zoukankan      html  css  js  c++  java

  • Common non-standard response fields

    https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#cite_note-52

    Common non-standard response fields[edit]

    Field nameDescriptionExample
    Content-Security-Policy,
    X-Content-Security-Policy,
    X-WebKit-CSP[45]    		 Content Security Policy definition. X-WebKit-CSP: default-src 'self'
    Refresh Used in redirection, or when a new resource has been created. This refresh redirects after 5 seconds. Header extension introduced by Netscape and supported by most web browsers. Refresh: 5; url=http://www.w3.org/pub/WWW/People.html
    Status CGI header field specifying the status of the HTTP response. Normal HTTP responses use a separate "Status-Line" instead, defined by RFC 7230.[46] Status: 200 OK
    Upgrade-Insecure-Requests[47] Tells a server which (presumably in the middle of a HTTP -> HTTPS migration) hosts mixed content that the client would prefer redirection to HTTPS and can handle Content-Security-Policy: upgrade-insecure-requests

    Must not be used with HTTP/2[9]

    		 Upgrade-Insecure-Requests: 1
    X-Content-Duration[48] Provide the duration of the audio or video in seconds; only supported by Gecko browsers X-Content-Duration: 42.666
    X-Content-Type-Options[49] The only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions.[50] X-Content-Type-Options: nosniff[51]
    X-Powered-By[52] Specifies the technology (e.g. ASP.NET, PHP, JBoss) supporting the web application (version details are often in X-Runtime, X-Version, or X-AspNet-Version) X-Powered-By: PHP/5.4.0
    X-Request-ID,
    X-Correlation-ID[32]    		 Correlates HTTP requests between a client and server. X-Request-ID: f058ebd6-02f7-4d3f-942e-904344e8cde5
    X-UA-Compatible[53] Recommends the preferred rendering engine (often a backward-compatibility mode) to use to display the content. Also used to activate Chrome Frame in Internet Explorer. X-UA-Compatible: IE=EmulateIE7
    X-UA-Compatible: IE=edge
    X-UA-Compatible: Chrome=1
    X-XSS-Protection[54] Cross-site scripting (XSS) filter  

    f
  • 相关阅读:
    有趣的放大镜
    特效代码
    向数据库添加学生信息。存放在REQUEST对象里
    机房servlet过滤器
    冒泡排序法
    验证码 随机生成器 详解
    生成器 种子
    生日
    在字符串里寻找某字符出现的个数
    课堂随笔
  • 原文地址:https://www.cnblogs.com/rsapaper/p/8044565.html
Copyright © 2011-2022 走看看