Professional Documents
Culture Documents
HTTP
HTTP
HTTP
OSI
Web
CDN
WAF
WebService
HTML
Web
HTTP
TCP/IP
DNS
URI / URL
HTTPS
HTTP
HTTP
HTTP
HTTP
HTTP URL
HTTP
HTTP
Cache-Control
Connection
Date
Pragma
Trailer
Transfer-Encoding
Upgrade
Via
Warning
Accept
Accept-Charset
Accept-Encoding
Accept-Language
Authorization
Expect
From
Host
If-Match
If-Modified-Since
If-None-Match
If-Range
If-Unmodified-Since
Max-Forwards
Proxy-Authorization
Range
Referer
TE
User-Agent
Accept-Ranges
Age
ETag
Location
Proxy-Authenticate
Retry-After
Server
Vary
www-Authenticate
Access-Control-Allow-Origin
Allow
Content-Encoding
Content-Language
Content-Length
Content-Location
Content-MD5
Content-Range
Content-Type
Expires
Last-Modified
HTTP
Accept
Accept-Charset
Accept-Language
Accept-Encoding
Content-Type
Content-Encoding
Content-Language
HTTP
HTTP
Proxy-Authenticate
Proxy-Authorization
WWW-Authenticate Proxy-Authenticate
Authorization Proxy-Authorization
HTTP
Etag
HTTP CROS
Origin
HTTP
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
Access-Control-Allow-Headers
Access-Control-Allow-Methods
Access-Control-Expose-Headers
Access-Control-Max-Age
Access-Control-Request-Headers
Access-Control-Request-Method
Origin
HTTP
If-Match
If-None-Match
If-Modified-Since
If-Range
If-Unmodified-Since
HTTP Cookies
Cookie
Set-Cookie Cookie
Cookies
Cookies
Cookie Secure HttpOnly
Cookie
HTTP
HTTP
HTTP
HTTPS
HTTPS
HTTPS
HTTPS
SSL/TLS
SSL/TLS
HTTPS HTTP
HTTPS
Cookie Session
Session
Session
Session
Cookies
Cookie
Set-Cookie Cookie
Cookies
Cookies
Cookie Secure HttpOnly
Cookie
JSON Web Token Session Cookies
JWT Session Cookies
Session Cookies
Json Web Tokens
JWT
JSON
JWT
JWT Session Cookies
HTTP HTTPS
HTTP Get Post
HTTP
UDP TCP
UDP
TCP
TCP UDP
TCP
TCP
TCP
HTTP
URL
HTTPS
> >
(Hypertext)
(transfer)
A B A
B B B
A A B
( )
HTTP HTTP
HTTP
HTTP HTTP
HTTP
(layer)
(service) (service
model) (protocol stack)
->
web
HTTP SMTP FTP
DNS
(message)
TCP
UDP
TCP
UDP
(segment)
(datagram)
IP IP IP
IP IP
IP
IP
WiFi DOCSIS
(frame)
OSI
ISO
7 7 5
OSI
SMTP HTTP
Web Broser
Web World Wide Web
URL DNS
URL IP
HTML HTML
Web
Web Web Server Web
HTTP Web HTTP Web Web
CDN
CDN Content Delivery Network HTTP
CDN
CDN
WAF
WAF Web Web Application Firewall WAF
HTTP / HTTPS Web
HTTP Web
WebService
WebService Web WebService
HTML
HTML
Internet HTML HTML
HTML
Web
Web Web page (Objecy)
HTML JPEG Java
URL Web HTML
HTTP
HTTP HTTP
HTTP
TCP/IP
TCP/IP TCP/IP TCP/IP
TCP IP TCP /
IP UDP ICMP ARP
DNS
www.google.com
IP IP DNS
URI / URL
www.google.com
AAA.BBB.CCC URI
HTTPS
HTTP HTTPS HTTPS
Hyper Text Transfer Protocol over SecureSocket Layer HTTPS HTTP
HTTPS HTTP HTTP
HTTPS HTTP SSL HTTPS = HTTP + SSL
HTTPS
HTTP
URL
http://www.someSchool.edu/someDepartment/home.index
HTTP HTTP
someDepartment/home.index HTTP
HTTP (RAM )
www.someSchool.edu/someDepartment/home.index
HTTP
HTTP TCP TCP
TCP
HTTP TCP HTTP
HTML HTML
HTTP
-
-
HTTP
HTTP
-
GET
HEAD POST HTTP
HTTP
HTTP Content-Type
HTTP
HTTP
HTTP
HTTP
HTTP
start line
header key-value
entity
Header
body HTTP Header body
header body CRLF
http
http://www.someSchool.edu/someDepartment/home.index
HTTP ASCII
URL HTTP
HTTP
HTTP 8
HTTP PUT ,
W eb W eb
REST REpresentational State Transfer Web
PUT
CONNECT CONNECT
TCP SSL Secure Sockets Layer
TLS Transport Layer Security
URL
http://www.example.com:80/path/to/myfile.html?
key1=value1&key2=value2#SomewhereInTheDocument URL URL
URL
http
www.example.com
IP address IP
TCP + Web
Web HTTP HTTP 80 HTTPS
443 URI
URL URL
/path/to/myfile.html Web / ?
/ URL html
#SomewhereInTheDocument “ ”
“ ” HTML
#
HTTP
HTTP 1.0
HTTP 1.0
HTTP 1.0 TCP
HTTP 1.1
HTTP 1.1
HTTP 1.1
keep-alive
HTTP 1.1 E-tag If-Unmodified-Since, If-Match, If-None-Match
HTTP 2.0
HTTP2.0 HTTPS
id
HTTP
HTTP 1.1
HTTP
HTTP
Cache-Control
Connection
Date
Pragma
Trailer
Transfer-Encoding
Upgrade
Via
Warning
Cache-Control
Cache CPU
Cache-Control HTTP
RFC 2616
Cache-Control
Cache-Control
no-cache no-store private public
max-age s-maxage max-stale min-fresh
must-revalidate proxy-revalidate
only-if-cached no-transform
no-cache
no-cache
1 Cache-Control: no-cache
no-cache
No-Cache
no-store
no-store
1 Cache-Control: no-store
max-age
max-age max-age
max-age max-age
max-age
1 Cache-Control: max-age=60
max-age = 0
1 Cache-Control: max-age=0
max-age
must-revalidate
1 Cache-Control: must-revalidate
public
public
1 Cache-Control: public
private
private public
1 Cache-Control: private
s-maxage
s-maxage max-age s-maxage
1 Cache-Control: s-maxage=60
min-fresh
1 Cache-Control: min-fresh=60
max-stable
max-stable
1 Cache-Control: max-stable=60
only-if-cached
only-if-cached
1 Cache-Control: only-if-cached
proxy-revalidate
proxy-revalidate
1 Cache-Control: proxy-revalidate
no-transform
no-transform
1 Cache-Control: no-transform
Connection
HTTP TCP
TCP
TCP
1 Connection: keep-alive
HTTP 1.1
timeout: 5
max:
/ HTTP 1.1
1 Connection: close
Date
Date
Pragma
1 Pragma: no-cache
1 Cache-Control: no-cache
2 Pragma: no-cache
Trailer
Trailer HTTP/1.1
1 Transfer-Encoding: chunked
2 Trailer: Expires
Trailer Expires 0
Expires
Transfer-Encoding
Transfer-Encoding
Transfer-Encoding
1 Transfer-Encoding: chunked
(End-to-End) (Top-to-Top)
Transfer-Encoding
Transfer-Encoding
Transfer-Encoding Transfer-Encoding
chunked Content-Length
'\r\n'
'\r\n'
HTML
1 HTTP/1.1 200 OK
2 Content-Type: text/plain
3 Transfer-Encoding: chunked
4
5 7\r\n
6 Mozilla\r\n
7 9\r\n
8 Developer\r\n
9 7\r\n
10 Network\r\n
11 0\r\n
12 \r\n
identity
Upgrade
Upgrade HTTP
Upgrade TLS/1.0
Connection Upgrade Upgrade
Upgrade Connection: Upgrade
Upgrade 101 Switching Protocols
Via
Via / /
Via
Warning
Warning
Warning HTTP
HTTP/1.1 7
HTTP HTTP
Accept
Accept-Charset
Accept-Encoding
Accept-Language
Authorization
Expect
From
Host
If-Match
If-Modified-Since
If-None-Match
If-Range
If-Unmodified-Since
Max-Forwards
Proxy-Authorization
RangeReferer
TE
User-Agent
Accept
HTTP MIME
MIME MIME
MIME MIME
video/mpeg video/quicktime
application/octet-stream application/zip
MIME q q q
1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
q=
1.0
q MIME
1.0 text/html
1.0 application/xhtml+xml
0.9 application/xml
0.8 */*
application/xml;q=0.9
Accept-Charset
Accept-Charset Accept-Charset
Accept q
1 Accept-Charset: iso-8859-1
2 Accept-Charset: utf-8, iso-8859-1;q=0.5
3 Accept-Charset: utf-8, iso-8859-1;q=0.5, *;q=0.1
Accept-*
Accept-Encoding
HTTP Accept-Encoding
Content-Encoding
CPU 80%
Microsoft
Accept-Encoding
1 Accept-Encoding: gzip
2 Accept-Encoding: compress
3 Accept-Encoding: deflate
4 Accept-Encoding: br
5 Accept-Encoding: identity
6 Accept-Encoding: *
7 Accept-Encoding: deflate, gzip;q=1.0, *;q=0.5
Accept-Encoding
gzip : gzip Lempel-Ziv LZ77 32 CRC
https://en.wikipedia.org/wiki/LZ77_and_LZ78#LZ77
br : Brotli https://en.wikipedia.org/wiki/Brotli
* : Accept-Encoding
;q= q Accept
Accept-Language
Accept-Language Accept-Language
Content-Language Accept q
1 Accept-Language: de
2 Accept-Language: de-CH
3 Accept-Language: en-US,en;q=0.5
Authorization
Expect
Expect HTTP
417 Expectation Failed HTTP 1.1
100-continue
100
4xx 417
From
From
From
1 From: webmaster@example.org
From
Host
Host TCP
HTTP URL 80
1 Host: developer.mozilla.org
Host HTTP/1.1
If-Match
If-Match If-Match
1 If-Match: "bfc13a64729c4290ef5b2c2730249c88ca92d82d"
2 If-Match: *
If-Modified-Since
If-Modified-Since HTTP
200 OK 304
If-Modified-Since GET HEAD
If-None-Match
1 If-None-Match: "bfc13a64729c4290ef5b2c2730249c88ca92d82d"
2 If-None-Match: W/"67ab43", "54ed21", "7892dd"
3 If-None-Match: *
W/ ETag ETag
If-Range
If-Unmodified-Since
If-Unmodified-Since HTTP
412
Precondition Failed
Max-Forwards
MDN HTTP
1 Max-Forwards: 10
Max-Forwards Max-Forwards
0
Proxy-Authorization
Proxy-Authorization HTTP
Authorization Authorization - Proxy-Authorization
Proxy-
Authorization
Range
Referer
1 Referer: https://developer.mozilla.org/testpage.html
TE
TE
Accept-Encoding
TE trailer
trailers
User-Agent
User-Agent
Accept-Ranges
Age
ETag
Location
Proxy-Authenticate
Retry-After
Server
Vary
www-Authenticate
Accept-Ranges
Accept-Ranges HTTP
bytes
none
1 Accept-Ranges: bytes
2 Accept-Ranges: none
Age
1 Age: 24
ETag
ETag ETag
ETag
Web ETag
URL ETag
ETag ETag ETag
ETag
1 ETag: "33a64df551425fcc55e4d42a148795d9f25f89d4"
ETag ETag
ETag W/
1 ETag: W/"0815"
Location
Location URI
1 Location: /index.html
Proxy-Authenticate
HTTP Proxy-Authenticate
HTTP Proxy-Authenticate
1 Proxy-Authenticate: Basic
2 Proxy-Authenticate: Basic realm="Access to the internal site"
Retry-After
HTTP Retry-After
503( )
429( )
301( )
Server
Server
Vary
Vary HTTP
1 Vary: User-Agent
www-Authenticate
1 WWW-Authenticate: Basic
2 WWW-Authenticate: Basic realm="Access to the staging site", charset="UTF-8"
Access-Control-Allow-Origin
HTTP Access-Control-Allow-Origin Access-Control-Allow-
Origin - *
https://mozilla.org
1 Access-Control-Allow-Origin: https://mozilla.org
2 Vary: Origin
* Vary Origin
Allow
Content-Encoding
Content-Language
Content-Length
Content-Location
Content-MD5
Content-Range
Content-Type
Expires
Last-Modified
Allow
Content-Encoding
Accept-Encoding
Content-Encoding
Accept-Encoding gzip compress deflate
identity /
Content-Language
Content-Language Accept-Language
/
Content-Length
Content-Length
1 Content-Length: 3000
3000
Content-Location
Content-MD5
MD5 Content-MD5
1 Content-MD5: e10adc3949ba59abbe56e057f20f883e
Content-MD5 MD5
Content-Range
67589 200-1000
Content-Type
Expires
HTTP Expires / /
0
Expires
Expires Date
Cache-Control max-age Expires
max-age
Last-Modified
Last-Modified
ETag If-Modified-Since If-
Unmodified-Since
HTTP
HTTP URL
Server-driven Negotiation
Agent-driven Negotiation
Transparent Negotiation
TCP HTTP
HTTP
Accept
HTTP MIME
MIME MIME
MIME MIME
video/mpeg video/quicktime
application/octet-stream application/zip
MIME q q q
1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
q=
1.0
q MIME
1.0 text/html
1.0 application/xhtml+xml
0.9 application/xml
0.8 */*
application/xml;q=0.9
Accept-Charset
Accept-charset Accept-charset
Accept-Language
Accept-Language
Accept q=
1 Accept-Language: en-US,en;q=0.5
Accept-Encoding
HTTP Accept-Encoding
Content-Encoding
CPU 80%
Microsoft
Accept-Encoding
1 Accept-Encoding: gzip
2 Accept-Encoding: compress
3 Accept-Encoding: deflate
4 Accept-Encoding: br
5 Accept-Encoding: identity
6 Accept-Encoding: *
7 Accept-Encoding: deflate, gzip;q=1.0, *;q=0.5
Accept-Encoding
br : Brotli https://en.wikipedia.org/wiki/Brotli
* : Accept-Encoding
;q= q Accept
Content-Type
MIME
X-Content-Type-Options nosniff
Content-Encoding
Content-Encoding
Content-Type MIME
1 Content-Encoding: gzip
2 Content-Encoding: compress
3 Content-Encoding: deflate
4 Content-Encoding: identity
5 Content-Encoding: br
6 Content-Encoding: gzip, identity
7 Content-Encoding: deflate, gzip
Content-Language
Content-Language
1 Content-Language: de-DE
2 Content-Language: en-US
3 Content-Language: de-DE, en-CA
/ Accept-Charset
Content-Charset Content-Type
HTTP
HTTP HTTP
HTTP
RFC 7235 HTTP
/ 401( )
www-Authenticate
HTTP HTTP
HTTP www-Authenticate 401
HTTP HTTP
HTTPS
403 Forbidden
200 OK
HTTP
Proxy-Authenticate
HTTP Proxy-Authenticate
1 Proxy-Authenticate: Basic
2 Proxy-Authenticate: Basic realm="Access to the internal site"
Proxy-Authorization
HTTP Proxy-Authenticate
403
Forbidden 401 Unauthorized 407 Proxy Authorization
Required
WWW-Authenticate Proxy-Authenticate
WWW-Authenticate Proxy-Authenticate
1 WWW-Authenticate: <type> realm=<realm>
2 Proxy-Authenticate: <type> realm=<realm>
<type> realm
<type> Basic
AWS4-HMAC-
AWS docs
SHA256
Authorization Proxy-Authorization
Authorization Proxy-Authorization
HTTP
/ Web
HTTP
Web
HTTP
HTTP
CDN
Web Web
no-cache
no-cache Cache-Control
1 Cache-Control: no-cache
max-age = 0
1 Cache-Control: max-age=0
HTTP /
private public
1 Cache-Control: private
public
public
1 Cache-Control: public
HTTP/1.1 Cache-Control
no-store
1 Cache-Control: no-store
max-age Expires
mag-age
1 Cache-Control: max-age=31536000
must-revalidate
1 Cache-Control: must-revalidate
(cache eviction)
HTTP -
HTTP
(Eviction algorithms)
If-
None-Match 304 Not Modified
Age Age HTTP
Age 0 0
Age
Cache-
control:max-age=N N
Expires Exprires Date
max-age expires Last-Modified
Date Last-modified 10
Cache-control must-
revalidate ->
Etag
Etag HTTP
Etag
If-None-Match
Last-Modified 1
Last-Modified If-Modified-Since
Etag
Etag If-Match
1 Etag: "33a64df551425fcc55e4d42a148795d9f25f89d4"
1 If-Match: "33a64df551425fcc55e4d42a148795d9f25f89d4"
1 If-None-Match: "33a64df551425fcc55e4d42a148795d9f25f89d4"
HTTP CROS
Origin
Web (Origin) scheme(protocol) - host(domain) -
URL port - scheme host port
Same Origin Policy)
CORS
1 (1) http://example.com/app1/index.html
2 (2) http://example.com/app2/index.html
URL
1 http://Example.com:80
2 http://example.com
URL
URL
Windows Mac OS
X UNIX Linux
Example.com example.com
scheme host 80 HTTP
URL
1 http://example.com/app1
2 https://example.com/app2
URL
1 http://example.com
2 http://www.example.com
3 http://myapp.example.com
URL host
URL
1 http://example.com
2 http://example.com:8080
URL URL
HTTP XMLHttpRequest Fetch
(same-origin policy) API
CORS
URL URL
http://store.company.com/dir/page.html
http://store.company.com/dir2/other.html path
http://store.company.com/dir/inner/another.html path
https://store.company.com/page.html
http://store.company.com:81/dir/page.html
http://news.company.com/dir/page.html
URL
XMLHttpRequest
XMLHttpReqeust
XMLHttpReqeust XMLHttpReqeust
XMLHttpRequest(XHR) URL
XMLHttpRequest AJAX
Fetch API Fetch
CORS HTTP Origin
3. WebGL
4. drawImage() /
5. CSS
HTTP Web
HTTP GET
MIME POST HTTP HTTP OPTIONS
Cookies HTTP
CORS JavaScript
XMLHttpRequest
CORS
Accept
Accept-Language
Content-Language
Content-Type
DPR
Downlink
Save-Data
Viewport-Width
Width
Content-Type
application/x-www-form-urlencoded
multipart/form-data
text/plain
XMLHttpRequestUpload
XMLHttpRequest.upload
ReadableStream
CORS
Origin https://foo.example
1 HTTP/1.1 200 OK
2 Date: Mon, 01 Dec 2008 00:23:53 GMT
3 Server: Apache/2
4 Access-Control-Allow-Origin: *
5 Keep-Alive: timeout=2, max=100
6 Connection: Keep-Alive
7 Transfer-Encoding: chunked
8 Content-Type: application/xml
9
10 […XML Data…]
https://bar.other
https://foo.example
1 Access-Control-Allow-Origin: https://foo.example
https://foo.example https://bar.other
OPTIONS HTTP
XML POST X-
PINGOTHER HTTP/1.1 Web
Content-Type application/xml
POST Access-Control-Request- * OPTIONS
/ /
1 Access-Control-Request-Method: POST
2 Access-Control-Request-Headers: X-PINGOTHER, Content-Type
Access-Control-Request-Method
POST
Access-Control-Request-Headers X-PINGOTHER
Content-Type
1 - 11 POST X-PINGOTHER
1 Access-Control-Allow-Origin: http://foo.example
2 Access-Control-Allow-Methods: POST, GET, OPTIONS
3 Access-Control-Allow-Headers: X-PINGOTHER, Content-Type
4 Access-Control-Max-Age: 86400
1 HTTP/1.1 200 OK
2 Date: Mon, 01 Dec 2008 01:15:40 GMT
3 Server: Apache/2
4 Access-Control-Allow-Origin: https://foo.example
5 Vary: Accept-Encoding, Origin
6 Content-Encoding: gzip
7 Content-Length: 235
8 Keep-Alive: timeout=2, max=99
9 Connection: Keep-Alive
10 Content-Type: text/plain
11
12 [Some GZIP'd payload]
HTTP
http://foo.example Cookies
http://bar.other GET foo.example
7 XMLHttpRequest Cookie
Cookie GET
Access-Control-Allow-Credentials true
web
1 GET /resources/access-control-with-credentials/ HTTP/1.1
2 Host: bar.other
3 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:71.0) Gecko/20100101
Firefox/71.0
4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
5 Accept-Language: en-us,en;q=0.5
6 Accept-Encoding: gzip,deflate
7 Connection: keep-alive
8 Referer: http://foo.example/examples/credential.html
9 Origin: http://foo.example
10 Cookie: pageAccess=2
1 HTTP/1.1 200 OK
2 Date: Mon, 01 Dec 2008 01:34:52 GMT
3 Server: Apache/2
4 Access-Control-Allow-Origin: https://foo.example
5 Access-Control-Allow-Credentials: true
6 Cache-Control: no-cache
7 Pragma: no-cache
8 Set-Cookie: pageAccess=3; expires=Wed, 31-Dec-2008 01:34:53 GMT
9 Vary: Accept-Encoding, Origin
10 Content-Encoding: gzip
11 Content-Length: 106
12 Keep-Alive: timeout=2, max=100
13 Connection: Keep-Alive
14 Content-Type: text/plain
15
16
17 [text/plain payload]
10 http://bar.other Cookie bar.other Access-
Control-Allow-Credentials:true
Access-Control-Allow-Credentials
*
Cookie Access-Control-Allow-Credentials
*
Set-Cookie
API
HTTP
HTTP
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
Access-Control-Allow-Headers
Access-Control-Allow-Methods
Access-Control-Expose-Headers
Access-Control-Max-Age
Access-Control-Request-Headers
Access-Control-Request-Method
Origin
Access-Control-Allow-Origin
Access-Control-Allow-Origin HTTP
Access-Control-Allow-Origin
*
https://mozilla.org
1 Access-Control-Allow-Origin: https://mozilla.org
2 Vary: Origin
* Vary
Access-Control-Allow-Credentials
Access-Control-Allow-Credentials HTTP
Request.credentials JavaScript
Request.credentials Request
Request.credentials Request
cookie Request https://developer.mozilla.or
g/en-US/docs/Web/API/Request
Request.credentials Access-Control-Allow-Credentials
true JavaScript
1 Access-Control-Allow-Credentials: true
cookie TLS
GET
https://www.jianshu.com/p/ea485e5665b3
Access-Control-Allow-Headers
Access-Control-Allow-Headers
HTTP
Access-Control-Allow-Headers CROS
CROS X-Custom-Header
1 Access-Control-Allow-Headers: X-Custom-Header
Access-Control-Allow-Headers
CORS Access-Control-Allow-Headers
1 Access-Control-Allow-Headers: Accept
CORS
Access-Control-Allow-Methods
Access-Control-Allow-Methods
Access-Control-Expose-Headers
Access-Control-Expose-Headers
6 CORS
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
Pragma
Access-Control-Expose-Headers
CORS
1 Access-Control-Expose-Headers: Content-Length
X-Kuma-Revision
1 Access-Control-Expose-Headers: *
Authorization
1 Access-Control-Expose-Headers: *, Authorization
Access-Control-Max-Age
Access-Control-Max-Age
1 Access-Control-Max-Age: 600
10
Access-Control-Request-Headers
Access-Control-Request-Headers
HTTP
Access-Control-Request-Method
Access-Control-Request-Method HTTP
OPTIONS
1 Access-Control-Request-Method: POST
Origin
Origin CORS
POST Referer
1 Origin: https://developer.mozilla.org
HTTP
HTTP
HTTP
GET
HTTP
GET
GET HEAD OPTIONS
PUT
DELETE
HTTP HTTP
PUT
PUT FTP
Etag
Etag
Etag
HTTP
Etag
Etag
Etag
Web Etag
URL Etag
Etag
1 Etag: "33a64df551425fcc55e4d42a148795d9f25f89d4"
Etag Etag
Etag W/
1 Etag: W/"0815"
Etag
If-Match
If-None-Match
If-Modified-Since
If-Unmodified-Since
If-Range
If-Match
1 If-Match: "bfc13a64729c4290ef5b2c2730249c88ca92d82d"
2 If-Match: *
If-None-Match
1 If-None-Match: "bfc13a64729c4290ef5b2c2730249c88ca92d82d"
2 If-None-Match: W/"67ab43", "54ed21", "7892dd"
3 If-None-Match: *
If-Modified-Since
If-Modified-Since HTTP
200 OK 304
If-Modified-Since GET HEAD
If-Range
If-Unmodified-Since
If-Unmodified-Since HTTP
412
Precondition Failed
200 OK
Last-Modified Etag
If-Modified-Since If-Match
304 Not
Modified /
200 OK
HTTP
Accept-Ranges
Ranges
Ranges Content-Range
Range
Range HTTP Range
206
Range 416 Range Not Satisfiable Range
200
500 500
Content-Range
67589 200-1000
Content-Range
If-Modified-Since If-Match
/
HTTP If-Range
Etag
Web
put
If-Match If-Unmodified-Since Etag
412 Precondition Failed
HTTP Cookies
Cookie
Cookie
API Cookie
API Web API localStorage sessionStorage
IndexedDB
Cookie
HTTP Set-Cookie Cookie
Cookie HTTP
Cookie cookie
Set-Cookie Cookie
1 HTTP/2.0 200 OK
2 Content-type: text/html
3 Set-Cookie: yummy_cookie=choco
4 Set-Cookie: tasty_cookie=strawberry
5
6 [page content]
Cookie
Cookie cookie
Cookies
Web Cookie
Cookies
HttpOnly
Cookie
Domain Path Cookie Cookie URL
Domain Cookie (
Domain
Domain=mozilla.org Cookie
developer.mozilla.org
Path=/docs
/docs
/docs/Web/
/docs/Web/HTTP
HTTP
HTTP
HTTP
HTTP
HTTP URI
HTTP
HTTP
HTTP Web
JSON XML APP
HTTP
CPU
HTTP
Cookie
HTTP
header
TCP UDP
Wireshark tcpdump
HTTP
HTTPS
HTTPS HTTP
HTTPS
HTTP HTTP HTTP
HTTP HTTP
HTTP
HTTP
HTTPS
HTTPS
HTTP HTTP (Hypertext Transfer Protocol)
HTTPS
HTTPS
HTTPS
(Encryption) HTTPS
(Data integrity)
(Authentication)
HTTPS RFC 7
443 URI HTTP
HTTP 80 HTTPS
HTTP HTTP HTTPS HTTPS HTTP
S SSL/TLS
SSL/TLS
SSL/TLS
TLS(Transport Layer Security) SSL(Secure Socket Layer)
SSL/TLS SSL/TLS X.509
(key pairs)
(private key) (public key)
X.509 X.509
X.509
SSL.com
https://www.ssl.com/article/pki-and-digital-certificates-f
or-government/
HTTPS HTTP
HTTPS HTTP SSL TLS
HTTP TCP SSL HTTPS SSL
SSL TCP HTTPS SSL HTTP
HTTPS
HTTPS TLS/SSL
HTTPS TLS
TLS TLS
1 ECDHE-ECDSA-AES256-GCM-SHA384
TLS
- - -
ECDHE ECDSA AES
256 GCM SHA384
TLS
(Plaintext)
m p
(Ciphertext)
(Encrypt)
(Decrypt)
(Symmetrical Encryption)
3DES DES 90
3DES
(Asymmetrical Encryption)
DH
DSA RSA ECC
RSA DHE_RSA_CAMELLIA128_GCM_SHA256
TLS
(Digest Algorithm)
TLS (Digest Algorithm)
MD5 MD5 Message Digest Algorithm 5
(cryptographic hash algorithm) MD5 128
MD5 MD5
SSH SSL IPSec
MD5
CA DV OV EV DV
EV
Apple GitHub
CSR CSR
CSR CSR
CA
CSR CA CA
Cookie Session
HTTP
Session Cookie HTTP
Session
Session
ConcurrentHashMap Session HTTP Session
Session
Session Session
sessionId Set-Cookie JSESSIONID=XXXXXXX
Cookie JSESSIONID=XXXXXXX Cookie
Cookie
Cookie sessionId
Cookie JSESSIONID
sessionId
Session
Session A Session A
B B A Session Session
Cookies
Cookie
Cookie
API Cookie
Cookie
HTTP Set-Cookie Cookie
Cookie HTTP
Set-Cookie Cookie
Cookie
Cookie Cookie
Cookies Session Cookies Persistent Cookies Cookie
Cookie Cookie
Cookie Cookie Cookie
Cookie
Cookies
Web Cookie
Cookies
Cookie HTTPS
cookie
HttpOnly
Cookie
Domain Path Cookie Cookie URL
Domain Cookie (
Domain
Domain=mozilla.org Cookie
developer.mozilla.org
Path=/docs
/docs
/docs/Web/
/docs/Web/HTTP
JWT Session
HTTP
HTTP
Session Cookies
Session Cookies Cookies Session Cookies
Session
JWT
(Authorization) JWT
JWT
JWT
(Information Exchange) JWT /
JWT head payload
JWT
JWT
JWT .
Header
Payload
Signature
JWT
Header
1 {
2 "alg": "HS256",
3 "typ": "JWT"
4 }
Payload
registered
ISS
iss (issuer)
sub (subject)
aud (audience)
private
1 {
2 "sub": "1234567890",
3 "name": "John Doe",
4 "admin": true
5 }
signature
JWT
header (base64 )
payload (base64 )
secret
HMAC SHA256
1 HMACSHA256(
2 base64UrlEncode(header) + "." +
3 base64UrlEncode(payload),
4 secret)
JWT
Base64-URL HTML
HTTP
1 eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gR
G9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
JWT https://jwt.io/#debugger-io
JSON
JWT
Session Cookies
JWT JWT Session
Cookies
JWT
Session Cookies
JWT JWT
Session Cookies
API JWT
Cookies
Session PHP ......
Cookies Session
HTTP HTTPS
( )
HTTP TCP/IP
OSI
HTTP HTTPS
1 http://www.cxuanblog.com/
2 https://www.cxuanblog.com/
HTTP
HTTPS - - -
HTTP 80 HTTPS 443
get www.cxuanblog.com
get post <form>
get pull/ post
push/
get URL
1 /test/demo_form.asp?name1=value1&name2=value2
post body
(Stateless Protocol)
HTTP
HTTP
(Cookie)
cookie chrome://settings/content/cookies
......
Session Session sessionId
Set-Cookie JSESSIONID=XXXXXXX Cookie
JSESSIONID=XXXXXXX Cookie
Cookie
Cookie sessionId
Cookie JSESSIONID
sessionId
JWT Cookie
JWT JWT
UDP TCP
TCP UDP
TCP UDP
UDP
UDP User Datagram Protocol
UDP
UDP
UDP
UDP
UDP DNS DNS UDP
TCP
TCP Transmission Control Protocol
Internet TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP UDP
TCP UDP
TCP UDP
TCP UDP
UDP
TCP
UDP
TCP
TCP UDP
TCP 20 UDP 8
UDP
TCP
TCP UDP
UDP
TCP
TCP
TCP TCP
TCP
SYN
ACK SYN
FIN
- -
TCP
( ) FIN
FIN_WAIT_1 FIN_WAIT_1
ACK
FIN ACK
ACK FIN_WAIT_2
FIN
ACK FIN
HTTP
HTTP
https://mp.weixin.qq.com/s/XZZR0945IcI6X4S0g5fZXg
HTTP
Date
Date
Cache-Control
Cache-Control Cache-Control
Connection
Connection Connection
1 Connection: keep-alive
1 Connection: close
HTTP1.1
HTTP HTTP Content-
Length Content-Language Content-Encoding
Content-Length
Content-Language
Content-Encoding Content-
Encoding
Host TCP
HTTP URL 80
1 Host: developer.mozilla.org
Referer
1 Referer: https://developer.mozilla.org/testpage.html
If-Modified-Since
Last-Modified 200
Last-Modified 304
If-None-Match
1 If-None-Match: "c561c68d0ba92bbeb8b0fff2a9199f722e3a621a"
Accept
HTTP MIME
Accept-Charset
accept-charset
Accept-Language
Accept-Language
HTTP 1.1
Access-Control-Allow-Origin
Keep-Alive
Keep-Alive Connection
Server
Server
Set-Cookie
Set-Cookie sessionID
Transfer-Encoding
Transfer-Encoding
HTTP /1.1
X-Frame-Options
HTTP Web
HTTP 1.1
URL
URL
URL
DNS IP
IP
IP DNS DNS
Domain Name System DNS DNS
DNS UDP 53
DNS
DNS
DNS (local DNS server) DNS
DNS ISP(Internet Service Provider) ISP
ISP DNS ISP ISP IP
DNS IP
DNS IP DNS DNS
DNS
DNS IP DNS IP
DNS
DNS
TCP
200 301,302 3
Location
URL 200 OK
HTTPS
HTTPS SSL/TLS
HTTPS TLS
HTTPS API HTTPS DNS TLS
TLS
RSA TLS
HTTP TLS
ClientHello hello
TLS (TLS1.0 TLS1.2 TLS1.3)
ClientKeyExchange
The premaster secret
ChangeCipherSpec
premaster secret Finished
Session key
ChangeCipherSpec Finished
RSA
Java cxuan