Want-Digest
HTTP header is primarily used in a HTTP request, to ask the responder to provide a
digest
of the requested resource using the
Digest
response header.
The header contains identifiers for one or more digest algorithms that the sender wishes the responder to use to create the digest. The sender may use quality values to indicate its preference ordering among the choices it offers.
若
Want-Digest
does not include any digest algorithms that the server supports, the server may respond with:
400 Bad Request
error, and include another
Want-Digest
header with that response, listing the algorithms that it does support.
See the page for the
Digest
header for more information.
| Header type | General header |
|---|---|
| Forbidden header name | no |
Want-Digest: <digest-algorithm> // Multiple algorithms, weighted with the quality value syntax: Want-Digest: <digest-algorithm><q-value>,<digest-algorithm><q-value>
<digest-algorithm>
SHA-256
and
SHA-512
. Some of the supported algorithms, including
unixsum
and
MD5
are subject to collisions and are thus not suitable for applications in which collision-resistance is important.
<q-value>
Want-Digest: sha-256 Want-Digest: SHA-512;q=0.3, sha-256;q=1, md5;q=0
The sender provides a list of digests which it is prepared to accept, and the server uses one of them:
Request: GET /item Want-Digest: sha-256;q=0.3, sha;q=1 Response: HTTP/1.1 200 Ok Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
The server does not support any of the requested digest algorithms, so uses a different algorithm:
Request: GET /item Want-Digest: sha;q=1 Response: HTTP/1.1 200 Ok Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
The server does not support any of the requested digest algorithms, so responds with a 400 error and includes another
Want-Digest
header, listing the algorithms that it does support:
Request: GET /item Want-Digest: sha;q=1 Response: HTTP/1.1 400 Bad Request Want-Digest: sha-256, sha-512
| 规范 | Title |
|---|---|
| draft-ietf-httpbis-digest-headers-latest | Resource Digests for HTTP |
This header was originally defined in RFC 3230 , but the definition of "selected representation" in RFC 7231 made the original definition inconsistent with current HTTP specifications. When released, The "Resource Digests for HTTP" draft therefore will obsolete RFC 3230 and will update the standard to be consistent.
The compatibility table in this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
更新 GitHub 上的兼容性数据| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Want-Digest
|
Chrome 完整支持 Yes | Edge 完整支持 12 | Firefox 完整支持 Yes | IE 完整支持 Yes | Opera 完整支持 Yes | Safari 完整支持 Yes | WebView Android 完整支持 Yes | Chrome Android 完整支持 Yes | Firefox Android 完整支持 Yes | Opera Android 完整支持 Yes | Safari iOS 完整支持 Yes | Samsung Internet Android 完整支持 Yes |
完整支持
Accept
Accept-CH
Accept-CH-Lifetime
Accept-Charset
Accept-Encoding
Accept-Language
Accept-Patch
Accept-Ranges
Access-Control-Allow-Credentials
Access-Control-Allow-Headers
Access-Control-Allow-Methods
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Access-Control-Max-Age
Access-Control-Request-Headers
Access-Control-Request-Method
Age
Allow
Alt-Svc
Authorization
Cache-Control
Clear-Site-Data
Connection
Content-Disposition
Content-Encoding
Content-Language
Content-Length
Content-Location
Content-Range
Content-Security-Policy
Content-Security-Policy-Report-Only
Content-Type
Cookie
Cookie2
Cross-Origin-Embedder-Policy
Cross-Origin-Opener-Policy
Cross-Origin-Resource-Policy
DNT
DPR
Date
Device-Memory
Digest
ETag
Early-Data
Expect
Expect-CT
Expires
Feature-Policy
Forwarded
From
Host
If-Match
If-Modified-Since
If-None-Match
If-Range
If-Unmodified-Since
索引
Keep-Alive
Large-Allocation
Last-Modified
Link
Location
NEL
Origin
Pragma
Proxy-Authenticate
Proxy-Authorization
Public-Key-Pins
Public-Key-Pins-Report-Only
Range
Referer
Referrer-Policy
Retry-After
Save-Data
Sec-Fetch-Dest
Sec-Fetch-Mode
Sec-Fetch-Site
Sec-Fetch-User
Sec-WebSocket-Accept
Server
Server-Timing
Set-Cookie
Set-Cookie2
SourceMap
Strict-Transport-Security
TE
Timing-Allow-Origin
Tk
Trailer
Transfer-Encoding
Upgrade-Insecure-Requests
User-Agent
Vary
Via
WWW-Authenticate
Want-Digest
警告
X-Content-Type-Options
X-DNS-Prefetch-Control
X-Forwarded-For
X-Forwarded-Host
X-Forwarded-Proto
X-Frame-Options
X-XSS-Protection
100 Continue
101 Switching Protocols
103 Early Hints
200 OK
201 Created
202 Accepted
203 Non-Authoritative Information
204 No Content
205 Reset Content
206 Partial Content
300 Multiple Choices
301 Moved Permanently
302 Found
303 See Other
304 Not Modified
307 Temporary Redirect
308 Permanent Redirect
400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Payload Too Large
414 URI Too Long
415 Unsupported Media Type
416 Range Not Satisfiable
417 Expectation Failed
418 I'm a teapot
422 Unprocessable Entity
425 Too Early
426 Upgrade Required
428 Precondition Required
429 Too Many Requests
431 Request Header Fields Too Large
451 Unavailable For Legal Reasons
500 Internal Server Error
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
505 HTTP Version Not Supported
506 Variant Also Negotiates
507 Insufficient Storage
508 Loop Detected
510 Not Extended
511 Network Authentication Required
CSP: base-uri
CSP: block-all-mixed-content
CSP: child-src
CSP: connect-src
CSP: default-src
CSP: font-src
CSP: form-action
CSP: frame-ancestors
CSP: frame-src
CSP: img-src
CSP: manifest-src
CSP: media-src
CSP: navigate-to
CSP: object-src
CSP: plugin-types
CSP: prefetch-src
CSP: referrer
CSP: report-to
CSP: report-uri
CSP: require-sri-for
CSP: sandbox
CSP: script-src
CSP: script-src-attr
CSP: script-src-elem
CSP: style-src
CSP: style-src-attr
CSP: style-src-elem
CSP: trusted-types
CSP: upgrade-insecure-requests
CSP: worker-src