Host:客戶端指定自己想訪問的http服務器的域名/IP 地址和端口號。
今天同事問了一個問題引發了我對http頭中host字段的詳細思考,總結了以下5條。
1.host字段可以是域名,也可以是ip地址。host字段域名/ip後可以跟端口號,如Host: www.6san.com:8080
2.host可以由程序自定義,某些程序爲了防止運營商或防火牆攔截會定義虛假host
3.http1.1中host字段可以是空值,http1.0中可以缺失host字段
4.http響應頭中不包含host字段,所以wireshark中http.host過濾到的都是請求包
5.因爲http頭中的host字段可以由程序自定義,所以host字段的值就會有很多特殊情況,如包含多個’/’字符的HOST頭信息,結尾含有”.”等
http頭中可以沒有host字段嗎?
在http 1.1中不能缺失host字段,如果缺失, 服務器返回400 bad request,http1.1中不能缺失host字段,但host字段可以是空值。
在http 1.0中可以缺失host字段。
RFC 2616中關於host字段的說明如下:
A client MUST include a Host header field in all HTTP/1.1 request
messages . If the requested URI does not include an Internet host
name for the service being requested, then the Host header field MUST
be given with an empty value. An HTTP/1.1 proxy MUST ensure that any
request message it forwards does contain an appropriate Host header
field that identifies the service being requested by the proxy. All
Internet-based HTTP/1.1 servers MUST respond with a 400 (Bad Request)
status code to any HTTP/1.1 request message which lacks a Host header
field.