HTTP
- 301 vs 302
- 301 Moved Permanently
- 302 Found / Moved Temporarily
# 单位为秒Cache-Control: public, max-age=3600Expires: Thu, 01 Dec 2014 16:00:00 GMTCORS#
- 默认允许头
- Cache-Control
- Content-Language
- Content-Type
- Expires
- Last-Modified
- Pragma
- access-control-expose-headers - 控制暴露头
# 请求Access-Control-Request-Headers: authorizationAccess-Control-Request-Method: GET
# 响应Access-Control-Allow-Headers: authorizationAccess-Control-Allow-Methods: POST,GETAccess-Control-Allow-Origin: http://127.0.0.1:3000HTTP2#
QUIC#
- Quick UDP Internet Connections
- SwitchyOmega#706 - Support QUIC proxies
- chrome://net-internals/#quic
- https://en.wikipedia.org/wiki/QUIC
- https://github.com/curl/curl/wiki/QUIC
- https://www.chromium.org/quic
- https://github.com/mholt/caddy/wiki/QUIC
- QUIC 希望能够提供等同于 SSL/TLS 层级的网络安全保护,减少数据传输及创建连接时的延迟时间,双向控制带宽,以避免网络拥塞。
Digest#
- Digest access authentication
- 现在使用 digest 场景比较少 - 因为需要存储明文
- SIP 使用 digest
- 一般使用 Basic over HTTPS
- 算法
- MD5
- MD5-sess - HA1 = MD5(MD5(username:realm:password):nonce:cnonce)
- SHA-256
- SHA-256-sess
- SHA-512
- SHA-512-sess
- qop - quality of protection
- auth
- HA2 = MD5(method:digestURI)
- response = MD5(HA1:nonce:nonceCount:cnonce:qop:HA2)
- auth-int
- HA2 = MD5(method:digestURI:MD5(entityBody))
- response = MD5(HA1:nonce:nonceCount:cnonce:qop:HA2)
- 无 - response = MD5(HA1:nonce:HA2)
- auth
HA1 = MD5(username:realm:password)HA2 = MD5(method:digestURI)response = MD5(HA1:nonce:HA2)服务端返回 challange
HTTP/1.0 401 UnauthorizedServer: HTTPd/0.9Date: Sun, 10 Apr 2014 20:26:47 GMTWWW-Authenticate: Digest realm="[email protected]", qop="auth,auth-int", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", opaque="5ccc069c403ebaf9f0171e9517f40e41"带 Auth 请求
GET /dir/index.html HTTP/1.0Host: localhostAuthorization: Digest username="Mufasa", realm="[email protected]", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", uri="/dir/index.html", qop=auth, nc=00000001, cnonce="0a4f113b", response="6629fae49393a05397450978507c4ef1", opaque="5ccc069c403ebaf9f0171e9517f40e41"