非常教程

HTTP参考手册

标题 | Headers

Upgrade-Insecure-Requests

HTTP Upgrade-Insecure-Requests请求头向服务器发送一个信号,表示客户对加密和认证响应的偏好,并且它可以成功处理upgrade-insecure-requests CSP 指令。

Header type

Request header

Forbidden header name

no

句法

Upgrade-Insecure-Requests: 1

例子

客户端向服务器请求它支持以下升级机制的信号upgrade-insecure-requests

GET / HTTP/1.1 
Host: example.com 
Upgrade-Insecure-Requests: 1

服务器现在可以重定向到该网站的安全版本。一个Vary可以使用的头,这样的网站不会被缓存投放到不支持升级机制的客户。

Location: https://example.com/ 
Vary: Upgrade-Insecure-Requests

产品规格

Specification

Status

Comment

Upgrade Insecure RequestsThe definition of 'upgrade-insecure-requests' in that specification.

Candidate Recommendation

Initial definition.

浏览器兼容性

Feature

Chrome

Firefox

Edge

Internet Explorer

Opera

Safari

Basic Support

44

48.0

(No)1

(No)

31

?

Feature

Android

Chrome for Android

Edge mobile

Firefox for Android

IE mobile

Opera Android

iOS Safari

Basic Support

?

44

(No)

48.0

?

31

?

  • Under consideration 即将发布
  • Content-Security-Policy
  • CSP upgrade-insecure-requests
HTTP

超文本传输协议( HTTP,HyperText Transfer Protocol ) 是互联网上应用最为广泛的一种网络协议。所有的 WWW 文件都必须遵守这个标准。