学习后HTTP/1.1 standard ,特别是第 31 页及相关内容,我得出结论,任何 8 位八位字节都可以出现在 HTTP header 值中。 IE。代码在 [0,255] 范围内的任何字符。
然而,我尝试过的 HTTP 服务器拒绝接受代码 > 127(或大多数 US-ASCII 不可打印字符)的任何内容。
这是标准中使用的语法摘录:
message-header = field-name ":" [ field-value ]
field-name = token
field-value = *( field-content | LWS )
field-content = <the OCTETs making up the field-value and consisting of
either *TEXT or combinations of token, separators, and
quoted-string>
CR = <US-ASCII CR, carriage return (13)>
LF = <US-ASCII LF, linefeed (10)>
SP = <US-ASCII SP, space (32)>
HT = <US-ASCII HT, horizontal-tab (9)>
CRLF = CR LF
LWS = [CRLF] 1*( SP | HT )
OCTET = <any 8-bit sequence of data>
CHAR = <any US-ASCII character (octets 0 - 127)>
CTL = <any US-ASCII control character (octets 0 - 31) and DEL (127)>
TEXT = <any OCTET except CTLs, but including LWS>
token = 1*<any CHAR except CTLs or separators>
separators = "(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\"
| <"> | "/" | "[" | "]" | "?" | "=" | "{" | "}" | SP | HT
quoted-string = ( <"> *(qdtext | quoted-pair ) <"> )
qdtext = <any TEXT except <">>
quoted-pair = "\" CHAR
如您所见,field-content
可以是一个 quoted-string
,它是 TEXT
的引号序列(即任何 8-位八位组,"
和 [0-8, 11-12, 14-31, 127]
范围内的值除外)或 quoted-pair
(\
后跟 [0, 127]
范围内的任何值)。即,任何 8 位字符序列都可以通过引用它并在特殊符号前加上前缀来传递\
).
(请注意,标准不会以任何特殊方式处理 NUL(0x00)
字符)
但是,很明显,要么我尝试过的所有服务器都不符合标准,要么标准自 1999 年以来发生了变化,要么我无法正确阅读。
那么...在 HTTP header 值中允许使用哪些字符,为什么?
附言所有这一切背后的原因:我正在寻找一种在 HTTP header 值中传递 utf-8 编码序列的方法(如果可能,无需额外编码)。
最佳答案
RFC 2616已过时,相关部分已替换为 RFC 7230 .
The NUL octet is no longer allowed in comment and quoted-string text, and handling of backslash-escaping in them has been clarified. The quoted-pair rule no longer allows escaping control characters other than HTAB. Non-US-ASCII content in header fields and the reason phrase has been obsoleted and made opaque (the TEXT rule was removed). (Section 3.2.6)
本质上,RFC 2616 默认为 ISO-8859-1 ,这既不充分又不可互操作。因此,RFC 7230 已弃用字段值中的非 ASCII 八位字节。建议在此基础上使用转义机制(例如 RFC 8187 中定义的,或纯 URI-percent-encoding)。
关于http - HTTP header 值中允许使用哪些字符?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47687379/