开发者

Standard for adding multiple values of a single HTTP Header to a request or response

开发者 https://www.devze.com 2023-01-04 04:39 出处:网络
If I want to add a list of values as an HTTP Header, is there a standard way to do t开发者_JS百科his?I couldn\'t find anything (that I could easily understand) in RFC 822.For example, is

If I want to add a list of values as an HTTP Header, is there a standard way to do t开发者_JS百科his? I couldn't find anything (that I could easily understand) in RFC 822. For example, is comma separated values standard or semi-colon separated values. Is there a standard at all?

Example:

Key: value1;value2;value3


You'll want to take a look at the HTTP spec RFC 2616 where it says:

Multiple message-header fields with the same field-name MAY be present in a message if and only if the entire field-value for that header field is defined as a comma-separated list [i.e., #(values)]. It MUST be possible to combine the multiple header fields into one "field-name: field-value" pair, without changing the semantics of the message, by appending each subsequent field-value to the first, each separated by a comma. The order in which header fields with the same field-name are received is therefore significant to the interpretation of the combined field value, and thus a proxy MUST NOT change the order of these field values when a message is forwarded.

What this means is that you can send the same header multiple times in a response with different values, as long as those values can be appended to each other using a comma. This also means that you can send multiple values in a single header by concatenating them with commas.

So in your case it will be:

Key: value1,value2,value3


by all means @marc-novakowski you narrowing the "problem" :)

normally (per HTTP spec) we delimit each value from the other using a comma ','

but we will examine a simple case:

Cookie-set: language=pl; expires=Sat, 15-Jul-2017 23:58:22 GMT; path=/; domain=x.com   
Cookie-set: id=123 expires=Sat, 15-Jul-2017 23:58:22 GMT; path=/; domain=x.com; httponly   

how do you join such headers when the values one from another are delimited with commas - case when coma can appear ???

then the "client" responsibility is to choose and decide the strategy eg drop, merg (if merg how)?

pleas take look at Mozilla implementation of nsHttpHeaderArray

https://github.com/bnoordhuis/mozilla-central/blob/master/netwerk/protocol/http/nsHttpHeaderArray.h#L185

mozilla choose to use a newline delimiter '\n' in this case (for certain header fields names)

I encourage when you face a such situation to search in common existing solutions - as they providing familiar scheme

flags explanations:

Cookies are no part of the HTTP standard. Cookies are defined in an own RFC, 6265 (formally 2965 and 2109). Even the HTTP 2 RFC only mentions cookies but does not define them as part of the standard. – @mecki Aug 25 at 18:56

please look one more time for sentence:

per HTTP spec we delimit each value from other using a comma ',' - there is no word cookie here :)

maybe we need to precise we talk here about HEADER FIELD(s - when repeating them) "Cookie-set" is a header field and it has value .. those value we consider to be a "COOKIE/S" - thus client/server implementation should handle such "COOKIE/S"

SEE VALUES OR NAME PAIRS :) IN HTTP 1/1 SPEC

https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.2


However not all values with the same field name may be combined into field values list. For example, in RFC 7230 we may read

Note: In practice, the "Set-Cookie" header field ([RFC6265]) often appears multiple times in a response message and does not use the list syntax, violating the above requirements on multiple header fields with the same name. Since it cannot be combined into a single field-value, recipients ought to handle "Set-Cookie" as a special case while processing header fields. (See Appendix A.2.3 of [Kri2001] for details.)

0

精彩评论

暂无评论...
验证码 换一张
取 消