HTTP中,什么是"X-" Prefix header?
例如 github API 的response headers有很多X前綴的頭部:
查一下MDN文檔:
Custom proprietary headers have historically been used with an X- prefix, but this convention was deprecated in June 2012 because of the inconveniences it caused when nonstandard fields became standard in RFC 6648; others are listed in an IANA registry, whose original content was defined in RFC 4229. IANA also maintains a registry of proposed new HTTP headers.
原來是自定義頭部。但是上面文檔說,已經deprecated,過時了。
作用
和HTTP headers一樣,都是提供額外的信息。
Their main purpose is for providing additional information
RFC表明X前綴的自定義頭已經過時了,代替解決方案是什么?
根據keycdn,推薦繼續保留:
Although the recommendation to use X- has been deprecated, it doesn’t mean that it is no longer supported. In fact, there are still many scenarios where X- continues to be used.
根據stackoverflow,推薦繼續保留:
Just as there are many kids that will never end up as professional athletes, many custom headers will never end up as standards. I'm inclined to keep the "X-" on those
If you're using custom HTTP Headers (as a sometimes-appropriate alternative to cookies) within your app to pass data to/from your server, and these headers are, explicitly, NOT intended ever to be used outside the context of your application, name-spacing them with an "X-" or "X-FOO-" prefix is a reasonable, and common, convention.
總結
雖然RFC已經不推薦使用帶X前綴的http 頭部,但是不推薦不代表禁止。根據stackoverflow和google一些資料,推薦繼續使用這樣的自定義頭部,有時候會提供極大的便利。經過本人觀察,很多網站還在使用帶X前綴的HTTP頭部。