Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
あたらしいHTTPの話をしよう
Search
Ippei Ogiwara
July 03, 2014
Technology
6
6.2k
あたらしいHTTPの話をしよう
あたらしいHTTP/1.1、RFC7230-7239のざっくりしたまとめ
http://blog.hmm.jp/entry/new-http1.1-rfcs
Ippei Ogiwara
July 03, 2014
Tweet
Share
More Decks by Ippei Ogiwara
See All by Ippei Ogiwara
AWS re:Inforce 2019 re:Cap
iogi
3
4.2k
Other Decks in Technology
See All in Technology
JTCや セキュリティチェックリストが夢の跡
nikinusu
1
660
QAに対する超個人的な解釈 / Personal Take on QA
toma_sm
1
120
プログラム検証入門
riru
6
880
watsonx.ai Dojo 環境準備について
oniak3ibm
PRO
0
300
『GRANBLUE FANTASY: Relink』最高の「没入感」を実現するカットシーン制作手法とそれを支える技術
cygames
1
140
Technical Writing Meetup vol.35
soracom
PRO
2
120
Privacy Sandbox on Android / DroidKaigi 2024
7pairs
1
270
アプリをリリースできる状態に保ったまま 段階的にリファクタリングするための 戦略と戦術 / Strategies and tactics for incremental refactoring
yanzm
6
1.4k
内製化を目指す事業会社が、システム開発会社と共に進める「開発生産性改善」の取り組み事例 #devsumi
yuwji
0
100
「認証認可」という体験をデザインする ~Nekko Cloud認証認可基盤計画
logica0419
2
450
Next.js のページ遷移を全力で止める
ypresto
7
3.3k
不動産 x AIことはじめ~データの真価を拓くために
estie
0
110
Featured
See All Featured
Large-scale JavaScript Application Architecture
addyosmani
508
110k
Pencils Down: Stop Designing & Start Developing
hursman
119
11k
Infographics Made Easy
chrislema
239
18k
Art, The Web, and Tiny UX
lynnandtonic
294
20k
Unsuck your backbone
ammeep
667
57k
VelocityConf: Rendering Performance Case Studies
addyosmani
322
23k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
0
120
Building Adaptive Systems
keathley
36
2.1k
GraphQLとの向き合い方2022年版
quramy
43
13k
How STYLIGHT went responsive
nonsquared
93
5.1k
Robots, Beer and Maslow
schacon
PRO
157
8.2k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
38
9.2k
Transcript
৽͍͠)551ͷΛ͠Α͏ 3 Jul, 2014 @iogi
)551 )ZQFSUFYU5SBOTGFS1SPUPDPMWFSTJPO ESBGUJFUGIUUQCJTIUUQ
͡Όͳͯ͘
৽͍͠)551
IUUQTXXXNOPUOFUCMPHSGD@JT@EFBE
3'$ w 3'$)ZQFSUFYU5SBOTGFS1SPUPDPM)551 w ݄ʹϦϦʔε͞Εͨɻલ
*&5')551CJT8( w )551ͷඪ४ԽΛߦ͍ͬͯΔϫʔΩϯάάϧʔϓ w ฒߦͯ͠)551ͷվగߦ͍ͬͯΔ
3'$JTEFBE w 3'$PCTPMFUF ഇࢭ ʹϚʔΫ͞Εɺஔ͖ΘΔ 3'$ͷͭͷ3'$͕ެ։
3'$ w 3'$.FTTBHF4ZOUBYBOE3PVUJOHMPXMFWFMNFTTBHF QBSTJOHBOEDPOOFDUJPONBOBHFNFOU w 3'$4FNBOUJDTBOE$POUFOUNFUIPET TUBUVTDPEFT BOEIFBEFST w 3'$$POEJUJPOBM3FRVFTUTFH
*G.PEJpFE4JODF w 3'$3BOHF3FRVFTUTHFUUJOHQBSUJBMDPOUFOU w 3'$$BDIJOHCSPXTFSBOEJOUFSNFEJBSZDBDIFT w 3'$"VUIFOUJDBUJPOBGSBNFXPSLGPS)551 BVUIFOUJDBUJPO
3'$ w 3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w 3'$.FUIPE3FHJTUSBUJPOT w 3'$UIFTUBUVTDPEF w 3'$'PSXBSEFE)551FYUFOTJPO
Կ͕มΘͬͨͷ w ηΩϡϦςΟ্ͱͳ͍ͬͯͨ෦ͷमਖ਼ w 3'$Ͱແ͍ͷͷσϑΝΫτελϯμʔυͱͳ͍ͬͯͨ ͷΛఆٛ w ֤3'$ ͷʹɺ3'$͔Βͷมߋ͕ॻ
͔Ε͍ͯΔͷͰ֬ೝ
3'$.FTTBHF4ZOUBYSPVUJOH ओʹSFpOFNFOU w )551ͷ)551͕େจࣈʹݶఆɺόʔδϣϯࣈ͕ͦΕͧ Εܻʹݶఆ ࣮͕ଟܻΛαϙʔτͰ͖ͯͳ͍͔Β w ϔομͷෆਖ਼ͳXIJUFTQBDFෳߦϔομΛഇࢭ w CPEZͷMFOHUIͷܭࢉํ๏ΛಛघέʔεؚΊ໌֬Խ
w $IVOL-FOHUIDIVODLIFBEFSͱUSBJMFSΛؚΊͳ͍Α͏ʹ w $POOFDUJPODMPTFͷૹ৴࣌ͷಈ࡞Λ໌֬Խ
3'$4FNBOUJDTBOE$POUFOU w EFGBVMUDIBSTFU *40 ͷഇࢭ w 3FGFSFS w 4BNF0SJHJOͰϦϑΝϥΛૹΔ͖ w
BCPVUCMBOL͕ՃɻϦϑΝϥΛམͱ͍ͯ͠ΔͷͰແ͘ɺ ໌ࣔతʹଘࡏ͠ͳ͍͜ͱΛએݴ͢Δ w Ұ؏ੑͷͨΊ(&5ϦΫΤετ͕CPEZΛ࣋ͭ͜ͱΛڐՄ w εςʔλεͷΩϟογϡΛڐՄ w $POUFOU.%ϔομͷআ
$POUFOU.%ͷഇࢭ w 5IF$POUFOU.%IFBEFSpFMEIBTCFFOSFNPWFECFDBVTFJU XBTJODPOTJTUFOUMZJNQMFNFOUFEXJUISFTQFDUUPQBSUJBM SFTQPOTFT w 41VU0CKFDU࣌ʹɺQBZMPBEͷݕূʹ͏͜ͱ͕Ͱ͖Δ 0QUJPOBM w
IUUQEPDTBXTBNB[PODPN"NB[PO4MBUFTU"1* 3&450CKFDU165IUNM
3'$<>ओʹSFpOFNFOU w 3'$$POEJUJPOBM3FRVFTUT w *G.PEJpFE4JODFͷ͖݅ϦΫΤετͷఆٛ w 3'$3BOHF3FRVFTUT w 3BOHF3FRVFTUͷఆٛ w
3'$$BDIJOH w $POUFOU$BDIFͷఆٛ w 3'$"VUIFOUJDBUJPO w ΈΜͳେ͖#BTJD%JHFTUೝূͳͲͷτϐοΫ
3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w ೝূͷछྨΛఆ͍ٛͯ͠Δ͚ͩ ! +----------------+------------+-------------------------------------+! | Authentication | Reference |
Notes |! | Scheme Name | | |! +----------------+------------+-------------------------------------+! | Basic | [RFC2617], | |! | | Section 2 | |! | Bearer | [RFC6750] | |! | Digest | [RFC2617], | |! | | Section 3 | |! | Negotiate | [RFC4559], | This authentication scheme violates |! | | Section 3 | both HTTP semantics (being |! | | | connection-oriented) and syntax |! | | | (use of syntax incompatible with |! | | | the WWW-Authenticate and |! | | | Authorization header field syntax). |! | OAuth | [RFC5849], | |! | | Section | |! | | 3.5.1 | |! +----------------+------------+-------------------------------------+!
3'$*OJUJBM)551.FUIPE3FHJTUSBUJPOT w ͪ͜Β)551ͷϝιουͷՃఆٛͱ͍͏໊͔લͷ༧ w ओʹ8FC%BWͷϝιου
3'$4UBUVT$PEF 1FSNBOFOU3FEJSFDU w ৽͍͠ϦμΠϨΫτεςʔλε w ӬଓతͳϦμΠϨΫτ࣌ʹ1045ͷ༰ΛϦμΠϨΫτઌʹ ૹ৴ ! !
! ! w ඇରԠͷϒϥβ͕Ͳ͏ղऍ͢Δ͔ɺ·ͨඇରԠͷϒϥβ ΛαʔόଆͰஅͰ͖Δͷ͔ɺΉ͍ͣͱ͜Ζ Ӭଓత Ұ࣌త POST͔ΒGETͷϝιουมߋΛڐՄ 301 302 POST͔ΒGETͷมߋΛڐՄ͠ͳ͍ 308 307
YSFEJSFDUSFTQPOTFT w .PWFE1FSNBOFOUMZ߃ٱతͳϦμΠϨΫτ w 'PVOEݩʑ.PWFE5FNQPSBSJMZ͕ͩͬͨɺܝࣔ൘8JLJͳͲ ͰߘޙʹϒϥβΛଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹ͜ͷίʔυ͕ ༻͞ΕΔΑ͏ʹͳͬͨͨΊɺ'PVOEʹͳΓɺ৽ͨʹ ͕࡞͞Εͨɻ w
4FF0UIFSଞΛࢀরͤΑɻϦΫΤετͨ͠Ϧιʔε͔֬ʹͦ ͷ63-ʹ͋Δ͕ɺଞͷϦιʔεΛͬͯϨεϙϯεͱ͢ΔΑ͏ͳ ߹ʹ༻͢Δɻ ܝࣔ൘ͷߘޙʹଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹΘ ΕΔ͖ίʔυͱͯ͠ಋೖ͞Εͨɻ w 5FNQPSBSZ3FEJSFDUҰ࣌తͳϦμΠϨΫτɻͷຊདྷͷ༻ ๏ΛվΊͯఆٛͨ͠ͷɻ
3'$'PSXBSEFE)551&YUFOTJPO w 'PSXBSEFEϔομͷඪ४Խ w 9'PXBSEFE'PS 9'PSXBSEFE1SPUPͷϔομɺ9͕͍ ͍ͯΔͱ͓Γɺ3'$ඪ४ϔομͰͳ͍͕ɺσϑΝΫτελ ϯμʔυͱͳ͍ͬͯΔ w ݩʑ4RVJE͕ಋೖͨ͠
8JLJQFEJB w ඇඪ४Ώ͑ʹɺରԠঢ়گ͕·ͪ·ͪɺ'PSʹෳྻڍ͞Εͯ ͍Δͱࣦഊ͢ΔɺηΩϡϦςΟ্ͷݒ೦ͳͲ͍Ζ͍Ζ͋ͬͨ
'PSXBSEFEϔομ w lCZϦΫΤετΛड͚ͨϓϩΩγͷ$VTUPNFS'BDJOHଆͷ ࣝผࢠ w GPSϦΫΤετݩ 9''ͱಉ͡ w lIPTUzϓϩΩγ͕ड͚ͨ)PTUϔομ
w lQSPUPϓϩΩγ͕ड͚ͨϓϩτίϧ ! ! ! Forwarded: for="_gazonk"! Forwarded: For="[2001:db8:cafe::17]:4711"! Forwarded: for=192.0.2.60;proto=http;by=203.0.113.43! Forwarded: for=192.0.2.43, for=198.51.100.17
BEEJUJPOBMJEFOUJpFST w zVOLOPXOzࣝผࢠ w ୭͔Β͔Βͳ͍͚Ͳసૹͨ͠ͱ͍͏͜ͱΛ໌͍ࣔͨ͠ ͱ͖ʹ*1ɺϗετ໊ͷΘΓʹ͏ w 0CGVTDBUFE*EFOUJpFS ΅͔ͨࣝ͠ผࢠ
w ෦*1ΞυϨεΛൿີʹ͍͚ͨ͠Ͳɺσόοά༻్ʹ 'PSXBSEFEϔομΛग़ྗ͍ͨ͠ͱ͖ʹ@ VOEFSTDPSF ͔Β ࢝·ΔJEFOUJpFSΛ͑Δ Forwarded: for=_hidden, for=_SEVKISEK
9'PSXBSEFE͔ΒͷҠߦ w "QBDIFαʔόଆ͕ରԠ͞ΕͨΒฒߦͯ͠1SPYZଆͰରԠ ͞Ε͍ͯ͘ͷͰ w 9'PXBSEFEͷϔομͱڞଘͰ͖ΔͷͰɺ྆ํग़ྗͯ͠͠ ·͏ͷ͋Γ w બͰ͖ΔΑ͏ʹ͢Δ
·ͱΊ w ࠓ·Ͱࣄ࣮ඪ४ͱͳ͍ͬͯͨͷ͕ɺඪ४Խ͞ΕΔ w ͚Ͳɺόʔδϣϯಉ͡)551 ۠ผͰ͖ͳ͍ w ΫϥΠΞϯτଆɺαʔόଆͰରԠ༗ແɺϑΥʔϧόοΫ ͰҰ෦ࠞཚ͢Δ͜ͱ͕͋Δ͔͠Εͳ͍
w ਖ਼͍͠ಓΛఆ͍ٛͯ͠ΔͷΑ͍