HTTP has been first specified in the early 1990s. Designed with extensibility in mind, it has seen numerous additions over the years; this lead to its specification being scattered through numerous specification documents (in the midst of experimental abandoned extensions). This page lists relevant resources about HTTP.
Specification | Title | Status |
---|---|---|
RFC 7230 | Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing | Proposed Standard |
RFC 7231 | Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content | Proposed Standard |
RFC 7232 | Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests | Proposed Standard |
RFC 7233 | Hypertext Transfer Protocol (HTTP/1.1): Range Requests | Proposed Standard |
RFC 7234 | Hypertext Transfer Protocol (HTTP/1.1): Caching | Proposed Standard |
RFC 5861 | HTTP Cache-Control Extensions for Stale Content | Informational |
draft-mcmanus-immutable-00 | HTTP Immutable Responses | Draft |
RFC 7235 | Hypertext Transfer Protocol (HTTP/1.1): Authentication | Proposed Standard |
RFC 6265 | HTTP State Management Mechanism Defines Cookies |
Proposed Standard |
Draft spec | Cookie Prefixes | IETF Draft |
Draft spec | Same-Site Cookies | IETF Draft |
Draft spec | Deprecate modification of 'secure' cookies from non-secure origins | IETF Draft |
RFC 2145 | Use and Interpretation of HTTP Version Numbers | Informational |
RFC 6585 | Additional HTTP Status Codes | Proposed Standard |
RFC 7538 | The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect) | Proposed Standard |
RFC 7725 | An HTTP Status Code to Report Legal Obstacles | On the standard track |
RFC 2397 | The "data" URL scheme | Proposed Standard |
RFC 3986 | Uniform Resource Identifier (URI): Generic Syntax | Internet Standard |
RFC 5988 | Web Linking Defines the Link header |
Proposed Standard |
Experimental spec | Hypertext Transfer Protocol (HTTP) Keep-Alive Header | Informational (Expired) |
Draft spec | HTTP Client Hints | IETF Draft |
RFC 7578 | Returning Values from Forms: multipart/form-data | Proposed Standard |
RFC 6266 | Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP) | Proposed Standard |
RFC 2183 | Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field Only a subset of syntax of the Content-Disposition header can be used in the context of HTTP messages. |
Proposed Standard |
RFC 7239 | Forwarded HTTP Extension | Proposed Standard |
RFC 6455 | The WebSocket Protocol | Proposed Standard |
RFC 5246 | The Transport Layer Security (TLS) Protocol Version 1.2 This specification has been modified by subsequent RFCs, but these modifications have no effect on the HTTP protocol. |
Proposed Standard |
Draft spec | The Transport Layer Security (TLS) Protocol Version 1.3 Once ready, this protocol will supersede TLS 1.2. |
IETF Draft |
RFC 2817 | Upgrading to TLS Within HTTP/1.1 | Proposed Standard |
RFC 7540 | Hypertext Transfer Protocol Version 2 (HTTP/2) | Proposed Standard |
RFC 7541 | HPACK: Header Compression for HTTP/2 | On the standard track |
RFC 7838 | HTTP Alternative Services | On the standard track |
RFC 7301 | Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension Used to negotiate HTTP/2 at the transport to save an extra request/response round trip. |
Proposed Standard |
RFC 6454 | The Web Origin Concept | Proposed Standard |
Fetch The definition of 'CORS' in that specification. |
Cross-Origin Resource Sharing | Living Standard |
RFC 7034 | HTTP Header Field X-Frame-Options | Informational |
RFC 6797 | HTTP Strict Transport Security (HSTS) | Proposed Standard |
Upgrade Insecure Requests | Upgrade Insecure Requests | Candidate Recommendation |
Content Security Policy 1.0 | Content Security Policy 1.0 CSP 1.1 and CSP 3.0 doesn't extend the HTTP standard |
Candidate Recommendation |
Microsoft document | Specifying legacy document modes* Defines X-UA-Compatible |
Note |
RFC 5689 | HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV) These extensions of the Web, as well as CardDAV and CalDAV, are out-of-scope for HTTP on the Web. Modern APIs for application are defines using the RESTful pattern nowadays. |
Proposed Standard |
RFC 2324 | Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0) | April 1st joke spec |
RFC 7168 | The Hyper Text Coffee Pot Control Protocol for Tea Efflux Appliances (HTCPCP-TEA) | April 1st joke spec |
WHATWG HTML Living Standard | HTML Defines extensions of HTTP for Server-Sent Events |
Living Standard |
Tracking Preference Expression | DNT header | Editor's draft / Candidate recommendation |
Reporting API | Report-To header |
Draft |