LLMpediaThe first transparent, open encyclopedia generated by LLMs

RFC 9110

Generated by DeepSeek V3.2
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: HTTP Hop 4
Expansion Funnel Raw 68 → Dedup 38 → NER 18 → Enqueued 16
1. Extracted68
2. After dedup38 (None)
3. After NER18 (None)
Rejected: 20 (not NE: 20)
4. Enqueued16 (None)
Similarity rejected: 2
RFC 9110
TitleHTTP Semantics
Number9110
AuthorRoy Fielding, Mark Nottingham, Julian Reschke
StatusInternet Standard
SeriesRequest for Comments
PublisherInternet Engineering Task Force
Year2022
ReplacesRFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7235

RFC 9110. Published in June 2022 by the Internet Engineering Task Force, RFC 9110 defines the core semantics of the Hypertext Transfer Protocol used across the World Wide Web. It consolidates and supersedes several previous documents, including RFC 7231, to provide a single, authoritative reference for HTTP methods, status codes, header fields, and message handling. This specification, along with its companion documents RFC 9112 and RFC 9113, forms the modern foundation for web communication, separating protocol semantics from syntax and transport concerns.

Overview

RFC 9110 standardizes the shared semantics and general architecture of HTTP, which is the fundamental protocol for data communication on the World Wide Web. It describes the interactions between user agents and origin servers or intermediaries like proxies and gateways. The document explicitly separates these core semantics from the concrete syntax defined in RFC 9112 and the performance optimizations provided by HTTP/2 in RFC 9113 and HTTP/3 in RFC 9114. This modular structure allows the protocol's meaning to remain consistent across different wire formats and underlying transports like TCP or QUIC.

Key concepts and semantics

The specification formally defines core concepts such as URIs, resources, and representations. It details the semantics of standard HTTP request methods like GET, POST, PUT, and DELETE, which are used by clients such as Firefox or cURL to interact with servers. The document also standardizes the meaning of HTTP status codes, including informational (1xx), success (2xx), redirection (3xx), client error (4xx), and server error (5xx) categories, which are generated by software like Apache HTTP Server or Nginx. Furthermore, it provides a comprehensive registry and definitions for HTTP header fields that convey metadata about messages and their payloads.

Message format

While the precise syntax for HTTP messages on the wire is defined in the separate RFC 9112, RFC 9110 details the logical structure and required components of both requests and responses. A request must contain a method, a target URI, and the protocol version, while a response starts with a status code and a reason phrase. The specification governs how header fields like Host, Content-Type, and Cache-Control are interpreted semantically, regardless of whether the message is transmitted using HTTP/1.1 or HTTP/2. It also defines the rules for message body length and the use of the chunked transfer encoding mechanism.

Connection management

RFC 9110 describes the abstract requirements for managing connections within the HTTP protocol, focusing on the roles of clients and servers in establishing and using a transport connection. It outlines the concepts of persistent connections and pipelining, though the latter is now deprecated. The document specifies how connection-related directives in header fields, such as Connection and Upgrade, are processed. These abstract management rules are then implemented concretely by the underlying transport protocol, whether it is the classic TCP used with HTTP/1.1 or the newer QUIC transport that underpins HTTP/3.

Security considerations

The document includes a substantial section on security, detailing common threats to HTTP implementations and the web ecosystem. It discusses issues like request smuggling, response splitting, and attacks involving URLs, alongside the risks of exposing sensitive data in Referer headers or server logs. The specification strongly recommends the use of TLS to provide confidentiality and integrity, referencing versions like TLS 1.2 and TLS 1.3. It also provides guidance on privacy concerns, authentication mechanisms, and the implications of deploying content delivery networks and other intermediaries.

Relationship to previous versions

RFC 9110, along with RFC 9112 and RFC 9113, constitutes HTTP Semantics and obsoletes the previous suite of documents known as RFC 7230 through RFC 7235. This consolidation was undertaken by the IETF HTTP Working Group to create a clearer, more organized standard. While maintaining backward compatibility for the vast majority of existing web traffic, it refines, clarifies, and deprecates certain obsolete features from earlier specifications like RFC 2616. The new structure cleanly partitions protocol semantics from message syntax and transport, providing a more maintainable foundation for future evolution, including the development of HTTP/3 documented in RFC 9114.

Category:Internet Standards Category:Hypertext Transfer Protocol Category:Request for Comments