我还没有找到关于标准是否允许重复的HTTP响应头的规范,但我需要知道这是否会导致兼容性问题。
假设我有一个如下的响应头:
HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.0.3SP1 (build: CVSTag=JBoss_4_0_3_SP1 date=200510231054)/Tomcat-5.5
Cache-Control: no-cache
Cache-Control: no-store
Location: http://localhost:9876/foo.bar
Content-Language: en-US
Content-Length: 0
Date: Mon, 06 Dec 2010 21:18:26 GMT
请注意,有两个具有不同值的Cache-Control
标头。浏览器总是把它们当作"Cache-Control: no-cache,no-store“来处理吗?
发布于 2020-02-11 21:25:17
请注意,尽管没有用逗号分隔值填充,但HSTS RFC6797定义了多个STS头实例的行为,这与RFC2616相矛盾(违反了“如果且仅当”的语言):
"If a UA receives more than one STS header field in an HTTP
response message over secure transport, then the UA MUST process
only the first such header field."
https://stackoverflow.com/questions/4371328
复制相似问题