415
17.3 服务器驱动的协商 ...............................................................................................................415
17.3.1 内容协商首部集 .....................................................................................................416
17.3.2 内容协商首部中的质量值 .....................................................................................417
17.3.3 随其他首部集而变化 .............................................................................................417
17.3.4 Apache 中的内容协商 ............................................................................................417
17.3.5 服务器端扩展 .........................................................................................................418
17.4 透明协商 ...............................................................................................................................419
17.4.1 进行缓存与备用候选 .............................................................................................419
17.4.2 Vary 首部 ...............................................................................................................420
17.5 转码 ......................................................................................................................................422
17.5.1 格式转换 .................................................................................................................422
17.5.2 信息综合 .................................................................................................................423
17.5.3 内容注入 .................................................................................................................423
17.5.4 对比转码与静态预生成 .........................................................................................423
17.6 下一步计划 ...........................................................................................................................424
17.7 更多信息 ...............................................................................................................................424
第五部分 内容发布与分发
第18 章 Web 主机托管 ...............................................................................................................429
18.1 主机托管服务 .......................................................................................................................430
18.2 虚拟主机托管 .......................................................................................................................431
18.2.1 虚拟服务器请求缺乏主机信息 .............................................................................432
18.2.2 设法让虚拟主机托管正常工作 .............................................................................433
18.2.3 HTTP/1.1 的Host 首部 ..........................................................................................437
18.3 使网站更可靠 .......................................................................................................................438
18.3.1 镜像的服务器集群 .................................................................................................438
18.3.2 内容分发网络 .........................................................................................................440
18.3.3 CDN 中的反向代理缓存 .......................................................................................440
18.3.4 CDN 中的代理缓存 ...............................................................................................440
18.4 让网站更快 ...........................................................................................................................441
18.5 更多信息 ...............................................................................................................................441
第19 章 发布系统 .........................................................................................................................443
19.1 FrontPage 为支持发布而做的服务器扩展 .........................................................................444
19.1.1 FrontPage 服务器扩展 ...........................................................................................444
19.1.2 FrontPage 术语表 ...................................................................................................445
19.1.3 FrontPage 的RPC 协议 ..........................................................................................445
19.1.4 FrontPage 的安全模型 ...........................................................................................448
19.2 WebDAV 与协作写作 ..........................................................................................................449
19.2.1 WebDAV 的方法.....................................................................................................449
19.2.2 WebDAV 与XML ...................................................................................................450
19.2.3 WebDAV 首部集.....................................................................................................451
19.2.4 WebDAV 的锁定与防止覆写.................................................................................452
19.2.5 LOCK 方法 ...............................................................................................................453
19.2.6 UNLOCK 方法 ..........................................................................................................456
19.2.7 属性和元数据 .........................................................................................................456
19.2.8 PROPFIND 方法 .....................................................................................................457
19.2.9 PROPPATCH 方法 ...................................................................................................459
19.2.10 集合与名字空间管理 ...........................................................................................460
19.2.11 MKCOL 方法...........................................................................................................460
19.2.12 DELETE 方法 ........................................................................................................461
19.2.13 COPY 与MOVE 方法 .............................................................................................462
19.2.14 增强的HTTP/1.1 方法 .........................................................................................465
19.2.15 WebDAV 中的版本管理.......................................................................................466
19.2.16 WebDAV 的未来发展...........................................................................................466
19.3 更多信息 ...............................................................................................................................467
第20 章 重定向与负载均衡 .......................................................................................................469
20.1 为什么要重定向 ...................................................................................................................470
20.2 重定向到何地 .......................................................................................................................471
20.3 重定向协议概览 ...................................................................................................................471
20.4 通用的重定向方法 ...............................................................................................................474
20.4.1 HTTP 重定向 ..........................................................................................................474
20.4.2 DNS 重定向 ............................................................................................................475
20.4.3 任播寻址 .................................................................................................................480
20.4.4 IP MAC 转发 ..........................................................................................................481
20.4.5 IP 地址转发 ............................................................................................................482
20.4.6 网元控制协议 .........................................................................................................484
20.5 代理的重定向方法 ...............................................................................................................485
20.5.1 显式浏览器配置 .....................................................................................................485
20.5.2 代理自动配置 .........................................................................................................485
20.5.3 Web 代理自动发现协议 .........................................................................................487
20.6 缓存重定向方法 ...................................................................................................................492
20.7 因特网缓存协议 ...................................................................................................................496
20.8 缓存阵列路由协议 ...............................................................................................................497
20.9 超文本缓存协议 ...................................................................................................................500
20.9.1 HTCP 认证 ..............................................................................................................502
20.9.2 设置缓存策略 .........................................................................................................503
20.10 更多信息 .............................................................................................................................504
第21 章 日志记录与使用情况跟踪 ..........................................................................................505
21.1 记录的内容 ...........................................................................................................................506
21.2 日志格式 ...............................................................................................................................507
21.2.1 常见日志格式 .........................................................................................................507
21.2.2 组合日志格式 .........................................................................................................508
21.2.3 Netscape 的扩展日志格式 .....................................................................................509
21.2.4 Netscape 扩展2 日志格式 .....................................................................................510
21.2.5 Squid 代理日志格式 ...............................................................................................512
21.3 命中率测量 ...........................................................................................................................515
21.3.1 概述 .........................................................................................................................515
21.3.2 Meter 首部 ..............................................................................................................516
21.4 关于隐私的考虑 ...................................................................................................................517
21.5 更多信息 ...............................................................................................................................518
第六部分 附 录
附录A URI 方案 ............................................................................................................................521
附录B HTTP 状态码 ....................................................................................................................529
附录C HTTP 首部参考 ...............................................................................................................533
附录D MIME 类型 ........................................................................................................................557
附录E Base-64 编码 ....................................................................................................................603
附录F 摘要认证 .............................................................................................................................607
附录G 语言标记 ............................................................................................................................615
附录H MIME 字符集注册表.......................................................................................................641
索引 ......................................................................................................................................................661