HTTP resources and specifications

HTTP has been first specified in the early 1990s. Designed with extensibility in mind, it has seen numerous additions over the years; this lead to its specification being scattered through numerous specification documents (in the midst of experimental abandoned extensions). This page lists relevant resources about HTTP.

Specification Title Status
RFC 7230 Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing Proposed Standard
RFC 7231 Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content Proposed Standard
RFC 7232 Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests Proposed Standard
RFC 7233 Hypertext Transfer Protocol (HTTP/1.1): Range Requests Proposed Standard
RFC 7234 Hypertext Transfer Protocol (HTTP/1.1): Caching Proposed Standard
RFC 5861 HTTP Cache-Control Extensions for Stale Content Informational
draft-mcmanus-immutable-00 HTTP Immutable Responses Draft
RFC 7235 Hypertext Transfer Protocol (HTTP/1.1): Authentication Proposed Standard
RFC 6265 HTTP State Management Mechanism
Defines Cookies
Proposed Standard
Draft spec Cookie Prefixes IETF Draft
Draft spec Same-Site Cookies IETF Draft
RFC 2145 Use and Interpretation of HTTP Version Numbers Informational
RFC 6585 Additional HTTP Status Codes Proposed Standard
RFC 7538 The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect) Proposed Standard
RFC 7725 An HTTP Status Code to Report Legal Obstacles On the standard track
RFC 2397 The "data" URL scheme Proposed Standard
RFC 3986 Uniform Resource Identifier (URI): Generic Syntax Internet Standard
RFC 5988 Web Linking
Defines the Link header
Proposed Standard
Experimental spec Hypertext Transfer Protocol (HTTP) Keep-Alive Header Informational (Expired)
Draft spec HTTP Client Hints IETF Draft
RFC 7578 Returning Values from Forms: multipart/form-data Proposed Standard
RFC 6266 Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP) Proposed Standard
RFC 2183 Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field
Only a subset of syntax of the Content-Disposition header can be used in the context of HTTP messages.
Proposed Standard
RFC 7239 Forwarded HTTP Extension Proposed Standard
RFC 6455 The WebSocket Protocol Proposed Standard
RFC 5246 The Transport Layer Security (TLS) Protocol Version 1.2
This specification has been modified by subsequent RFCs, but these modifications have no effect on the HTTP protocol.
Proposed Standard
Draft spec The Transport Layer Security (TLS) Protocol Version 1.3
Once ready, this protocol will supersede TLS 1.2.
IETF Draft
RFC 2817 Upgrading to TLS Within HTTP/1.1 Proposed Standard
RFC 7540 Hypertext Transfer Protocol Version 2 (HTTP/2) Proposed Standard
RFC 7541 HPACK: Header Compression for HTTP/2 On the standard track
RFC 7838 HTTP Alternative Services On the standard track
RFC 7301 Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension
Used to negotiate HTTP/2 at the transport to save an extra request/response round trip.
Proposed Standard
RFC 6454 The Web Origin Concept Proposed Standard
CORS Cross-Origin Resource Sharing Recommendation
RFC 7034 HTTP Header Field X-Frame-Options Informational
RFC 6797 HTTP Strict Transport Security (HSTS) Proposed Standard
Upgrade Insecure Requests Upgrade Insecure Requests Candidate Recommendation
Content Security Policy 1.0 Content Security Policy 1.0
CSP 1.1 and CSP 3.0 doesn't extend the HTTP standard
Candidate Recommendation
Microsoft document Specifying legacy document modes*
Defines X-UA-Compatible
Note
RFC 5689 HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)
These extensions of the Web, as well as CardDAV and CalDAV, are out-of-scope for HTTP on the Web. Modern APIs for application are defines using the RESTful pattern nowadays.
Proposed Standard
RFC 2324 Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0) April 1st joke spec
RFC 7168 The Hyper Text Coffee Pot Control Protocol for Tea Efflux Appliances (HTCPCP-TEA) April 1st joke spec
WHATWG HTML Living Standard HTML
Defines extensions of HTTP for Server-Sent Events
Living Standard
Tracking Preference Expression DNT header Editor's draft / Candidate recommendation
Reporting API Report-To header Draft

 

Document Tags and Contributors

Tags: 
 Contributors to this page: fscholz, teoli
 Last updated by: fscholz,