个人博客迁移
在用curl发送http请求的时候发现,自定义添加的header头会被特殊处理,比如 发送x-real-ip在server端接收会发现变为HTTP_X_REAL_IP,因为之前一直使用IIS,没遇到过这个问题,后来才知道这个是CGI的规范之一,如下所示http://www.ietf.org/rfc/rfc38754.1.
Request Meta-VariablesMeta-variables contain data about the request passed from the serverto the script, and are accessed by the script in a system-definedmanner.Meta-variables are identified by case-insensitive names;there cannot be two different variables whose names differ in caseonly. Here they are shown using a canonical representation ofcapitals plus underscore ("_"). A particular system can define adifferent representation.4.1.18. Protocol-Specific Meta-VariablesThe server SHOULD set meta-variables specific to the protocol andscheme for the request. Interpretation of protocol-specificvariables depends on the protocol version in SERVER_PROTOCOL. Theserver MAY set a meta-variable with the name of the scheme to anon-NULL value if the scheme is not the same as the protocol. Thepresence of such a variable indicates to a script which scheme isused by the request.Meta-variables with names beginning with "HTTP_" contain values readfrom the client request header fields, if the protocol used is HTTP.The HTTP header field name is converted to upper case, has alloccurrences of "-" replaced with "_" and has "HTTP_" prepended togive the meta-variable name.The header data can be presented assent by the client, or can be rewritten in ways which do not changeits semantics. If multiple header fields with the same field-nameare received then the server MUST rewrite them as a single valuehaving the same semantics. Similarly, a header field that spansmultiple lines MUST be merged onto a single line. The server MUST,if necessary, change the representation of the data (for example, thecharacter set) to be appropriate for a CGI meta-variable.The server is not required to create meta-variables for all theheader fields that it receives. In particular, it SHOULD remove anyheader fields carrying authentication information, such as'Authorization'; or that are available to the script in othervariables, such as 'Content-Length' and 'Content-Type'. The serverMAY remove header fields that relate solely to client-sidecommunication issues, such as 'Connection'.如果是用nginx做web服务器,用户自定义的header,在带有下划线的情况下无法传递,因为在ngx_http_parse_header_line() 函数中
if (ch == '_') {
if (allow_underscores) {
hash = ngx_hash(hash, ch);
r->lowcase_header[i++] = ch;
i &= (NGX_HTTP_LC_HEADER_LEN - 1);
} else {
r->invalid_header = 1;
}break;}
nginx对headername的字符做了限制,默认 underscores_in_headers 为off,表示如果headername中包含下划线,则忽略掉。
nginx中文档syntax: underscores_in_headers on | off;default:underscores_in_headers off;context: http, serverEnables or disables the use of underscores in client request header fields. When disabled, request header fields whose namescontain underscores are marked as invalid and are subject to the ignore_invalid_headers directive.Controls whether header fields with invalid names should be ignored. Valid names are composed of English letters, digits,hyphens, and possibly underscores (as controlled by theunderscores_in_headers directive).
网友评论