In the HTTP header, line breaks are tokens to separate fields in the header.
在HTTP标头中,换行符是用于分隔标题中的字段的标记。
But, if I wan't to send a line break literal in a custom field how should I escape it?
但是,如果我不想在自定义字段中发送换行字符,我应该如何逃避呢?
5 个解决方案
#1
If you are designing your own custom extension field, you may use BASE64 or quoted-printable to escape(and unescape) the value.
如果您正在设计自己的自定义扩展字段,则可以使用BASE64或quoted-printable来转义(和取消)该值。
#2
The idea is, that HTTP is ASCII-only and newlines and such are not allowed. If both sender and receiver can interpret YOUR encoding then you can encode whatever you want, however you want. That's how DNS international names are handled with the Host header (it's called PUNYCODE).
这个想法是,HTTP只是ASCII,不允许使用换行符等。如果发送方和接收方都可以解释您的编码,那么您可以根据需要对任何内容进行编码。这就是使用Host标头处理DNS国际名称的方式(它叫做PUNYCODE)。
Short answer is: You don't, unless you control both sender and receiver.
简短的回答是:你没有,除非你控制发送者和接收者。
#3
The actual answer to this question is that there is no standard for encoding line breaks.
这个问题的实际答案是没有编码换行符的标准。
You can use any Binary-to-text encoding such as URL-Encoding or Base64, but obviously that's only going to work if both sender and receiver implement the same method.
您可以使用任何二进制文本编码,例如URL-Encoding或Base64,但显然只有发送方和接收方都实现相同的方法才会起作用。
RFC 2616 did allow to 'fold' (i.e. wrap) header values over multiple lines, but the line breaks were treated as a single space character and not part of the parsed field value.
RFC 2616允许在多行上“折叠”(即换行)标题值,但换行符被视为单个空格字符,而不是解析字段值的一部分。
However, that specification has been obsoleted by RFC 7230 which forbids folding:
但是,该规范已被RFC 7230废弃,禁止折叠:
Historically, HTTP header field values could be extended over multiple lines by preceding each extra line with at least one space or horizontal tab (obs-fold).
This specification deprecates such line folding except within themessage/httpmedia type (Section 8.3.1).
A sender MUST NOT generate a message that includes line folding历史上,HTTP头字段值可以通过在每个额外行之前用至少一个空格或水平制表符(obs-fold)扩展到多行。除了message / http媒体类型(第8.3.1节)之外,此规范不推荐使用此类折叠。发件人不得生成包含行折叠的消息
A standard for line breaks in HTTP Header field values is not – and never was – established.
HTTP Header字段值中的换行标准不是 - 也从未 - 已经建立。
#4
According to RFC2616 4.2 Message Headers :-
根据RFC2616 4.2消息标题: -
Header fields can be extended over multiple lines by preceding each extra line with at least one SP or HT.
通过在每个额外行之前至少有一个SP或HT,可以将标题字段扩展到多行。
I assume SP means a space character and HT means a hard tab character.
我假设SP表示空格字符,HT表示硬标签字符。
#5
If it's a custom field how you escape it depends entirely on how the targetted application is going to parse it. If this is some add on you created you could stick with URL encoding since it's pretty tried and true and lots of languages have encoding/decoding methods built in so your web app would encode it and your plug in (or whatever you're working on) would decode it.
如果它是一个自定义字段,你如何逃避它完全取决于目标应用程序将如何解析它。如果这是你创建的一些添加,你可以坚持使用URL编码,因为它非常有用并且很多,并且许多语言都内置了编码/解码方法,所以你的网络应用程序会编码它和你的插件(或者你正在做的任何事情) )会解码它。
#1
If you are designing your own custom extension field, you may use BASE64 or quoted-printable to escape(and unescape) the value.
如果您正在设计自己的自定义扩展字段,则可以使用BASE64或quoted-printable来转义(和取消)该值。
#2
The idea is, that HTTP is ASCII-only and newlines and such are not allowed. If both sender and receiver can interpret YOUR encoding then you can encode whatever you want, however you want. That's how DNS international names are handled with the Host header (it's called PUNYCODE).
这个想法是,HTTP只是ASCII,不允许使用换行符等。如果发送方和接收方都可以解释您的编码,那么您可以根据需要对任何内容进行编码。这就是使用Host标头处理DNS国际名称的方式(它叫做PUNYCODE)。
Short answer is: You don't, unless you control both sender and receiver.
简短的回答是:你没有,除非你控制发送者和接收者。
#3
The actual answer to this question is that there is no standard for encoding line breaks.
这个问题的实际答案是没有编码换行符的标准。
You can use any Binary-to-text encoding such as URL-Encoding or Base64, but obviously that's only going to work if both sender and receiver implement the same method.
您可以使用任何二进制文本编码,例如URL-Encoding或Base64,但显然只有发送方和接收方都实现相同的方法才会起作用。
RFC 2616 did allow to 'fold' (i.e. wrap) header values over multiple lines, but the line breaks were treated as a single space character and not part of the parsed field value.
RFC 2616允许在多行上“折叠”(即换行)标题值,但换行符被视为单个空格字符,而不是解析字段值的一部分。
However, that specification has been obsoleted by RFC 7230 which forbids folding:
但是,该规范已被RFC 7230废弃,禁止折叠:
Historically, HTTP header field values could be extended over multiple lines by preceding each extra line with at least one space or horizontal tab (obs-fold).
This specification deprecates such line folding except within themessage/httpmedia type (Section 8.3.1).
A sender MUST NOT generate a message that includes line folding历史上,HTTP头字段值可以通过在每个额外行之前用至少一个空格或水平制表符(obs-fold)扩展到多行。除了message / http媒体类型(第8.3.1节)之外,此规范不推荐使用此类折叠。发件人不得生成包含行折叠的消息
A standard for line breaks in HTTP Header field values is not – and never was – established.
HTTP Header字段值中的换行标准不是 - 也从未 - 已经建立。
#4
According to RFC2616 4.2 Message Headers :-
根据RFC2616 4.2消息标题: -
Header fields can be extended over multiple lines by preceding each extra line with at least one SP or HT.
通过在每个额外行之前至少有一个SP或HT,可以将标题字段扩展到多行。
I assume SP means a space character and HT means a hard tab character.
我假设SP表示空格字符,HT表示硬标签字符。
#5
If it's a custom field how you escape it depends entirely on how the targetted application is going to parse it. If this is some add on you created you could stick with URL encoding since it's pretty tried and true and lots of languages have encoding/decoding methods built in so your web app would encode it and your plug in (or whatever you're working on) would decode it.
如果它是一个自定义字段,你如何逃避它完全取决于目标应用程序将如何解析它。如果这是你创建的一些添加,你可以坚持使用URL编码,因为它非常有用并且很多,并且许多语言都内置了编码/解码方法,所以你的网络应用程序会编码它和你的插件(或者你正在做的任何事情) )会解码它。