idnits 2.17.1
draft-ietf-httpbis-header-compression-09.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
** The document seems to lack an IANA Considerations section. (See Section
2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
when there are no actions for IANA.)
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== Line 1300 has weird spacing: '... as hex len...'
== Line 1301 has weird spacing: '...aligned in...'
-- The document date (July 31, 2014) is 3557 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
-- Looks like a reference, but probably isn't: '13' on line 1429
-- Looks like a reference, but probably isn't: '23' on line 1542
-- Looks like a reference, but probably isn't: '28' on line 1552
-- Looks like a reference, but probably isn't: '24' on line 1540
-- Looks like a reference, but probably isn't: '30' on line 1559
-- Looks like a reference, but probably isn't: '10' on line 1366
-- Looks like a reference, but probably isn't: '12' on line 1365
-- Looks like a reference, but probably isn't: '11' on line 1427
-- Looks like a reference, but probably isn't: '15' on line 1426
-- Looks like a reference, but probably isn't: '19' on line 1511
-- Looks like a reference, but probably isn't: '14' on line 1428
-- Looks like a reference, but probably isn't: '20' on line 1529
-- Looks like a reference, but probably isn't: '22' on line 1536
-- Looks like a reference, but probably isn't: '21' on line 1533
-- Looks like a reference, but probably isn't: '26' on line 1558
-- Looks like a reference, but probably isn't: '25' on line 1538
-- Looks like a reference, but probably isn't: '27' on line 1557
== Outdated reference: A later version (-17) exists of
draft-ietf-httpbis-http2-14
** Obsolete normative reference: RFC 7230 (Obsoleted by RFC 9110, RFC 9112)
Summary: 2 errors (**), 0 flaws (~~), 4 warnings (==), 18 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 HTTPbis Working Group R. Peon
3 Internet-Draft Google, Inc
4 Intended status: Standards Track H. Ruellan
5 Expires: February 01, 2015 Canon CRF
6 July 31, 2014
8 HPACK - Header Compression for HTTP/2
9 draft-ietf-httpbis-header-compression-09
11 Abstract
13 This specification defines HPACK, a compression format for
14 efficiently representing HTTP header fields in the context of HTTP/2.
16 Editorial Note (To be removed by RFC Editor)
18 Discussion of this draft takes place on the HTTPBIS working group
19 mailing list (ietf-http-wg@w3.org), which is archived at .
22 Working Group information can be found at ; that specific to HTTP/2 are at .
25 The changes in this draft are summarized in Appendix A.1.
27 Status of This Memo
29 This Internet-Draft is submitted in full conformance with the
30 provisions of BCP 78 and BCP 79.
32 Internet-Drafts are working documents of the Internet Engineering
33 Task Force (IETF). Note that other groups may also distribute
34 working documents as Internet-Drafts. The list of current Internet-
35 Drafts is at http://datatracker.ietf.org/drafts/current/.
37 Internet-Drafts are draft documents valid for a maximum of six months
38 and may be updated, replaced, or obsoleted by other documents at any
39 time. It is inappropriate to use Internet-Drafts as reference
40 material or to cite them other than as "work in progress."
42 This Internet-Draft will expire on February 01, 2015.
44 Copyright Notice
46 Copyright (c) 2014 IETF Trust and the persons identified as the
47 document authors. All rights reserved.
49 This document is subject to BCP 78 and the IETF Trust's Legal
50 Provisions Relating to IETF Documents
51 (http://trustee.ietf.org/license-info) in effect on the date of
52 publication of this document. Please review these documents
53 carefully, as they describe your rights and restrictions with respect
54 to this document. Code Components extracted from this document must
55 include Simplified BSD License text as described in Section 4.e of
56 the Trust Legal Provisions and are provided without warranty as
57 described in the Simplified BSD License.
59 Table of Contents
61 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4
62 2. HPACK Overview . . . . . . . . . . . . . . . . . . . . . . . 4
63 2.1. Outline . . . . . . . . . . . . . . . . . . . . . . . . . 4
64 2.2. Conventions . . . . . . . . . . . . . . . . . . . . . . . 5
65 2.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5
66 3. Compression Process Overview . . . . . . . . . . . . . . . . 5
67 3.1. Header List Ordering . . . . . . . . . . . . . . . . . . 6
68 3.2. Encoding and Decoding Contexts . . . . . . . . . . . . . 6
69 3.3. Indexing Tables . . . . . . . . . . . . . . . . . . . . . 6
70 3.3.1. Static Table . . . . . . . . . . . . . . . . . . . . 7
71 3.3.2. Header Table . . . . . . . . . . . . . . . . . . . . 7
72 3.3.3. Index Address Space . . . . . . . . . . . . . . . . . 7
73 3.4. Header Field Representation . . . . . . . . . . . . . . . 8
74 4. Header Block Decoding . . . . . . . . . . . . . . . . . . . . 8
75 4.1. Header Block Processing . . . . . . . . . . . . . . . . . 8
76 4.2. Header Field Representation Processing . . . . . . . . . 9
77 5. Header Table Management . . . . . . . . . . . . . . . . . . . 9
78 5.1. Maximum Table Size . . . . . . . . . . . . . . . . . . . 9
79 5.2. Entry Eviction when Header Table Size Changes . . . . . . 10
80 5.3. Entry Eviction when Adding New Entries . . . . . . . . . 11
81 6. Primitive Type Representations . . . . . . . . . . . . . . . 11
82 6.1. Integer Representation . . . . . . . . . . . . . . . . . 11
83 6.2. String Literal Representation . . . . . . . . . . . . . . 12
84 7. Binary Format . . . . . . . . . . . . . . . . . . . . . . . . 13
85 7.1. Indexed Header Field Representation . . . . . . . . . . . 13
86 7.2. Literal Header Field Representation . . . . . . . . . . . 14
87 7.2.1. Literal Header Field with Incremental Indexing . . . 14
88 7.2.2. Literal Header Field without Indexing . . . . . . . . 15
89 7.2.3. Literal Header Field never Indexed . . . . . . . . . 16
90 7.3. Header Table Size Update . . . . . . . . . . . . . . . . 17
91 8. Security Considerations . . . . . . . . . . . . . . . . . . . 18
92 8.1. Probing Header Table State . . . . . . . . . . . . . . . 18
93 8.1.1. Applicability to HPACK and HTTP . . . . . . . . . . . 19
94 8.1.2. Mitigation . . . . . . . . . . . . . . . . . . . . . 19
95 8.1.3. Never Indexed Literals . . . . . . . . . . . . . . . 20
96 8.2. Static Huffman Encoding . . . . . . . . . . . . . . . . . 20
97 8.3. Memory Consumption . . . . . . . . . . . . . . . . . . . 20
98 8.4. Implementation Limits . . . . . . . . . . . . . . . . . . 21
99 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 21
100 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 21
101 10.1. Normative References . . . . . . . . . . . . . . . . . . 21
102 10.2. Informative References . . . . . . . . . . . . . . . . . 22
103 Appendix A. Change Log (to be removed by RFC Editor before
104 publication) . . . . . . . . . . . . . . . . . . . . 23
105 A.1. Since draft-ietf-httpbis-header-compression-08 . . . . . 23
106 A.2. Since draft-ietf-httpbis-header-compression-07 . . . . . 23
107 A.3. Since draft-ietf-httpbis-header-compression-06 . . . . . 24
108 A.4. Since draft-ietf-httpbis-header-compression-05 . . . . . 24
109 A.5. Since draft-ietf-httpbis-header-compression-04 . . . . . 24
110 A.6. Since draft-ietf-httpbis-header-compression-03 . . . . . 25
111 A.7. Since draft-ietf-httpbis-header-compression-02 . . . . . 25
112 A.8. Since draft-ietf-httpbis-header-compression-01 . . . . . 25
113 A.9. Since draft-ietf-httpbis-header-compression-00 . . . . . 25
114 Appendix B. Static Table Definition . . . . . . . . . . . . . . 26
115 Appendix C. Huffman Code . . . . . . . . . . . . . . . . . . . . 28
116 Appendix D. Examples . . . . . . . . . . . . . . . . . . . . . . 34
117 D.1. Integer Representation Examples . . . . . . . . . . . . . 34
118 D.1.1. Example 1: Encoding 10 Using a 5-bit Prefix . . . . . 34
119 D.1.2. Example 2: Encoding 1337 Using a 5-bit Prefix . . . . 34
120 D.1.3. Example 3: Encoding 42 Starting at an Octet Boundary 35
121 D.2. Header Field Representation Examples . . . . . . . . . . 35
122 D.2.1. Literal Header Field with Indexing . . . . . . . . . 35
123 D.2.2. Literal Header Field without Indexing . . . . . . . . 36
124 D.2.3. Literal Header Field never Indexed . . . . . . . . . 37
125 D.2.4. Indexed Header Field . . . . . . . . . . . . . . . . 38
126 D.3. Request Examples without Huffman Coding . . . . . . . . . 38
127 D.3.1. First Request . . . . . . . . . . . . . . . . . . . . 38
128 D.3.2. Second Request . . . . . . . . . . . . . . . . . . . 39
129 D.3.3. Third Request . . . . . . . . . . . . . . . . . . . . 41
130 D.4. Request Examples with Huffman Coding . . . . . . . . . . 42
131 D.4.1. First Request . . . . . . . . . . . . . . . . . . . . 42
132 D.4.2. Second Request . . . . . . . . . . . . . . . . . . . 43
133 D.4.3. Third Request . . . . . . . . . . . . . . . . . . . . 44
134 D.5. Response Examples without Huffman Coding . . . . . . . . 46
135 D.5.1. First Response . . . . . . . . . . . . . . . . . . . 46
136 D.5.2. Second Response . . . . . . . . . . . . . . . . . . . 48
137 D.5.3. Third Response . . . . . . . . . . . . . . . . . . . 49
138 D.6. Response Examples with Huffman Coding . . . . . . . . . . 51
139 D.6.1. First Response . . . . . . . . . . . . . . . . . . . 51
140 D.6.2. Second Response . . . . . . . . . . . . . . . . . . . 53
141 D.6.3. Third Response . . . . . . . . . . . . . . . . . . . 54
143 1. Introduction
145 This specification defines HPACK, a compression format for
146 efficiently representing HTTP header fields in the context of HTTP/2
147 [HTTP2].
149 2. HPACK Overview
151 In HTTP/1.1 (see [RFC7230]), header fields are encoded without any
152 form of compression. As web pages have grown to include dozens to
153 hundreds of requests, the redundant header fields in these requests
154 now measurably increase latency and unnecessarily consume bandwidth
155 (see [SPDY-DESC-1] and [SPDY-DESC-2]).
157 SPDY [SPDY] initially addressed this redundancy by compressing header
158 fields using the DEFLATE [DEFLATE] format, which proved very
159 effective at efficiently representing the redundant header fields.
160 However, that approach exposed a security risk as demonstrated by the
161 CRIME attack (see [CRIME]).
163 This document describes HPACK, a new compressor for header fields
164 which eliminates redundant header fields, limits vulnerability to
165 known security attacks, and which has a bounded memory requirement
166 for use in constrained environments.
168 2.1. Outline
170 The HTTP header field encoding defined in this document is based on a
171 header table that maps name-value pairs to index values. The header
172 table is incrementally updated as new values are encoded or decoded.
174 A list of header fields is treated as an ordered collection of name-
175 value pairs that can include duplicates. Names and values are
176 considered to be opaque sequences of octets. The order of header
177 fields is preserved after being compressed and decompressed.
179 In the encoded form, a header field is represented either literally
180 or as a reference to a name-value pair in a header table. A list of
181 header fields can therefore be encoded using a mixture of references
182 and literal values.
184 The encoder is responsible for deciding which header fields to insert
185 as new entries in the header table. The decoder executes the
186 modifications to the header table prescribed by the encoder,
187 reconstructing the list of header fields in the process. This
188 enables decoders to remain simple and understand a wide variety of
189 encoders.
191 Examples illustrating the use of these different mechanisms to
192 represent header fields are available in Appendix D.
194 2.2. Conventions
196 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
197 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
198 document are to be interpreted as described in RFC 2119 [RFC2119].
200 All numeric values are in network byte order. Values are unsigned
201 unless otherwise indicated. Literal values are provided in decimal
202 or hexadecimal as appropriate. Hexadecimal literals are prefixed
203 with "0x" to distinguish them from decimal literals.
205 2.3. Terminology
207 This document uses the following terms:
209 Header Field: A name-value pair. Both the name and value are
210 treated as opaque sequences of octets.
212 Header Table: The header table (see Section 3.3.2) is used to
213 associate stored header fields to index values. This table is
214 dynamic and specific to an encoding or decoding context.
216 Static Table: The static table (see Section 3.3.1) is used to
217 associate static header fields to index values. This table is
218 ordered, read-only, always accessible, and may be shared amongst
219 all encoding or decoding contexts.
221 Header List: A header list is an ordered collection of header fields
222 that are encoded jointly. It can contain duplicate header fields.
223 A complete list of key-value pairs contained in a HTTP request or
224 response is a header list.
226 Header Field Representation: A header field can be represented in
227 encoded form either as a literal or as an index (see Section 3.4).
229 Header Block: An ordered list of header field representations which,
230 when decoded, yields a complete header list.
232 3. Compression Process Overview
234 This specification does not describe a specific algorithm for an
235 encoder. Instead, it defines precisely how a decoder is expected to
236 operate, allowing encoders to produce any encoding that this
237 definition permits.
239 3.1. Header List Ordering
241 The compression and decompression process preserve the ordering of
242 header fields inside the header list. An encoder SHOULD order header
243 field representations in the header block according to their ordering
244 in the original header list. A decoder SHOULD order header fields in
245 the decoded header list according to their ordering in the header
246 block.
248 In particular, representations for pseudo-header fields (see
249 Section 8.1.2.1 of [HTTP2]) MUST appear before representations for
250 regular header fields in a header block. In a decoded header list,
251 pseudo-header fields MUST appear before regular header fields.
253 3.2. Encoding and Decoding Contexts
255 To decompress header blocks, a decoder only needs to maintain a
256 header table (see Section 3.3.2) as a decoding context. No other
257 state information is needed.
259 An encoder that wishes to reference entries in the header table needs
260 to maintain a copy of the header table used by the decoder.
262 When used for bidirectional communication, such as in HTTP, the
263 encoding and decoding header tables maintained by an endpoint are
264 completely independent. Header fields are encoded without any
265 reference to the local decoding header table; and header fields are
266 decoded without reference to the local encoding header table.
268 3.3. Indexing Tables
270 HPACK uses two tables for associating header fields to indexes. The
271 static table (see Section 3.3.1) is predefined and contains common
272 header fields (most of them with an empty value). The header table
273 (see Section 3.3.2) is dynamic and can be used by the encoder to
274 index header fields repeated in the encoded header lists.
276 These two tables are combined into a single address space for
277 defining index values (see Section 3.3.3).
279 3.3.1. Static Table
281 The static table consists of a predefined static list of header
282 fields. Its entries are defined in Appendix B.
284 3.3.2. Header Table
286 The header table consists of a list of header fields maintained in
287 first-in, first-out order. The first and newest entry in a header
288 table is always at index 1, and the oldest entry of a header table is
289 at the index corresponding to the number of entries in the header
290 table.
292 The header table is initially empty.
294 The header table can contain duplicate entries. Therefore, duplicate
295 entries MUST NOT be treated as an error by a decoder.
297 The encoder decides how to update the header table and as such can
298 control how much memory is used by the header table. To limit the
299 memory requirements of the decoder, the header table size is strictly
300 bounded (see Section 5.1).
302 The header table is updated during the processing of a list of header
303 field representations (see Section 4.2).
305 3.3.3. Index Address Space
307 The static table and the header table are combined into a single
308 index address space.
310 Indices between 1 and the length of the static table (inclusive)
311 refer to elements in the static table (see Section 3.3.1).
313 Indices strictly greater than the length of the static table refer to
314 elements in the header table (see Section 3.3.2). The length of the
315 static table is subtracted to find the index into the header table.
317 Indices strictly greater than the sum of the lengths of both tables
318 MUST be treated as a decoding error.
320 For a static table size of s and a header table size of k, the
321 following diagram shows the entire valid index address space.
323 <---------- Index Address Space ---------->
324 <-- Static Table --> <-- Header Table -->
325 +---+-----------+---+ +---+-----------+---+
326 | 1 | ... | s | |s+1| ... |s+k|
327 +---+-----------+---+ +---+-----------+---+
328 ^ |
329 | V
330 Insertion Point Dropping Point
332 Index Address Space
334 3.4. Header Field Representation
336 An encoded header field can be represented either as a literal or as
337 an index.
339 A literal representation defines a header field by specifying its
340 name and value. The header field name can be represented literally
341 or as a reference to an entry in either the static table or the
342 header table. The header field value is represented literally.
344 Three different literal representations are provided:
346 o A literal representation that does not add the header field to the
347 header table (see Section 7.2.2).
349 o A literal representation that does not add the header field to the
350 header table, with the additional stipulation that this header
351 field always use a literal representation, in particular when re-
352 encoded by an intermediary (see Section 7.2.3).
354 o A literal representation that adds the header field as a new entry
355 at the beginning of the header table (see Section 7.2.1).
357 An indexed representation defines a header field as a reference to an
358 entry in either the static table or the header table (see
359 Section 7.1).
361 4. Header Block Decoding
363 4.1. Header Block Processing
365 A decoder processes an encoded header block sequentially to
366 reconstruct the original header list.
368 Once a header field is decoded and added to the reconstructed header
369 list, it cannot be removed from it. A header field added to the
370 header list can be safely passed to the upper processing layer.
372 By passing decoded header fields to the upper processing layer, a
373 decoder can be implemented with minimal transitory memory commitment
374 in addition to the header table. The management of memory for
375 handling very large lists of header fields can therefore be deferred
376 to the upper processing layers.
378 4.2. Header Field Representation Processing
380 The processing of a header block to obtain a header list is defined
381 in this section. To ensure that the decoding will successfully
382 produce a header list, a decoder MUST obey the following rules.
384 All the header field representations contained in a header block are
385 processed in the order in which they appear, as specified below.
386 Details on the formatting of the various header field
387 representations, and some additional processing instructions are
388 found in Section 7.
390 An _indexed representation_ entails the following actions:
392 o The header field corresponding to the referenced entry in either
393 the static table or header table is added to the decoded header
394 list.
396 A _literal representation_ that is _not added_ to the header table
397 entails the following action:
399 o The header field is added to the decoded header list.
401 A _literal representation_ that is _added_ to the header table
402 entails the following actions:
404 o The header field is added to the decoded header list.
406 o The header field is inserted at the beginning of the header table.
408 5. Header Table Management
410 5.1. Maximum Table Size
412 To limit the memory requirements on the decoder side, the header
413 table is constrained in size.
415 The size of the header table is bounded by a maximum size defined by
416 the encoder. The size of the header table MUST always be lower than
417 or equal to this maximum size.
419 By default, the maximum size of the header table is equal to the
420 value of the HTTP/2 setting parameter SETTINGS_HEADER_TABLE_SIZE
421 defined by the decoder (see Section 6.5.2 of [HTTP2]). The encoder
422 can change this maximum size (see Section 7.3), but it MUST stay
423 lower than or equal to the value of SETTINGS_HEADER_TABLE_SIZE.
425 After applying an updated value of the SETTINGS_HEADER_TABLE_SIZE
426 parameter that changes the maximum size of the header table used by
427 the encoder, the encoder MUST signal this change via an encoding
428 context update (see Section 7.3). This encoding context update MUST
429 occur at the beginning of the first header block following the
430 SETTINGS frame sent to acknowledge the application of the updated
431 settings (see Section 6.5.3 of [HTTP2]).
433 Several updates to the value of the SETTINGS_HEADER_TABLE_SIZE
434 parameter can occur between the sending of two header blocks. In the
435 case that the value of this parameter is changed more that once, if
436 one of its value is smaller than the new maximum size, the smallest
437 value for the parameter MUST be sent before the new maximum size,
438 using two encoding context updates. This ensures that the decoder is
439 able to perform eviction based on the decoder table size (see
440 Section 5.2).
442 This mechanism can be used with a SETTINGS_HEADER_TABLE_SIZE
443 parameter value of 0 to completely clear entries from the header
444 table.
446 The size of the header table is the sum of the size of its entries.
448 The size of an entry is the sum of its name's length in octets (as
449 defined in Section 6.2), its value's length in octets (see
450 Section 6.2), plus 32.
452 The size of an entry is calculated using the length of the name and
453 value without any Huffman encoding applied.
455 The additional 32 octets account for the overhead associated with an
456 entry. For example, an entry structure using two 64-bit pointers to
457 reference the name and the value of the entry, and two 64-bit
458 integers for counting the number of references to the name and value
459 would have 32 octets of overhead.
461 5.2. Entry Eviction when Header Table Size Changes
463 Whenever the maximum size for the header table is reduced, entries
464 are evicted from the end of the header table until the size of the
465 header table is less than or equal to the maximum size.
467 5.3. Entry Eviction when Adding New Entries
469 Whenever a new entry is to be added to the header table, entries are
470 evicted from the end of the header table until the size of the header
471 table is less than or equal to (maximum size - new entry size), or
472 until the table is empty.
474 If the representation of the added entry references the name of an
475 entry in the header table, the referenced name is cached prior to
476 performing eviction to avoid having the name inadvertently evicted.
478 If the size of the new entry is less than or equal to the maximum
479 size, that entry is added to the table. It is not an error to
480 attempt to add an entry that is larger than the maximum size; an
481 attempt to add an entry larger than the entire table causes the table
482 to be emptied of all existing entries.
484 6. Primitive Type Representations
486 HPACK encoding uses two primitive types: unsigned variable length
487 integers, and strings of octets.
489 6.1. Integer Representation
491 Integers are used to represent name indexes, pair indexes or string
492 lengths. To allow for optimized processing, an integer
493 representation always finishes at the end of an octet.
495 An integer is represented in two parts: a prefix that fills the
496 current octet and an optional list of octets that are used if the
497 integer value does not fit within the prefix. The number of bits of
498 the prefix (called N) is a parameter of the integer representation.
500 The N-bit prefix allows filling the current octet. If the value is
501 small enough (strictly less than 2^N-1), it is encoded within the
502 N-bit prefix. Otherwise all the bits of the prefix are set to 1 and
503 the value is encoded using an unsigned variable length integer
504 representation (see ). N is always between 1 and 8 bits. An integer
506 starting at an octet-boundary will have an 8-bit prefix.
508 The algorithm to represent an integer I is as follows:
510 if I < 2^N - 1, encode I on N bits
511 else
512 encode (2^N - 1) on N bits
513 I = I - (2^N - 1)
514 while I >= 128
515 encode (I % 128 + 128) on 8 bits
516 I = I / 128
517 encode I on 8 bits
519 For informational purpose, the algorithm to decode an integer I is as
520 follows:
522 decode I from the next N bits
523 if I < 2^N - 1, return I
524 else
525 M = 0
526 repeat
527 B = next octet
528 I = I + (B & 127) * 2^M
529 M = M + 7
530 while B & 128 == 128
531 return I
533 Examples illustrating the encoding of integers are available in
534 Appendix D.1.
536 This integer representation allows for values of indefinite size. It
537 is also possible for an encoder to send a large number of zero
538 values, which can waste octets and could be used to overflow integer
539 values. Excessively large integer encodings - in value or octet
540 length - MUST be treated as a decoding error. Different limits can
541 be set for each of the different uses of integers, based on
542 implementation constraints.
544 6.2. String Literal Representation
546 Header field names and header field values can be represented as
547 literal string. A literal string is encoded as a sequence of octets,
548 either by directly encoding the literal string's octets, or by using
549 a Huffman code (see [HUFFMAN]).
551 0 1 2 3 4 5 6 7
552 +---+---+---+---+---+---+---+---+
553 | H | String Length (7+) |
554 +---+---------------------------+
555 | String Data (Length octets) |
556 +-------------------------------+
558 String Literal Representation
560 A literal string representation contains the following fields:
562 H: A one bit flag, H, indicating whether or not the octets of the
563 string are Huffman encoded.
565 String Length: The number of octets used to encode the string
566 literal, encoded as an integer with 7-bit prefix (see
567 Section 6.1).
569 String Data: The encoded data of the string literal. If H is '0',
570 then the encoded data is the raw octets of the string literal. If
571 H is '1', then the encoded data is the Huffman encoding of the
572 string literal.
574 String literals which use Huffman encoding are encoded with the
575 Huffman code defined in Appendix C (see examples for requests in
576 Appendix D.4 and for responses in Appendix D.6). The encoded data is
577 the bitwise concatenation of the codes corresponding to each octet of
578 the string literal.
580 As the Huffman encoded data doesn't always end at an octet boundary,
581 some padding is inserted after it, up to the next octet boundary. To
582 prevent this padding to be misinterpreted as part of the string
583 literal, the most significant bits of the code corresponding to the
584 EOS (end-of-string) symbol are used.
586 Upon decoding, an incomplete code at the end of the encoded data is
587 to be considered as padding and discarded. A padding strictly longer
588 than 7 bits MUST be treated as a decoding error. A padding not
589 corresponding to the most significant bits of the code for the EOS
590 symbol MUST be treated as a decoding error. A Huffman encoded string
591 literal containing the EOS symbol MUST be treated as a decoding
592 error.
594 7. Binary Format
596 This section describes the detailed format of each of the different
597 header field representations, plus the encoding context update
598 instruction.
600 7.1. Indexed Header Field Representation
602 An indexed header field representation identifies an entry in either
603 the static table or the header table (see Section 3.3).
605 An indexed header field representation causes a header field to be
606 added to the decoded header list, as described in Section 4.2.
608 0 1 2 3 4 5 6 7
609 +---+---+---+---+---+---+---+---+
610 | 1 | Index (7+) |
611 +---+---------------------------+
613 Indexed Header Field
615 An indexed header field starts with the '1' 1-bit pattern, followed
616 by the index of the matching pair, represented as an integer with a
617 7-bit prefix (see Section 6.1).
619 The index value of 0 is not used. It MUST be treated as a decoding
620 error if found in an indexed header field representation.
622 7.2. Literal Header Field Representation
624 A literal header field representation contains a literal header field
625 value. Header field names are either provided as a literal or by
626 reference to an existing table entry, either from the static table or
627 the header table (see Section 3.3).
629 A literal representation causes a header field to be added to the
630 decoded header list, as described in Section 4.2.
632 7.2.1. Literal Header Field with Incremental Indexing
634 A literal header field with incremental indexing representation
635 results in adding a header field to the decoded header list and
636 inserting it as a new entry into the header table.
638 0 1 2 3 4 5 6 7
639 +---+---+---+---+---+---+---+---+
640 | 0 | 1 | Index (6+) |
641 +---+---+-----------------------+
642 | H | Value Length (7+) |
643 +---+---------------------------+
644 | Value String (Length octets) |
645 +-------------------------------+
647 Literal Header Field with Incremental Indexing - Indexed Name
649 0 1 2 3 4 5 6 7
650 +---+---+---+---+---+---+---+---+
651 | 0 | 1 | 0 |
652 +---+---+-----------------------+
653 | H | Name Length (7+) |
654 +---+---------------------------+
655 | Name String (Length octets) |
656 +---+---------------------------+
657 | H | Value Length (7+) |
658 +---+---------------------------+
659 | Value String (Length octets) |
660 +-------------------------------+
662 Literal Header Field with Incremental Indexing - New Name
664 A literal header field with incremental indexing representation
665 starts with the '01' 2-bit pattern.
667 If the header field name matches the header field name of an entry
668 stored in the static table or the header table, the header field name
669 can be represented using the index of that entry. In this case, the
670 index of the entry is represented as an integer with a 6-bit prefix
671 (see Section 6.1). This value is always non-zero.
673 Otherwise, the header field name is represented as a literal string
674 (see Section 6.2). A value 0 is used in place of the 6-bit index,
675 followed by the header field name.
677 Either form of header field name representation is followed by the
678 header field value represented as a literal string (see Section 6.2).
680 7.2.2. Literal Header Field without Indexing
682 A literal header field without indexing representation results in
683 adding a header field to the decoded header list without altering the
684 header table.
686 0 1 2 3 4 5 6 7
687 +---+---+---+---+---+---+---+---+
688 | 0 | 0 | 0 | 0 | Index (4+) |
689 +---+---+-----------------------+
690 | H | Value Length (7+) |
691 +---+---------------------------+
692 | Value String (Length octets) |
693 +-------------------------------+
695 Literal Header Field without Indexing - Indexed Name
697 0 1 2 3 4 5 6 7
698 +---+---+---+---+---+---+---+---+
699 | 0 | 0 | 0 | 0 | 0 |
700 +---+---+-----------------------+
701 | H | Name Length (7+) |
702 +---+---------------------------+
703 | Name String (Length octets) |
704 +---+---------------------------+
705 | H | Value Length (7+) |
706 +---+---------------------------+
707 | Value String (Length octets) |
708 +-------------------------------+
710 Literal Header Field without Indexing - New Name
712 A literal header field without indexing representation starts with
713 the '0000' 4-bit pattern.
715 If the header field name matches the header field name of an entry
716 stored in the static table or the header table, the header field name
717 can be represented using the index of that entry. In this case, the
718 index of the entry is represented as an integer with a 4-bit prefix
719 (see Section 6.1). This value is always non-zero.
721 Otherwise, the header field name is represented as a literal string
722 (see Section 6.2). A value 0 is used in place of the 4-bit index,
723 followed by the header field name.
725 Either form of header field name representation is followed by the
726 header field value represented as a literal string (see Section 6.2).
728 7.2.3. Literal Header Field never Indexed
730 A literal header field never indexed representation results in adding
731 a header field to the decoded header list without altering the header
732 table. Intermediaries MUST use the same representation for encoding
733 this header field.
735 0 1 2 3 4 5 6 7
736 +---+---+---+---+---+---+---+---+
737 | 0 | 0 | 0 | 1 | Index (4+) |
738 +---+---+-----------------------+
739 | H | Value Length (7+) |
740 +---+---------------------------+
741 | Value String (Length octets) |
742 +-------------------------------+
744 Literal Header Field never Indexed - Indexed Name
746 0 1 2 3 4 5 6 7
747 +---+---+---+---+---+---+---+---+
748 | 0 | 0 | 0 | 1 | 0 |
749 +---+---+-----------------------+
750 | H | Name Length (7+) |
751 +---+---------------------------+
752 | Name String (Length octets) |
753 +---+---------------------------+
754 | H | Value Length (7+) |
755 +---+---------------------------+
756 | Value String (Length octets) |
757 +-------------------------------+
759 Literal Header Field never Indexed - New Name
761 A literal header field never indexed representation starts with the
762 '0001' 4-bit pattern.
764 When a header field is represented as a literal header field never
765 indexed, it MUST always be encoded with this specific literal
766 representation. In particular, when a peer sends a header field that
767 it received represented as a literal header field never indexed, it
768 MUST use the same representation to forward this header field.
770 This representation is intended for protecting header field values
771 that are not to be put at risk by compressing them (see Section 8.1
772 for more details).
774 The encoding of the representation is identical to the literal header
775 field without indexing (see Section 7.2.2).
777 7.3. Header Table Size Update
779 A header table size update signals a change to the size of the header
780 table.
782 0 1 2 3 4 5 6 7
783 +---+---+---+---+---+---+---+---+
784 | 0 | 0 | 1 | Max size (5+) |
785 +---+---------------------------+
787 Maximum Header Table Size Change
789 A header table size update starts with the '001' 3-bit pattern,
790 followed by the new maximum size, represented as an integer with a
791 5-bit prefix (see Section 6.1).
793 The new maximum size MUST be lower than or equal to the last value of
794 the SETTINGS_HEADER_TABLE_SIZE parameter (see Section 6.5.2 of
795 [HTTP2]) received from the decoder and acknowledged by the encoder
796 (see Section 6.5.3 of [HTTP2]).
798 Reducing the maximum size of the header table can cause entries to be
799 evicted (see Section 5.2).
801 8. Security Considerations
803 This section describes potential areas of security concern with
804 HPACK:
806 o Use of compression as a length-based oracle for verifying guesses
807 about secrets that are compressed into a shared compression
808 context.
810 o Denial of service resulting from exhausting processing or memory
811 capacity at a decoder.
813 8.1. Probing Header Table State
815 HPACK reduces the length of header field encodings by exploiting the
816 redundancy inherent in protocols like HTTP. The ultimate goal of
817 this is to reduce the amount of data that is required to send HTTP
818 requests or responses.
820 The compression context used to encode header fields can be probed by
821 an attacker that has the following capabilities: to define header
822 fields to be encoded and transmitted; and to observe the length of
823 those fields once they are encoded. This allows an attacker to
824 adaptively modify requests in order to confirm guesses about the
825 header table state. If a guess is compressed into a shorter length,
826 the attacker can observe the encoded length and infer that the guess
827 was correct.
829 This is possible because while TLS provides confidentiality
830 protection for content, it only provides a limited amount of
831 protection for the length of that content.
833 Note: Padding schemes only provide limited protection against an
834 attacker with these capabilities, potentially only forcing an
835 increased number of guesses to learn the length associated with a
836 given guess. Padding schemes also work directly against
837 compression by increasing the number of bits that are transmitted.
839 Attacks like CRIME [CRIME] demonstrated the existence of these
840 general attacker capabilities. The specific attack exploited the
841 fact that DEFLATE [DEFLATE] removes redundancy based on prefix
842 matching. This permitted the attacker to confirm guesses a character
843 at a time, reducing an exponential-time attack into a linear-time
844 attack.
846 8.1.1. Applicability to HPACK and HTTP
848 HPACK mitigates but does not completely prevent attacks modelled on
849 CRIME [CRIME] by forcing a guess to match an entire header field
850 value, rather than individual characters. An attacker can only learn
851 whether a guess is correct or not, so is reduced to a brute force
852 guess for the header field values.
854 The viability of recovering specific header field values therefore
855 depends on the entropy of values. As a result, values with high
856 entropy are unlikely to be recovered successfully. However, values
857 with low entropy remain vulnerable.
859 Attacks of this nature are possible any time that two mutually
860 distrustful entities control requests or responses that are placed
861 onto a single HTTP/2 connection. If the shared HPACK compressor
862 permits one entity to add entries to the header table, and the other
863 to access those entries, then the state of the table can be learned.
865 Having requests or responses from mutually distrustful entities
866 occurs when an intermediary either:
868 o sends requests from multiple clients on a single connection toward
869 an origin server, or
871 o takes responses from multiple origin servers and places them on a
872 shared connection toward a client.
874 Web browsers also need to assume that requests made on the same
875 connection by different web origins [ORIGIN] are made by mutually
876 distrustful entities.
878 8.1.2. Mitigation
880 Users of HTTP that require confidentiality for header fields can use
881 values with entropy sufficient to make guessing infeasible. However,
882 this is impractical as a general solution because it forces all users
883 of HTTP to take steps to mitigate attacks. It would impose new
884 constraints on how HTTP is used.
886 Rather than impose constraints on users of HTTP, an implementation of
887 HPACK can instead constrain how compression is applied in order to
888 limit the potential for header table probing.
890 An ideal solution segregates access to the header table based on the
891 entity that is constructing header fields. Header field values that
892 are added to the table are attributed to an entity, and only the
893 entity that created an particular value can extract that value.
895 To improve compression performance of this option, certain entries
896 might be tagged as being public. For example, a web browser might
897 make the values of the Accept-Encoding header field available in all
898 requests.
900 An encoder without good knowledge of the provenance of header fields
901 might instead introduce a penalty for bad guesses, such that attempts
902 to guess a header field value results in all values being removed
903 from consideration in all future requests, effectively preventing
904 further guesses.
906 Note: Simply removing values from the header table can be
907 ineffectual if the attacker has a reliable way of causing values
908 to be reinstalled. For example, a request to load an image in a
909 web browser typically includes the Cookie header field (a
910 potentially highly valued target for this sort of attack), and web
911 sites can easily force an image to be loaded, thereby refreshing
912 the entry in the header table.
914 This response might be made inversely proportional to the length of
915 the header field. Marking as inaccessible might occur for shorter
916 values more quickly or with higher probability than for longer
917 values.
919 Implementations might also choose to protect certain header fields
920 that are known to be highly valued, such as the Authorization or
921 Cookie header fields, by disabling or further limiting compression.
923 8.1.3. Never Indexed Literals
925 Refusing to generate an indexed representation for a header field is
926 only effective if compression is avoided on all hops. The never
927 indexed literal (see Section 7.2.3) can be used to signal to
928 intermediaries that a particular value was intentionally sent as a
929 literal. An intermediary MUST NOT re-encode a value that uses the
930 never indexed literal with a representation that would index it.
932 8.2. Static Huffman Encoding
934 There is currently no known threat taking advantage of the use of a
935 fixed Huffman encoding. A study has shown that using a fixed Huffman
936 encoding table created an information leakage, however this same
937 study concluded that an attacker could not take advantage of this
938 information leakage to recover any meaningful amount of information
939 (see [PETAL]).
941 8.3. Memory Consumption
942 An attacker can try to cause an endpoint to exhaust its memory.
943 HPACK is designed to limit both the peak and state amounts of memory
944 allocated by an endpoint.
946 The amount of memory used by the compressor state is limited by the
947 decoder using the value of the HTTP/2 setting parameter
948 SETTINGS_HEADER_TABLE_SIZE (see Section 6.5.2 of [HTTP2]). This
949 limit takes into account both the size of the data stored in the
950 header table, plus a small allowance for overhead.
952 A decoder can limit the amount of state memory used by setting an
953 appropriate value for the SETTINGS_HEADER_TABLE_SIZE parameter. An
954 encoder can limit the amount of state memory it uses by signalling
955 lower header table size than the decoder allows (see Section 7.3).
957 The amount of temporary memory consumed by an encoder or decoder can
958 be limited by processing header fields sequentially. An
959 implementation does not need to retain a complete list of header
960 fields. Note however that it might be necessary for an application
961 to retain a complete header list for other reasons; even though HPACK
962 does not force this to occur, application constraints might make this
963 necessary.
965 8.4. Implementation Limits
967 An implementation of HPACK needs to ensure that large values for
968 integers, long encoding for integers, or long string literals do not
969 create security weaknesses.
971 An implementation has to set a limit for the values it accepts for
972 integers, as well as for the encoded length (see Section 6.1). In
973 the same way, it has to set a limit to the length it accepts for
974 string literals (see Section 6.2).
976 9. Acknowledgements
978 This document includes substantial input from the following
979 individuals:
981 o Mike Bishop, Jeff Pinner, Julian Reschke, Martin Thomson
982 (substantial editorial contributions).
984 o Johnny Graettinger (Huffman code statistics).
986 10. References
988 10.1. Normative References
990 [HTTP2] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext
991 Transfer Protocol version 2", draft-ietf-httpbis-http2-14
992 (work in progress), July 2014.
994 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
995 Requirement Levels ", BCP 14, RFC 2119, March 1997.
997 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
998 Protocol (HTTP/1.1): Message Syntax and Routing ", RFC
999 7230, June 2014.
1001 10.2. Informative References
1003 [CANONICAL]
1004 Schwartz, E. and B. Kallick, "Generating a canonical
1005 prefix encoding", Communications of the ACM Volume 7 Issue
1006 3, pp. 166-169, March 1964, .
1009 [CRIME] Rizzo, J. and T. Duong, "The CRIME Attack", September
1010 2012, .
1014 [DEFLATE] Deutsch, P., "DEFLATE Compressed Data Format Specification
1015 version 1.3", RFC 1951, May 1996.
1017 [HUFFMAN] Huffman, D., "A Method for the Construction of Minimum
1018 Redundancy Codes", Proceedings of the Institute of Radio
1019 Engineers Volume 40, Number 9, pp. 1098-1101, September
1020 1952, .
1023 [ORIGIN] Barth, A., "The Web Origin Concept", RFC 6454, December
1024 2011.
1026 [PETAL] Tan, J. and J. Nahata, "PETAL: Preset Encoding Table
1027 Information Leakage", April 2013, .
1030 [SPDY-DESC-1]
1031 Belshe, M., "IETF83: SPDY and What to Consider for HTTP/
1032 2.0 ", March 2012, .
1035 [SPDY-DESC-2]
1036 McManus, P., "SPDY: What I Like About You", September
1037 2011, .
1040 [SPDY] Belshe, M. and R. Peon, "SPDY Protocol", draft-mbelshe-
1041 httpbis-spdy-00 (work in progress), February 2012.
1043 Appendix A. Change Log (to be removed by RFC Editor before publication)
1045 A.1. Since draft-ietf-httpbis-header-compression-08
1047 o Removed the reference set.
1049 o Removed header emission.
1051 o Explicit handling of several SETTINGS_HEADER_TABLE_SIZE parameter
1052 changes.
1054 o Changed header set to header list, and forced ordering.
1056 o Updated examples.
1058 o Exchanged header and static table positions.
1060 A.2. Since draft-ietf-httpbis-header-compression-07
1062 o Removed old text on index value of 0.
1064 o Added clarification for signalling of maximum table size after a
1065 SETTINGS_HEADER_TABLE_SIZE update.
1067 o Rewrote security considerations.
1069 o Many editorial clarifications or improvements.
1071 o Added convention section.
1073 o Reworked document's outline.
1075 o Updated static table. Entry 16 has now "gzip, deflate" for value.
1077 o Updated Huffman table, using data set provided by Google.
1079 A.3. Since draft-ietf-httpbis-header-compression-06
1081 o Updated format to include literal headers that must never be
1082 compressed.
1084 o Updated security considerations.
1086 o Moved integer encoding examples to the appendix.
1088 o Updated Huffman table.
1090 o Updated static header table (adding and removing status values).
1092 o Updated examples.
1094 A.4. Since draft-ietf-httpbis-header-compression-05
1096 o Regenerated examples.
1098 o Only one Huffman table for requests and responses.
1100 o Added maximum size for header table, independent of
1101 SETTINGS_HEADER_TABLE_SIZE.
1103 o Added pseudo-code for integer decoding.
1105 o Improved examples (removing unnecessary removals).
1107 A.5. Since draft-ietf-httpbis-header-compression-04
1109 o Updated examples: take into account changes in the spec, and show
1110 more features.
1112 o Use 'octet' everywhere instead of having both 'byte' and 'octet'.
1114 o Added reference set emptying.
1116 o Editorial changes and clarifications.
1118 o Added "host" header to the static table.
1120 o Ordering for list of values (either NULL- or comma-separated).
1122 A.6. Since draft-ietf-httpbis-header-compression-03
1124 o A large number of editorial changes; changed the description of
1125 evicting/adding new entries.
1127 o Removed substitution indexing
1129 o Changed 'initial headers' to 'static headers', as per issue #258
1131 o Merged 'request' and 'response' static headers, as per issue #259
1133 o Changed text to indicate that new headers are added at index 0 and
1134 expire from the largest index, as per issue #233
1136 A.7. Since draft-ietf-httpbis-header-compression-02
1138 o Corrected error in integer encoding pseudocode.
1140 A.8. Since draft-ietf-httpbis-header-compression-01
1142 o Refactored of Header Encoding Section: split definitions and
1143 processing rule.
1145 o Backward incompatible change: Updated reference set management as
1146 per issue #214. This changes how the interaction between the
1147 reference set and eviction works. This also changes the working
1148 of the reference set in some specific cases.
1150 o Backward incompatible change: modified initial header list, as per
1151 issue #188.
1153 o Added example of 32 octets entry structure (issue #191).
1155 o Added Header Set Completion section. Reflowed some text.
1156 Clarified some writing which was akward. Added text about
1157 duplicate header entry encoding. Clarified some language w.r.t
1158 Header Set. Changed x-my-header to mynewheader. Added text in
1159 the HeaderEmission section indicating that the application may
1160 also be able to free up memory more quickly. Added information in
1161 Security Considerations section.
1163 A.9. Since draft-ietf-httpbis-header-compression-00
1165 Fixed bug/omission in integer representation algorithm.
1167 Changed the document title.
1169 Header matching text rewritten.
1171 Changed the definition of header emission.
1173 Changed the name of the setting which dictates how much memory the
1174 compression context should use.
1176 Removed "specific use cases" section
1178 Corrected erroneous statement about what index can be contained in
1179 one octet
1181 Added descriptions of opcodes
1183 Removed security claims from introduction.
1185 Appendix B. Static Table Definition
1187 The static table (see Section 3.3.1) consists of a predefined and
1188 unchangeable list of header fields.
1190 The static table was created by listing the most common header fields
1191 that are valid for messages exchanged inside a HTTP/2 connection.
1192 For header fields with a few frequent values, an entry was added for
1193 each of these frequent values. For other header fields, an entry was
1194 added with an empty value.
1196 The following table lists the pre-defined header fields that make-up
1197 the static table.
1199 +-------+-----------------------------+---------------+
1200 | Index | Header Name | Header Value |
1201 +-------+-----------------------------+---------------+
1202 | 1 | :authority | |
1203 | 2 | :method | GET |
1204 | 3 | :method | POST |
1205 | 4 | :path | / |
1206 | 5 | :path | /index.html |
1207 | 6 | :scheme | http |
1208 | 7 | :scheme | https |
1209 | 8 | :status | 200 |
1210 | 9 | :status | 204 |
1211 | 10 | :status | 206 |
1212 | 11 | :status | 304 |
1213 | 12 | :status | 400 |
1214 | 13 | :status | 404 |
1215 | 14 | :status | 500 |
1216 | 15 | accept-charset | |
1217 | 16 | accept-encoding | gzip, deflate |
1218 | 17 | accept-language | |
1219 | 18 | accept-ranges | |
1220 | 19 | accept | |
1221 | 20 | access-control-allow-origin | |
1222 | 21 | age | |
1223 | 22 | allow | |
1224 | 23 | authorization | |
1225 | 24 | cache-control | |
1226 | 25 | content-disposition | |
1227 | 26 | content-encoding | |
1228 | 27 | content-language | |
1229 | 28 | content-length | |
1230 | 29 | content-location | |
1231 | 30 | content-range | |
1232 | 31 | content-type | |
1233 | 32 | cookie | |
1234 | 33 | date | |
1235 | 34 | etag | |
1236 | 35 | expect | |
1237 | 36 | expires | |
1238 | 37 | from | |
1239 | 38 | host | |
1240 | 39 | if-match | |
1241 | 40 | if-modified-since | |
1242 | 41 | if-none-match | |
1243 | 42 | if-range | |
1244 | 43 | if-unmodified-since | |
1245 | 44 | last-modified | |
1246 | 45 | link | |
1247 | 46 | location | |
1248 | 47 | max-forwards | |
1249 | 48 | proxy-authenticate | |
1250 | 49 | proxy-authorization | |
1251 | 50 | range | |
1252 | 51 | referer | |
1253 | 52 | refresh | |
1254 | 53 | retry-after | |
1255 | 54 | server | |
1256 | 55 | set-cookie | |
1257 | 56 | strict-transport-security | |
1258 | 57 | transfer-encoding | |
1259 | 58 | user-agent | |
1260 | 59 | vary | |
1261 | 60 | via | |
1262 | 61 | www-authenticate | |
1263 +-------+-----------------------------+---------------+
1265 Table 1: Static Table Entries
1267 Table 1 gives the index of each entry in the static table.
1269 Appendix C. Huffman Code
1271 The following Huffman code is used when encoding string literals with
1272 a Huffman coding (see Section 6.2).
1274 This Huffman code was generated from statistics obtained on a large
1275 sample of HTTP headers. It is a canonical Huffman code (see
1276 [CANONICAL]) with some tweaking to ensure that no symbol has a unique
1277 code length.
1279 Each row in the table defines the code used to represent a symbol:
1281 sym: The symbol to be represented. It is the decimal value of an
1282 octet, possibly prepended with its ASCII representation. A
1283 specific symbol, "EOS", is used to indicate the end of a string
1284 literal.
1286 code as bits: The Huffman code for the symbol represented as a
1287 base-2 integer, aligned on the most significant bit (MSB).
1289 code as hex: The Huffman code for the symbol, represented as a
1290 hexadecimal integer, aligned on the least significant bit (LSB).
1292 len: The number of bits for the code representing the symbol.
1294 As an example, the code for the symbol 47 (corresponding to the ASCII
1295 character "/") consists in the 6 bits "0", "1", "1", "0", "0", "0".
1296 This corresponds to the value 0x18 (in hexadecimal) encoded on 6
1297 bits.
1299 code
1300 code as bits as hex len
1301 sym aligned to MSB aligned in
1302 to LSB bits
1303 ( 0) |11111111|11000 1ff8 [13]
1304 ( 1) |11111111|11111111|1011000 7fffd8 [23]
1305 ( 2) |11111111|11111111|11111110|0010 fffffe2 [28]
1306 ( 3) |11111111|11111111|11111110|0011 fffffe3 [28]
1307 ( 4) |11111111|11111111|11111110|0100 fffffe4 [28]
1308 ( 5) |11111111|11111111|11111110|0101 fffffe5 [28]
1309 ( 6) |11111111|11111111|11111110|0110 fffffe6 [28]
1310 ( 7) |11111111|11111111|11111110|0111 fffffe7 [28]
1311 ( 8) |11111111|11111111|11111110|1000 fffffe8 [28]
1312 ( 9) |11111111|11111111|11101010 ffffea [24]
1313 ( 10) |11111111|11111111|11111111|111100 3ffffffc [30]
1314 ( 11) |11111111|11111111|11111110|1001 fffffe9 [28]
1315 ( 12) |11111111|11111111|11111110|1010 fffffea [28]
1316 ( 13) |11111111|11111111|11111111|111101 3ffffffd [30]
1317 ( 14) |11111111|11111111|11111110|1011 fffffeb [28]
1318 ( 15) |11111111|11111111|11111110|1100 fffffec [28]
1319 ( 16) |11111111|11111111|11111110|1101 fffffed [28]
1320 ( 17) |11111111|11111111|11111110|1110 fffffee [28]
1321 ( 18) |11111111|11111111|11111110|1111 fffffef [28]
1322 ( 19) |11111111|11111111|11111111|0000 ffffff0 [28]
1323 ( 20) |11111111|11111111|11111111|0001 ffffff1 [28]
1324 ( 21) |11111111|11111111|11111111|0010 ffffff2 [28]
1325 ( 22) |11111111|11111111|11111111|111110 3ffffffe [30]
1326 ( 23) |11111111|11111111|11111111|0011 ffffff3 [28]
1327 ( 24) |11111111|11111111|11111111|0100 ffffff4 [28]
1328 ( 25) |11111111|11111111|11111111|0101 ffffff5 [28]
1329 ( 26) |11111111|11111111|11111111|0110 ffffff6 [28]
1330 ( 27) |11111111|11111111|11111111|0111 ffffff7 [28]
1331 ( 28) |11111111|11111111|11111111|1000 ffffff8 [28]
1332 ( 29) |11111111|11111111|11111111|1001 ffffff9 [28]
1333 ( 30) |11111111|11111111|11111111|1010 ffffffa [28]
1334 ( 31) |11111111|11111111|11111111|1011 ffffffb [28]
1335 ' ' ( 32) |010100 14 [ 6]
1336 '!' ( 33) |11111110|00 3f8 [10]
1337 '"' ( 34) |11111110|01 3f9 [10]
1338 '#' ( 35) |11111111|1010 ffa [12]
1339 '$' ( 36) |11111111|11001 1ff9 [13]
1340 '%' ( 37) |010101 15 [ 6]
1341 '&' ( 38) |11111000 f8 [ 8]
1342 ''' ( 39) |11111111|010 7fa [11]
1343 '(' ( 40) |11111110|10 3fa [10]
1344 ')' ( 41) |11111110|11 3fb [10]
1345 '*' ( 42) |11111001 f9 [ 8]
1346 '+' ( 43) |11111111|011 7fb [11]
1347 ',' ( 44) |11111010 fa [ 8]
1348 '-' ( 45) |010110 16 [ 6]
1349 '.' ( 46) |010111 17 [ 6]
1350 '/' ( 47) |011000 18 [ 6]
1351 '0' ( 48) |00000 0 [ 5]
1352 '1' ( 49) |00001 1 [ 5]
1353 '2' ( 50) |00010 2 [ 5]
1354 '3' ( 51) |011001 19 [ 6]
1355 '4' ( 52) |011010 1a [ 6]
1356 '5' ( 53) |011011 1b [ 6]
1357 '6' ( 54) |011100 1c [ 6]
1358 '7' ( 55) |011101 1d [ 6]
1359 '8' ( 56) |011110 1e [ 6]
1360 '9' ( 57) |011111 1f [ 6]
1361 ':' ( 58) |1011100 5c [ 7]
1362 ';' ( 59) |11111011 fb [ 8]
1363 '<' ( 60) |11111111|1111100 7ffc [15]
1364 '=' ( 61) |100000 20 [ 6]
1365 '>' ( 62) |11111111|1011 ffb [12]
1366 '?' ( 63) |11111111|00 3fc [10]
1367 '@' ( 64) |11111111|11010 1ffa [13]
1368 'A' ( 65) |100001 21 [ 6]
1369 'B' ( 66) |1011101 5d [ 7]
1370 'C' ( 67) |1011110 5e [ 7]
1371 'D' ( 68) |1011111 5f [ 7]
1372 'E' ( 69) |1100000 60 [ 7]
1373 'F' ( 70) |1100001 61 [ 7]
1374 'G' ( 71) |1100010 62 [ 7]
1375 'H' ( 72) |1100011 63 [ 7]
1376 'I' ( 73) |1100100 64 [ 7]
1377 'J' ( 74) |1100101 65 [ 7]
1378 'K' ( 75) |1100110 66 [ 7]
1379 'L' ( 76) |1100111 67 [ 7]
1380 'M' ( 77) |1101000 68 [ 7]
1381 'N' ( 78) |1101001 69 [ 7]
1382 'O' ( 79) |1101010 6a [ 7]
1383 'P' ( 80) |1101011 6b [ 7]
1384 'Q' ( 81) |1101100 6c [ 7]
1385 'R' ( 82) |1101101 6d [ 7]
1386 'S' ( 83) |1101110 6e [ 7]
1387 'T' ( 84) |1101111 6f [ 7]
1388 'U' ( 85) |1110000 70 [ 7]
1389 'V' ( 86) |1110001 71 [ 7]
1390 'W' ( 87) |1110010 72 [ 7]
1391 'X' ( 88) |11111100 fc [ 8]
1392 'Y' ( 89) |1110011 73 [ 7]
1393 'Z' ( 90) |11111101 fd [ 8]
1394 '[' ( 91) |11111111|11011 1ffb [13]
1395 '\' ( 92) |11111111|11111110|000 7fff0 [19]
1396 ']' ( 93) |11111111|11100 1ffc [13]
1397 '^' ( 94) |11111111|111100 3ffc [14]
1398 '_' ( 95) |100010 22 [ 6]
1399 '`' ( 96) |11111111|1111101 7ffd [15]
1400 'a' ( 97) |00011 3 [ 5]
1401 'b' ( 98) |100011 23 [ 6]
1402 'c' ( 99) |00100 4 [ 5]
1403 'd' (100) |100100 24 [ 6]
1404 'e' (101) |00101 5 [ 5]
1405 'f' (102) |100101 25 [ 6]
1406 'g' (103) |100110 26 [ 6]
1407 'h' (104) |100111 27 [ 6]
1408 'i' (105) |00110 6 [ 5]
1409 'j' (106) |1110100 74 [ 7]
1410 'k' (107) |1110101 75 [ 7]
1411 'l' (108) |101000 28 [ 6]
1412 'm' (109) |101001 29 [ 6]
1413 'n' (110) |101010 2a [ 6]
1414 'o' (111) |00111 7 [ 5]
1415 'p' (112) |101011 2b [ 6]
1416 'q' (113) |1110110 76 [ 7]
1417 'r' (114) |101100 2c [ 6]
1418 's' (115) |01000 8 [ 5]
1419 't' (116) |01001 9 [ 5]
1420 'u' (117) |101101 2d [ 6]
1421 'v' (118) |1110111 77 [ 7]
1422 'w' (119) |1111000 78 [ 7]
1423 'x' (120) |1111001 79 [ 7]
1424 'y' (121) |1111010 7a [ 7]
1425 'z' (122) |1111011 7b [ 7]
1426 '{' (123) |11111111|1111110 7ffe [15]
1427 '|' (124) |11111111|100 7fc [11]
1428 '}' (125) |11111111|111101 3ffd [14]
1429 '~' (126) |11111111|11101 1ffd [13]
1430 (127) |11111111|11111111|11111111|1100 ffffffc [28]
1431 (128) |11111111|11111110|0110 fffe6 [20]
1432 (129) |11111111|11111111|010010 3fffd2 [22]
1433 (130) |11111111|11111110|0111 fffe7 [20]
1434 (131) |11111111|11111110|1000 fffe8 [20]
1435 (132) |11111111|11111111|010011 3fffd3 [22]
1436 (133) |11111111|11111111|010100 3fffd4 [22]
1437 (134) |11111111|11111111|010101 3fffd5 [22]
1438 (135) |11111111|11111111|1011001 7fffd9 [23]
1439 (136) |11111111|11111111|010110 3fffd6 [22]
1440 (137) |11111111|11111111|1011010 7fffda [23]
1441 (138) |11111111|11111111|1011011 7fffdb [23]
1442 (139) |11111111|11111111|1011100 7fffdc [23]
1443 (140) |11111111|11111111|1011101 7fffdd [23]
1444 (141) |11111111|11111111|1011110 7fffde [23]
1445 (142) |11111111|11111111|11101011 ffffeb [24]
1446 (143) |11111111|11111111|1011111 7fffdf [23]
1447 (144) |11111111|11111111|11101100 ffffec [24]
1448 (145) |11111111|11111111|11101101 ffffed [24]
1449 (146) |11111111|11111111|010111 3fffd7 [22]
1450 (147) |11111111|11111111|1100000 7fffe0 [23]
1451 (148) |11111111|11111111|11101110 ffffee [24]
1452 (149) |11111111|11111111|1100001 7fffe1 [23]
1453 (150) |11111111|11111111|1100010 7fffe2 [23]
1454 (151) |11111111|11111111|1100011 7fffe3 [23]
1455 (152) |11111111|11111111|1100100 7fffe4 [23]
1456 (153) |11111111|11111110|11100 1fffdc [21]
1457 (154) |11111111|11111111|011000 3fffd8 [22]
1458 (155) |11111111|11111111|1100101 7fffe5 [23]
1459 (156) |11111111|11111111|011001 3fffd9 [22]
1460 (157) |11111111|11111111|1100110 7fffe6 [23]
1461 (158) |11111111|11111111|1100111 7fffe7 [23]
1462 (159) |11111111|11111111|11101111 ffffef [24]
1463 (160) |11111111|11111111|011010 3fffda [22]
1464 (161) |11111111|11111110|11101 1fffdd [21]
1465 (162) |11111111|11111110|1001 fffe9 [20]
1466 (163) |11111111|11111111|011011 3fffdb [22]
1467 (164) |11111111|11111111|011100 3fffdc [22]
1468 (165) |11111111|11111111|1101000 7fffe8 [23]
1469 (166) |11111111|11111111|1101001 7fffe9 [23]
1470 (167) |11111111|11111110|11110 1fffde [21]
1471 (168) |11111111|11111111|1101010 7fffea [23]
1472 (169) |11111111|11111111|011101 3fffdd [22]
1473 (170) |11111111|11111111|011110 3fffde [22]
1474 (171) |11111111|11111111|11110000 fffff0 [24]
1475 (172) |11111111|11111110|11111 1fffdf [21]
1476 (173) |11111111|11111111|011111 3fffdf [22]
1477 (174) |11111111|11111111|1101011 7fffeb [23]
1478 (175) |11111111|11111111|1101100 7fffec [23]
1479 (176) |11111111|11111111|00000 1fffe0 [21]
1480 (177) |11111111|11111111|00001 1fffe1 [21]
1481 (178) |11111111|11111111|100000 3fffe0 [22]
1482 (179) |11111111|11111111|00010 1fffe2 [21]
1483 (180) |11111111|11111111|1101101 7fffed [23]
1484 (181) |11111111|11111111|100001 3fffe1 [22]
1485 (182) |11111111|11111111|1101110 7fffee [23]
1486 (183) |11111111|11111111|1101111 7fffef [23]
1487 (184) |11111111|11111110|1010 fffea [20]
1488 (185) |11111111|11111111|100010 3fffe2 [22]
1489 (186) |11111111|11111111|100011 3fffe3 [22]
1490 (187) |11111111|11111111|100100 3fffe4 [22]
1491 (188) |11111111|11111111|1110000 7ffff0 [23]
1492 (189) |11111111|11111111|100101 3fffe5 [22]
1493 (190) |11111111|11111111|100110 3fffe6 [22]
1494 (191) |11111111|11111111|1110001 7ffff1 [23]
1495 (192) |11111111|11111111|11111000|00 3ffffe0 [26]
1496 (193) |11111111|11111111|11111000|01 3ffffe1 [26]
1497 (194) |11111111|11111110|1011 fffeb [20]
1498 (195) |11111111|11111110|001 7fff1 [19]
1499 (196) |11111111|11111111|100111 3fffe7 [22]
1500 (197) |11111111|11111111|1110010 7ffff2 [23]
1501 (198) |11111111|11111111|101000 3fffe8 [22]
1502 (199) |11111111|11111111|11110110|0 1ffffec [25]
1503 (200) |11111111|11111111|11111000|10 3ffffe2 [26]
1504 (201) |11111111|11111111|11111000|11 3ffffe3 [26]
1505 (202) |11111111|11111111|11111001|00 3ffffe4 [26]
1506 (203) |11111111|11111111|11111011|110 7ffffde [27]
1507 (204) |11111111|11111111|11111011|111 7ffffdf [27]
1508 (205) |11111111|11111111|11111001|01 3ffffe5 [26]
1509 (206) |11111111|11111111|11110001 fffff1 [24]
1510 (207) |11111111|11111111|11110110|1 1ffffed [25]
1511 (208) |11111111|11111110|010 7fff2 [19]
1512 (209) |11111111|11111111|00011 1fffe3 [21]
1513 (210) |11111111|11111111|11111001|10 3ffffe6 [26]
1514 (211) |11111111|11111111|11111100|000 7ffffe0 [27]
1515 (212) |11111111|11111111|11111100|001 7ffffe1 [27]
1516 (213) |11111111|11111111|11111001|11 3ffffe7 [26]
1517 (214) |11111111|11111111|11111100|010 7ffffe2 [27]
1518 (215) |11111111|11111111|11110010 fffff2 [24]
1519 (216) |11111111|11111111|00100 1fffe4 [21]
1520 (217) |11111111|11111111|00101 1fffe5 [21]
1521 (218) |11111111|11111111|11111010|00 3ffffe8 [26]
1522 (219) |11111111|11111111|11111010|01 3ffffe9 [26]
1523 (220) |11111111|11111111|11111111|1101 ffffffd [28]
1524 (221) |11111111|11111111|11111100|011 7ffffe3 [27]
1525 (222) |11111111|11111111|11111100|100 7ffffe4 [27]
1526 (223) |11111111|11111111|11111100|101 7ffffe5 [27]
1527 (224) |11111111|11111110|1100 fffec [20]
1528 (225) |11111111|11111111|11110011 fffff3 [24]
1529 (226) |11111111|11111110|1101 fffed [20]
1530 (227) |11111111|11111111|00110 1fffe6 [21]
1531 (228) |11111111|11111111|101001 3fffe9 [22]
1532 (229) |11111111|11111111|00111 1fffe7 [21]
1533 (230) |11111111|11111111|01000 1fffe8 [21]
1534 (231) |11111111|11111111|1110011 7ffff3 [23]
1535 (232) |11111111|11111111|101010 3fffea [22]
1536 (233) |11111111|11111111|101011 3fffeb [22]
1537 (234) |11111111|11111111|11110111|0 1ffffee [25]
1538 (235) |11111111|11111111|11110111|1 1ffffef [25]
1539 (236) |11111111|11111111|11110100 fffff4 [24]
1540 (237) |11111111|11111111|11110101 fffff5 [24]
1541 (238) |11111111|11111111|11111010|10 3ffffea [26]
1542 (239) |11111111|11111111|1110100 7ffff4 [23]
1543 (240) |11111111|11111111|11111010|11 3ffffeb [26]
1544 (241) |11111111|11111111|11111100|110 7ffffe6 [27]
1545 (242) |11111111|11111111|11111011|00 3ffffec [26]
1546 (243) |11111111|11111111|11111011|01 3ffffed [26]
1547 (244) |11111111|11111111|11111100|111 7ffffe7 [27]
1548 (245) |11111111|11111111|11111101|000 7ffffe8 [27]
1549 (246) |11111111|11111111|11111101|001 7ffffe9 [27]
1550 (247) |11111111|11111111|11111101|010 7ffffea [27]
1551 (248) |11111111|11111111|11111101|011 7ffffeb [27]
1552 (249) |11111111|11111111|11111111|1110 ffffffe [28]
1553 (250) |11111111|11111111|11111101|100 7ffffec [27]
1554 (251) |11111111|11111111|11111101|101 7ffffed [27]
1555 (252) |11111111|11111111|11111101|110 7ffffee [27]
1556 (253) |11111111|11111111|11111101|111 7ffffef [27]
1557 (254) |11111111|11111111|11111110|000 7fffff0 [27]
1558 (255) |11111111|11111111|11111011|10 3ffffee [26]
1559 EOS (256) |11111111|11111111|11111111|111111 3fffffff [30]
1561 Appendix D. Examples
1563 A number of examples are worked through here, covering integer
1564 encoding, header field representation, and the encoding of whole
1565 lists of header fields, for both requests and responses, and with and
1566 without Huffman coding.
1568 D.1. Integer Representation Examples
1570 This section shows the representation of integer values in details
1571 (see Section 6.1).
1573 D.1.1. Example 1: Encoding 10 Using a 5-bit Prefix
1575 The value 10 is to be encoded with a 5-bit prefix.
1577 o 10 is less than 31 (2^5 - 1) and is represented using the 5-bit
1578 prefix.
1580 0 1 2 3 4 5 6 7
1581 +---+---+---+---+---+---+---+---+
1582 | X | X | X | 0 | 1 | 0 | 1 | 0 | 10 stored on 5 bits
1583 +---+---+---+---+---+---+---+---+
1585 D.1.2. Example 2: Encoding 1337 Using a 5-bit Prefix
1587 The value I=1337 is to be encoded with a 5-bit prefix.
1589 1337 is greater than 31 (2^5 - 1).
1591 The 5-bit prefix is filled with its max value (31).
1593 I = 1337 - (2^5 - 1) = 1306.
1595 I (1306) is greater than or equal to 128, the while loop body
1596 executes:
1598 I % 128 == 26
1600 26 + 128 == 154
1602 154 is encoded in 8 bits as: 10011010
1604 I is set to 10 (1306 / 128 == 10)
1606 I is no longer greater than or equal to 128, the while loop
1607 terminates.
1609 I, now 10, is encoded on 8 bits as: 00001010.
1611 The process ends.
1613 0 1 2 3 4 5 6 7
1614 +---+---+---+---+---+---+---+---+
1615 | X | X | X | 1 | 1 | 1 | 1 | 1 | Prefix = 31, I = 1306
1616 | 1 | 0 | 0 | 1 | 1 | 0 | 1 | 0 | 1306>=128, encode(154), I=1306/128
1617 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 10<128, encode(10), done
1618 +---+---+---+---+---+---+---+---+
1620 D.1.3. Example 3: Encoding 42 Starting at an Octet Boundary
1622 The value 42 is to be encoded starting at an octet-boundary. This
1623 implies that a 8-bit prefix is used.
1625 o 42 is less than 255 (2^8 - 1) and is represented using the 8-bit
1626 prefix.
1628 0 1 2 3 4 5 6 7
1629 +---+---+---+---+---+---+---+---+
1630 | 0 | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 42 stored on 8 bits
1631 +---+---+---+---+---+---+---+---+
1633 D.2. Header Field Representation Examples
1635 This section shows several independent representation examples.
1637 D.2.1. Literal Header Field with Indexing
1639 The header field representation uses a literal name and a literal
1640 value. The header field is added to the header table.
1642 Header list to encode:
1644 custom-key: custom-header
1646 Hex dump of encoded data:
1648 400a 6375 7374 6f6d 2d6b 6579 0d63 7573 | @.custom-key.cus
1649 746f 6d2d 6865 6164 6572 | tom-header
1651 Decoding process:
1653 40 | == Literal indexed ==
1654 0a | Literal name (len = 10)
1655 6375 7374 6f6d 2d6b 6579 | custom-key
1656 0d | Literal value (len = 13)
1657 6375 7374 6f6d 2d68 6561 6465 72 | custom-header
1658 | -> custom-key: custom-head\
1659 | er
1661 Header Table (after decoding):
1663 [ 1] (s = 55) custom-key: custom-header
1664 Table size: 55
1666 Decoded header list:
1668 custom-key: custom-header
1670 D.2.2. Literal Header Field without Indexing
1672 The header field representation uses an indexed name and a literal
1673 value. The header field is not added to the header table.
1675 Header list to encode:
1677 :path: /sample/path
1679 Hex dump of encoded data:
1681 040c 2f73 616d 706c 652f 7061 7468 | ../sample/path
1683 Decoding process:
1685 04 | == Literal not indexed ==
1686 | Indexed name (idx = 4)
1687 | :path
1688 0c | Literal value (len = 12)
1689 2f73 616d 706c 652f 7061 7468 | /sample/path
1690 | -> :path: /sample/path
1692 Header table (after decoding): empty.
1694 Decoded header list:
1696 :path: /sample/path
1698 D.2.3. Literal Header Field never Indexed
1700 The header field representation uses a literal name and a literal
1701 value. The header field is not added to the header table, and must
1702 use the same representation if re-encoded by an intermediary.
1704 Header list to encode:
1706 password: secret
1708 Hex dump of encoded data:
1710 1008 7061 7373 776f 7264 0673 6563 7265 | ..password.secre
1711 74 | t
1713 Decoding process:
1715 10 | == Literal never indexed ==
1716 08 | Literal name (len = 8)
1717 7061 7373 776f 7264 | password
1718 06 | Literal value (len = 6)
1719 7365 6372 6574 | secret
1720 | -> password: secret
1722 Header table (after decoding): empty.
1724 Decoded header list:
1726 password: secret
1728 D.2.4. Indexed Header Field
1730 The header field representation uses an indexed header field, from
1731 the static table.
1733 Header list to encode:
1735 :method: GET
1737 Hex dump of encoded data:
1739 82 | .
1741 Decoding process:
1743 82 | == Indexed - Add ==
1744 | idx = 2
1745 | -> :method: GET
1747 Header table (after decoding): empty.
1749 Decoded header list:
1751 :method: GET
1753 D.3. Request Examples without Huffman Coding
1755 This section shows several consecutive header lists, corresponding to
1756 HTTP requests, on the same connection.
1758 D.3.1. First Request
1760 Header list to encode:
1762 :method: GET
1763 :scheme: http
1764 :path: /
1765 :authority: www.example.com
1766 Hex dump of encoded data:
1768 8286 8441 0f77 7777 2e65 7861 6d70 6c65 | ...A.www.example
1769 2e63 6f6d | .com
1771 Decoding process:
1773 82 | == Indexed - Add ==
1774 | idx = 2
1775 | -> :method: GET
1776 86 | == Indexed - Add ==
1777 | idx = 6
1778 | -> :scheme: http
1779 84 | == Indexed - Add ==
1780 | idx = 4
1781 | -> :path: /
1782 41 | == Literal indexed ==
1783 | Indexed name (idx = 1)
1784 | :authority
1785 0f | Literal value (len = 15)
1786 7777 772e 6578 616d 706c 652e 636f 6d | www.example.com
1787 | -> :authority: www.example\
1788 | .com
1790 Header Table (after decoding):
1792 [ 1] (s = 57) :authority: www.example.com
1793 Table size: 57
1795 Decoded header list:
1797 :method: GET
1798 :scheme: http
1799 :path: /
1800 :authority: www.example.com
1802 D.3.2. Second Request
1804 Header list to encode:
1806 :method: GET
1807 :scheme: http
1808 :path: /
1809 :authority: www.example.com
1810 cache-control: no-cache
1812 Hex dump of encoded data:
1814 8286 84be 5808 6e6f 2d63 6163 6865 | ....X.no-cache
1816 Decoding process:
1818 82 | == Indexed - Add ==
1819 | idx = 2
1820 | -> :method: GET
1821 86 | == Indexed - Add ==
1822 | idx = 6
1823 | -> :scheme: http
1824 84 | == Indexed - Add ==
1825 | idx = 4
1826 | -> :path: /
1827 be | == Indexed - Add ==
1828 | idx = 62
1829 | -> :authority: www.example\
1830 | .com
1831 58 | == Literal indexed ==
1832 | Indexed name (idx = 24)
1833 | cache-control
1834 08 | Literal value (len = 8)
1835 6e6f 2d63 6163 6865 | no-cache
1836 | -> cache-control: no-cache
1838 Header Table (after decoding):
1840 [ 1] (s = 53) cache-control: no-cache
1841 [ 2] (s = 57) :authority: www.example.com
1842 Table size: 110
1844 Decoded header list:
1846 :method: GET
1847 :scheme: http
1848 :path: /
1849 :authority: www.example.com
1850 cache-control: no-cache
1852 D.3.3. Third Request
1854 Header list to encode:
1856 :method: GET
1857 :scheme: https
1858 :path: /index.html
1859 :authority: www.example.com
1860 custom-key: custom-value
1862 Hex dump of encoded data:
1864 8287 85bf 400a 6375 7374 6f6d 2d6b 6579 | ....@.custom-key
1865 0c63 7573 746f 6d2d 7661 6c75 65 | .custom-value
1867 Decoding process:
1869 82 | == Indexed - Add ==
1870 | idx = 2
1871 | -> :method: GET
1872 87 | == Indexed - Add ==
1873 | idx = 7
1874 | -> :scheme: https
1875 85 | == Indexed - Add ==
1876 | idx = 5
1877 | -> :path: /index.html
1878 bf | == Indexed - Add ==
1879 | idx = 63
1880 | -> :authority: www.example\
1881 | .com
1882 40 | == Literal indexed ==
1883 0a | Literal name (len = 10)
1884 6375 7374 6f6d 2d6b 6579 | custom-key
1885 0c | Literal value (len = 12)
1886 6375 7374 6f6d 2d76 616c 7565 | custom-value
1887 | -> custom-key: custom-valu\
1888 | e
1890 Header Table (after decoding):
1892 [ 1] (s = 54) custom-key: custom-value
1893 [ 2] (s = 53) cache-control: no-cache
1894 [ 3] (s = 57) :authority: www.example.com
1895 Table size: 164
1897 Decoded header list:
1899 :method: GET
1900 :scheme: https
1901 :path: /index.html
1902 :authority: www.example.com
1903 custom-key: custom-value
1905 D.4. Request Examples with Huffman Coding
1907 This section shows the same examples as the previous section, but
1908 using Huffman encoding for the literal values.
1910 D.4.1. First Request
1912 Header list to encode:
1914 :method: GET
1915 :scheme: http
1916 :path: /
1917 :authority: www.example.com
1919 Hex dump of encoded data:
1921 8286 8441 8cf1 e3c2 e5f2 3a6b a0ab 90f4 | ...A......:k....
1922 ff | .
1924 Decoding process:
1926 82 | == Indexed - Add ==
1927 | idx = 2
1928 | -> :method: GET
1929 86 | == Indexed - Add ==
1930 | idx = 6
1931 | -> :scheme: http
1932 84 | == Indexed - Add ==
1933 | idx = 4
1934 | -> :path: /
1935 41 | == Literal indexed ==
1936 | Indexed name (idx = 1)
1937 | :authority
1938 8c | Literal value (len = 12)
1939 | Huffman encoded:
1940 f1e3 c2e5 f23a 6ba0 ab90 f4ff | .....:k.....
1941 | Decoded:
1942 | www.example.com
1943 | -> :authority: www.example\
1944 | .com
1946 Header Table (after decoding):
1948 [ 1] (s = 57) :authority: www.example.com
1949 Table size: 57
1951 Decoded header list:
1953 :method: GET
1954 :scheme: http
1955 :path: /
1956 :authority: www.example.com
1958 D.4.2. Second Request
1960 Header list to encode:
1962 :method: GET
1963 :scheme: http
1964 :path: /
1965 :authority: www.example.com
1966 cache-control: no-cache
1968 Hex dump of encoded data:
1970 8286 84be 5886 a8eb 1064 9cbf | ....X....d..
1972 Decoding process:
1974 82 | == Indexed - Add ==
1975 | idx = 2
1976 | -> :method: GET
1977 86 | == Indexed - Add ==
1978 | idx = 6
1979 | -> :scheme: http
1980 84 | == Indexed - Add ==
1981 | idx = 4
1982 | -> :path: /
1983 be | == Indexed - Add ==
1984 | idx = 62
1985 | -> :authority: www.example\
1986 | .com
1987 58 | == Literal indexed ==
1988 | Indexed name (idx = 24)
1989 | cache-control
1990 86 | Literal value (len = 6)
1991 | Huffman encoded:
1992 a8eb 1064 9cbf | ...d..
1993 | Decoded:
1994 | no-cache
1995 | -> cache-control: no-cache
1997 Header Table (after decoding):
1999 [ 1] (s = 53) cache-control: no-cache
2000 [ 2] (s = 57) :authority: www.example.com
2001 Table size: 110
2003 Decoded header list:
2005 :method: GET
2006 :scheme: http
2007 :path: /
2008 :authority: www.example.com
2009 cache-control: no-cache
2011 D.4.3. Third Request
2012 Header list to encode:
2014 :method: GET
2015 :scheme: https
2016 :path: /index.html
2017 :authority: www.example.com
2018 custom-key: custom-value
2020 Hex dump of encoded data:
2022 8287 85bf 4088 25a8 49e9 5ba9 7d7f 8925 | ....@.%.I.[.}..%
2023 a849 e95b b8e8 b4bf | .I.[....
2025 Decoding process:
2027 82 | == Indexed - Add ==
2028 | idx = 2
2029 | -> :method: GET
2030 87 | == Indexed - Add ==
2031 | idx = 7
2032 | -> :scheme: https
2033 85 | == Indexed - Add ==
2034 | idx = 5
2035 | -> :path: /index.html
2036 bf | == Indexed - Add ==
2037 | idx = 63
2038 | -> :authority: www.example\
2039 | .com
2040 40 | == Literal indexed ==
2041 88 | Literal name (len = 8)
2042 | Huffman encoded:
2043 25a8 49e9 5ba9 7d7f | %.I.[.}.
2044 | Decoded:
2045 | custom-key
2046 89 | Literal value (len = 9)
2047 | Huffman encoded:
2048 25a8 49e9 5bb8 e8b4 bf | %.I.[....
2049 | Decoded:
2050 | custom-value
2051 | -> custom-key: custom-valu\
2052 | e
2054 Header Table (after decoding):
2056 [ 1] (s = 54) custom-key: custom-value
2057 [ 2] (s = 53) cache-control: no-cache
2058 [ 3] (s = 57) :authority: www.example.com
2059 Table size: 164
2061 Decoded header list:
2063 :method: GET
2064 :scheme: https
2065 :path: /index.html
2066 :authority: www.example.com
2067 custom-key: custom-value
2069 D.5. Response Examples without Huffman Coding
2071 This section shows several consecutive header lists, corresponding to
2072 HTTP responses, on the same connection. The HTTP/2 setting parameter
2073 SETTINGS_HEADER_TABLE_SIZE is set to the value of 256 octets, causing
2074 some evictions to occur.
2076 D.5.1. First Response
2078 Header list to encode:
2080 :status: 302
2081 cache-control: private
2082 date: Mon, 21 Oct 2013 20:13:21 GMT
2083 location: https://www.example.com
2085 Hex dump of encoded data:
2087 4803 3330 3258 0770 7269 7661 7465 611d | H.302X.privatea.
2088 4d6f 6e2c 2032 3120 4f63 7420 3230 3133 | Mon, 21 Oct 2013
2089 2032 303a 3133 3a32 3120 474d 546e 1768 | 20:13:21 GMTn.h
2090 7474 7073 3a2f 2f77 7777 2e65 7861 6d70 | ttps://www.examp
2091 6c65 2e63 6f6d | le.com
2093 Decoding process:
2095 48 | == Literal indexed ==
2096 | Indexed name (idx = 8)
2097 | :status
2098 03 | Literal value (len = 3)
2099 3330 32 | 302
2100 | -> :status: 302
2101 58 | == Literal indexed ==
2102 | Indexed name (idx = 24)
2103 | cache-control
2104 07 | Literal value (len = 7)
2105 7072 6976 6174 65 | private
2106 | -> cache-control: private
2107 61 | == Literal indexed ==
2108 | Indexed name (idx = 33)
2109 | date
2110 1d | Literal value (len = 29)
2111 4d6f 6e2c 2032 3120 4f63 7420 3230 3133 | Mon, 21 Oct 2013
2112 2032 303a 3133 3a32 3120 474d 54 | 20:13:21 GMT
2113 | -> date: Mon, 21 Oct 2013 \
2114 | 20:13:21 GMT
2115 6e | == Literal indexed ==
2116 | Indexed name (idx = 46)
2117 | location
2118 17 | Literal value (len = 23)
2119 6874 7470 733a 2f2f 7777 772e 6578 616d | https://www.exam
2120 706c 652e 636f 6d | ple.com
2121 | -> location: https://www.e\
2122 | xample.com
2124 Header Table (after decoding):
2126 [ 1] (s = 63) location: https://www.example.com
2127 [ 2] (s = 65) date: Mon, 21 Oct 2013 20:13:21 GMT
2128 [ 3] (s = 52) cache-control: private
2129 [ 4] (s = 42) :status: 302
2130 Table size: 222
2132 Decoded header list:
2134 :status: 302
2135 cache-control: private
2136 date: Mon, 21 Oct 2013 20:13:21 GMT
2137 location: https://www.example.com
2139 D.5.2. Second Response
2141 The (":status", "302") header field is evicted from the header table
2142 to free space to allow adding the (":status", "307") header field.
2144 Header list to encode:
2146 :status: 307
2147 cache-control: private
2148 date: Mon, 21 Oct 2013 20:13:21 GMT
2149 location: https://www.example.com
2151 Hex dump of encoded data:
2153 4803 3330 37c1 c0bf | H.307...
2155 Decoding process:
2157 48 | == Literal indexed ==
2158 | Indexed name (idx = 8)
2159 | :status
2160 03 | Literal value (len = 3)
2161 3330 37 | 307
2162 | - evict: :status: 302
2163 | -> :status: 307
2164 c1 | == Indexed - Add ==
2165 | idx = 65
2166 | -> cache-control: private
2167 c0 | == Indexed - Add ==
2168 | idx = 64
2169 | -> date: Mon, 21 Oct 2013 \
2170 | 20:13:21 GMT
2171 bf | == Indexed - Add ==
2172 | idx = 63
2173 | -> location: https://www.e\
2174 | xample.com
2176 Header Table (after decoding):
2178 [ 1] (s = 42) :status: 307
2179 [ 2] (s = 63) location: https://www.example.com
2180 [ 3] (s = 65) date: Mon, 21 Oct 2013 20:13:21 GMT
2181 [ 4] (s = 52) cache-control: private
2182 Table size: 222
2184 Decoded header list:
2186 :status: 307
2187 cache-control: private
2188 date: Mon, 21 Oct 2013 20:13:21 GMT
2189 location: https://www.example.com
2191 D.5.3. Third Response
2193 Several header fields are evicted from the header table during the
2194 processing of this header list.
2196 Header list to encode:
2198 :status: 200
2199 cache-control: private
2200 date: Mon, 21 Oct 2013 20:13:22 GMT
2201 location: https://www.example.com
2202 content-encoding: gzip
2203 set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1
2205 Hex dump of encoded data:
2207 88c1 611d 4d6f 6e2c 2032 3120 4f63 7420 | ..a.Mon, 21 Oct
2208 3230 3133 2032 303a 3133 3a32 3220 474d | 2013 20:13:22 GM
2209 54c0 5a04 677a 6970 7738 666f 6f3d 4153 | T.Z.gzipw8foo=AS
2210 444a 4b48 514b 425a 584f 5157 454f 5049 | DJKHQKBZXOQWEOPI
2211 5541 5851 5745 4f49 553b 206d 6178 2d61 | UAXQWEOIU; max-a
2212 6765 3d33 3630 303b 2076 6572 7369 6f6e | ge=3600; version
2213 3d31 | =1
2215 Decoding process:
2217 88 | == Indexed - Add ==
2218 | idx = 8
2219 | -> :status: 200
2220 c1 | == Indexed - Add ==
2221 | idx = 65
2222 | -> cache-control: private
2223 61 | == Literal indexed ==
2224 | Indexed name (idx = 33)
2225 | date
2226 1d | Literal value (len = 29)
2227 4d6f 6e2c 2032 3120 4f63 7420 3230 3133 | Mon, 21 Oct 2013
2228 2032 303a 3133 3a32 3220 474d 54 | 20:13:22 GMT
2229 | - evict: cache-control: pr\
2230 | ivate
2231 | -> date: Mon, 21 Oct 2013 \
2232 | 20:13:22 GMT
2233 c0 | == Indexed - Add ==
2234 | idx = 64
2235 | -> location: https://www.e\
2236 | xample.com
2237 5a | == Literal indexed ==
2238 | Indexed name (idx = 26)
2239 | content-encoding
2240 04 | Literal value (len = 4)
2241 677a 6970 | gzip
2242 | - evict: date: Mon, 21 Oct\
2243 | 2013 20:13:21 GMT
2244 | -> content-encoding: gzip
2245 77 | == Literal indexed ==
2246 | Indexed name (idx = 55)
2247 | set-cookie
2248 38 | Literal value (len = 56)
2249 666f 6f3d 4153 444a 4b48 514b 425a 584f | foo=ASDJKHQKBZXO
2250 5157 454f 5049 5541 5851 5745 4f49 553b | QWEOPIUAXQWEOIU;
2251 206d 6178 2d61 6765 3d33 3630 303b 2076 | max-age=3600; v
2252 6572 7369 6f6e 3d31 | ersion=1
2253 | - evict: location: https:/\
2254 | /www.example.com
2255 | - evict: :status: 307
2256 | -> set-cookie: foo=ASDJKHQ\
2257 | KBZXOQWEOPIUAXQWEOIU; ma\
2258 | x-age=3600; version=1
2260 Header Table (after decoding):
2262 [ 1] (s = 98) set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age\
2263 =3600; version=1
2264 [ 2] (s = 52) content-encoding: gzip
2265 [ 3] (s = 65) date: Mon, 21 Oct 2013 20:13:22 GMT
2266 Table size: 215
2268 Decoded header list:
2270 :status: 200
2271 cache-control: private
2272 date: Mon, 21 Oct 2013 20:13:22 GMT
2273 location: https://www.example.com
2274 content-encoding: gzip
2275 set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1
2277 D.6. Response Examples with Huffman Coding
2279 This section shows the same examples as the previous section, but
2280 using Huffman encoding for the literal values. The HTTP/2 setting
2281 parameter SETTINGS_HEADER_TABLE_SIZE is set to the value of 256
2282 octets, causing some evictions to occur. The eviction mechanism uses
2283 the length of the decoded literal values, so the same evictions
2284 occurs as in the previous section.
2286 D.6.1. First Response
2288 Header list to encode:
2290 :status: 302
2291 cache-control: private
2292 date: Mon, 21 Oct 2013 20:13:21 GMT
2293 location: https://www.example.com
2295 Hex dump of encoded data:
2297 4882 6402 5885 aec3 771a 4b61 96d0 7abe | H.d.X...w.Ka..z.
2298 9410 54d4 44a8 2005 9504 0b81 66e0 82a6 | ..T.D. .....f...
2299 2d1b ff6e 919d 29ad 1718 63c7 8f0b 97c8 | -..n..)...c.....
2300 e9ae 82ae 43d3 | ....C.
2302 Decoding process:
2304 48 | == Literal indexed ==
2305 | Indexed name (idx = 8)
2306 | :status
2307 82 | Literal value (len = 2)
2308 | Huffman encoded:
2309 6402 | d.
2310 | Decoded:
2311 | 302
2312 | -> :status: 302
2313 58 | == Literal indexed ==
2314 | Indexed name (idx = 24)
2315 | cache-control
2316 85 | Literal value (len = 5)
2317 | Huffman encoded:
2318 aec3 771a 4b | ..w.K
2319 | Decoded:
2320 | private
2321 | -> cache-control: private
2322 61 | == Literal indexed ==
2323 | Indexed name (idx = 33)
2324 | date
2325 96 | Literal value (len = 22)
2326 | Huffman encoded:
2327 d07a be94 1054 d444 a820 0595 040b 8166 | .z...T.D. .....f
2328 e082 a62d 1bff | ...-..
2329 | Decoded:
2330 | Mon, 21 Oct 2013 20:13:21 \
2331 | GMT
2332 | -> date: Mon, 21 Oct 2013 \
2333 | 20:13:21 GMT
2334 6e | == Literal indexed ==
2335 | Indexed name (idx = 46)
2336 | location
2337 91 | Literal value (len = 17)
2338 | Huffman encoded:
2339 9d29 ad17 1863 c78f 0b97 c8e9 ae82 ae43 | .)...c.........C
2340 d3 | .
2341 | Decoded:
2342 | https://www.example.com
2343 | -> location: https://www.e\
2344 | xample.com
2346 Header Table (after decoding):
2348 [ 1] (s = 63) location: https://www.example.com
2349 [ 2] (s = 65) date: Mon, 21 Oct 2013 20:13:21 GMT
2350 [ 3] (s = 52) cache-control: private
2351 [ 4] (s = 42) :status: 302
2352 Table size: 222
2354 Decoded header list:
2356 :status: 302
2357 cache-control: private
2358 date: Mon, 21 Oct 2013 20:13:21 GMT
2359 location: https://www.example.com
2361 D.6.2. Second Response
2363 The (":status", "302") header field is evicted from the header table
2364 to free space to allow adding the (":status", "307") header field.
2366 Header list to encode:
2368 :status: 307
2369 cache-control: private
2370 date: Mon, 21 Oct 2013 20:13:21 GMT
2371 location: https://www.example.com
2373 Hex dump of encoded data:
2375 4883 640e ffc1 c0bf | H.d.....
2377 Decoding process:
2379 48 | == Literal indexed ==
2380 | Indexed name (idx = 8)
2381 | :status
2382 83 | Literal value (len = 3)
2383 | Huffman encoded:
2384 640e ff | d..
2385 | Decoded:
2386 | 307
2387 | - evict: :status: 302
2388 | -> :status: 307
2389 c1 | == Indexed - Add ==
2390 | idx = 65
2391 | -> cache-control: private
2392 c0 | == Indexed - Add ==
2393 | idx = 64
2394 | -> date: Mon, 21 Oct 2013 \
2395 | 20:13:21 GMT
2396 bf | == Indexed - Add ==
2397 | idx = 63
2398 | -> location: https://www.e\
2399 | xample.com
2401 Header Table (after decoding):
2403 [ 1] (s = 42) :status: 307
2404 [ 2] (s = 63) location: https://www.example.com
2405 [ 3] (s = 65) date: Mon, 21 Oct 2013 20:13:21 GMT
2406 [ 4] (s = 52) cache-control: private
2407 Table size: 222
2409 Decoded header list:
2411 :status: 307
2412 cache-control: private
2413 date: Mon, 21 Oct 2013 20:13:21 GMT
2414 location: https://www.example.com
2416 D.6.3. Third Response
2418 Several header fields are evicted from the header table during the
2419 processing of this header list.
2421 Header list to encode:
2423 :status: 200
2424 cache-control: private
2425 date: Mon, 21 Oct 2013 20:13:22 GMT
2426 location: https://www.example.com
2427 content-encoding: gzip
2428 set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1
2430 Hex dump of encoded data:
2432 88c1 6196 d07a be94 1054 d444 a820 0595 | ..a..z...T.D. ..
2433 040b 8166 e084 a62d 1bff c05a 839b d9ab | ...f...-...Z....
2434 77ad 94e7 821d d7f2 e6c7 b335 dfdf cd5b | w..........5...[
2435 3960 d5af 2708 7f36 72c1 ab27 0fb5 291f | 9`..'..6r..'..).
2436 9587 3160 65c0 03ed 4ee5 b106 3d50 07 | ..1`e...N...=P.
2438 Decoding process:
2440 88 | == Indexed - Add ==
2441 | idx = 8
2442 | -> :status: 200
2443 c1 | == Indexed - Add ==
2444 | idx = 65
2445 | -> cache-control: private
2446 61 | == Literal indexed ==
2447 | Indexed name (idx = 33)
2448 | date
2449 96 | Literal value (len = 22)
2450 | Huffman encoded:
2451 d07a be94 1054 d444 a820 0595 040b 8166 | .z...T.D. .....f
2452 e084 a62d 1bff | ...-..
2453 | Decoded:
2454 | Mon, 21 Oct 2013 20:13:22 \
2455 | GMT
2456 | - evict: cache-control: pr\
2457 | ivate
2458 | -> date: Mon, 21 Oct 2013 \
2459 | 20:13:22 GMT
2460 c0 | == Indexed - Add ==
2461 | idx = 64
2462 | -> location: https://www.e\
2463 | xample.com
2464 5a | == Literal indexed ==
2465 | Indexed name (idx = 26)
2466 | content-encoding
2467 83 | Literal value (len = 3)
2468 | Huffman encoded:
2470 9bd9 ab | ...
2471 | Decoded:
2472 | gzip
2473 | - evict: date: Mon, 21 Oct\
2474 | 2013 20:13:21 GMT
2475 | -> content-encoding: gzip
2476 77 | == Literal indexed ==
2477 | Indexed name (idx = 55)
2478 | set-cookie
2479 ad | Literal value (len = 45)
2480 | Huffman encoded:
2481 94e7 821d d7f2 e6c7 b335 dfdf cd5b 3960 | .........5...[9`
2482 d5af 2708 7f36 72c1 ab27 0fb5 291f 9587 | ..'..6r..'..)...
2483 3160 65c0 03ed 4ee5 b106 3d50 07 | 1`e...N...=P.
2484 | Decoded:
2485 | foo=ASDJKHQKBZXOQWEOPIUAXQ\
2486 | WEOIU; max-age=3600; versi\
2487 | on=1
2488 | - evict: location: https:/\
2489 | /www.example.com
2490 | - evict: :status: 307
2491 | -> set-cookie: foo=ASDJKHQ\
2492 | KBZXOQWEOPIUAXQWEOIU; ma\
2493 | x-age=3600; version=1
2495 Header Table (after decoding):
2497 [ 1] (s = 98) set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age\
2498 =3600; version=1
2499 [ 2] (s = 52) content-encoding: gzip
2500 [ 3] (s = 65) date: Mon, 21 Oct 2013 20:13:22 GMT
2501 Table size: 215
2503 Decoded header list:
2505 :status: 200
2506 cache-control: private
2507 date: Mon, 21 Oct 2013 20:13:22 GMT
2508 location: https://www.example.com
2509 content-encoding: gzip
2510 set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1
2512 Authors' Addresses
2513 Roberto Peon
2514 Google, Inc
2516 EMail: fenix@google.com
2518 Herve Ruellan
2519 Canon CRF
2521 EMail: herve.ruellan@crf.canon.fr