Capability that can be built into web servers and web clients
HTTP
Persistence
Compression
HTTPS
QUIC
Request methods
OPTIONS
GET
HEAD
POST
PUT
DELETE
TRACE
CONNECT
PATCH
Header fields
Cookie
ETag
Location
HTTP referer
DNT
X-Forwarded-For
Response status codes
301 Moved Permanently
302 Found
303 See Other
403 Forbidden
404 Not Found
451 Unavailable for Legal Reasons
Security access control methods
Basic access authentication
Digest access authentication
Security vulnerabilities
HTTP header injection
HTTP request smuggling
HTTP response splitting
HTTP parameter pollution
v
t
e
HTTP compression is a capability that can be built into web servers and web clients to improve transfer speed and bandwidth utilization.[1]
HTTP data is compressed before it is sent from the server: compliant browsers will announce what methods are supported to the server before downloading the correct format; browsers that do not support compliant compression method will download uncompressed data. The most common compression schemes include gzip and Brotli; a full list of available schemes is maintained by the IANA.[2]
There are two different ways compression can be done in HTTP. At a lower level, a Transfer-Encoding header field may indicate the payload of an HTTP message is compressed. At a higher level, a Content-Encoding header field may indicate that a resource being transferred, cached, or otherwise referenced is compressed. Compression using Content-Encoding is more widely supported than Transfer-Encoding, and some browsers do not advertise support for Transfer-Encoding compression to avoid triggering bugs in servers.[3]
^"Using HTTP Compression (IIS 6.0)". Microsoft Corporation. Retrieved 9 February 2010.
^RFC 2616, Section 3.5: "The Internet Assigned Numbers Authority (IANA) acts as a registry for content-coding value tokens."
^'RFC2616 "Transfer-Encoding: gzip, chunked" not handled properly', Chromium Issue 94730
HTTPcompression is a capability that can be built into web servers and web clients to improve transfer speed and bandwidth utilization. HTTP data is...
Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over...
RFC 9114, HTTP/3 (see also the section above) RFC 9204, QPACK: Field Compression for HTTP/3 RFC 9218, Extensible Prioritization Scheme for HTTPHTTP is a stateless...
using HPACK (HTTP/2) or QPACK (HTTP/3), which both provide efficient header compression. The request or response line from HTTP/1 has also been replaced by...
This is a list of Hypertext Transfer Protocol (HTTP) response status codes. Status codes are issued by a server in response to a client's request made...
Exfiltration via Adaptive Compression of Hypertext) is a security vulnerability against HTTPS when using HTTPcompression. BREACH is built based on the...
In information theory, data compression, source coding, or bit-rate reduction is the process of encoding information using fewer bits than the original...
HTTP 403 is an HTTP status code meaning access to the requested resource is forbidden. The server understood the request, but will not fulfill it, if...
communications, the HTTP 404, 404 not found, 404, 404 error, page not found, or file not found error message is a hypertext transfer protocol (HTTP) standard response...
authors to improve compression ratios even further. The Brotli specification was generalized in September 2015 for HTTP stream compression (content-encoding...
gzip is a file format and a software application used for file compression and decompression. The program was created by Jean-loup Gailly and Mark Adler...
The HTTP response status code 302 Found is a common way of performing URL redirection. The HTTP/1.0 specification (RFC 1945) initially defined this code...
between HTTP/1.x and HTTP/2 connections on the same TCP port, binary representation of HTTP messages, message priority, compression of HTTP headers,...
message body (or content) in this example is the text Hello world!. HTTPHTTPcompression List of HTTP headers List of HTTP status codes Web cache v t e...
HTTP cookies (also called web cookies, Internet cookies, browser cookies, or simply cookies) are small blocks of data created by a web server while a user...
In HTTP, "Referer" (a misspelling of Referrer) is an optional HTTP header field that identifies the address of the web page (i.e., the URI or IRI), from...
successfully defended against by turning off TLS compression or SPDY header compression, BREACH exploits HTTPcompression which cannot realistically be turned off...
On the World Wide Web, HTTP 301 is the HTTP response status code for 301 Moved Permanently. It is used for permanent redirecting, meaning that links or...
HTTP persistent connection, also called HTTP keep-alive, or HTTP connection reuse, is the idea of using a single TCP connection to send and receive multiple...
HTTP pipelining is a feature of HTTP/1.1, which allows multiple HTTP requests to be sent over a single TCP connection without waiting for the corresponding...
CRIME (Compression Ratio Info-leak Made Easy) is a security vulnerability in HTTPS and SPDY protocols that utilize compression, which can leak the content...
SDCH (Shared Dictionary Compression for HTTP) is a data compression algorithm created by Google, based on VCDIFF (RFC 3284). SDCH achieves its effectiveness...
The HTTP response status code 303 See Other is a way to redirect web applications to a new URI, particularly after a HTTP POST has been performed, since...
Texture compression is a specialized form of image compression designed for storing texture maps in 3D computer graphics rendering systems. Unlike conventional...
The ETag or entity tag is part of HTTP, the protocol for the World Wide Web. It is one of several mechanisms that HTTP provides for Web cache validation...
IANA. Compression-only formats should often be denoted by the media type of the decompressed data, with a content coding indicating the compression format...
In computer networking, HTTP 451 Unavailable For Legal Reasons is a proposed standard error status code of the HTTP protocol to be displayed when the...