aboutsummaryrefslogtreecommitdiff
path: root/files/zh-cn/glossary/forbidden_header_name/index.html
diff options
context:
space:
mode:
authorFlorian Merz <me@fiji-flo.de>2021-02-11 12:56:40 +0100
committerFlorian Merz <me@fiji-flo.de>2021-02-11 12:56:40 +0100
commit310fd066e91f454b990372ffa30e803cc8120975 (patch)
treed5d900deb656a5da18e0b60d00f0db73f3a2e88e /files/zh-cn/glossary/forbidden_header_name/index.html
parent8260a606c143e6b55a467edf017a56bdcd6cba7e (diff)
downloadtranslated-content-310fd066e91f454b990372ffa30e803cc8120975.tar.gz
translated-content-310fd066e91f454b990372ffa30e803cc8120975.tar.bz2
translated-content-310fd066e91f454b990372ffa30e803cc8120975.zip
unslug zh-cn: move
Diffstat (limited to 'files/zh-cn/glossary/forbidden_header_name/index.html')
-rw-r--r--files/zh-cn/glossary/forbidden_header_name/index.html39
1 files changed, 39 insertions, 0 deletions
diff --git a/files/zh-cn/glossary/forbidden_header_name/index.html b/files/zh-cn/glossary/forbidden_header_name/index.html
new file mode 100644
index 0000000000..6e14c9b0a1
--- /dev/null
+++ b/files/zh-cn/glossary/forbidden_header_name/index.html
@@ -0,0 +1,39 @@
+---
+title: 禁止修改的消息首部
+slug: Glossary/禁止修改的消息首部
+translation_of: Glossary/Forbidden_header_name
+---
+<p>禁止修改的消息首部指的是不能在代码中通过编程的方式进行修改的<a href="/en-US/docs/Web/HTTP/Headers">HTTP协议消息首部</a>。本文仅讨论相关的HTTP<strong>请求</strong>首部(关于禁止修改的响应首部,请参考 {{Glossary("Forbidden response header name")}})。</p>
+
+<p>用户代理对这些消息首部保留全部控制权,应用程序无法设置它们。 Names starting with `<code title="">Sec-</code>` are reserved for creating new headers safe from {{glossary("API","APIs")}} using <a href="/en-US/docs/Web/API/Fetch_API">Fetch</a> that grant developers control over headers, such as {{domxref("XMLHttpRequest")}}.</p>
+
+<p>禁止修改的消息首部包括以 Proxy- 和 Sec- 开头的消息首部,以及下面列出的消息首部:</p>
+
+<ul class="brief">
+ <li><code title="">Accept-Charset</code></li>
+ <li><code title="">Accept-Encoding</code></li>
+ <li><code title="">Access-Control-Request-Headers</code></li>
+ <li><code title="">Access-Control-Request-Method</code></li>
+ <li><code title="">Connection</code></li>
+ <li><code title="">Content-Length</code></li>
+ <li><code title="">Cookie</code></li>
+ <li><code title="">Cookie2</code></li>
+ <li><code title="">Date</code></li>
+ <li><code title="">DNT</code></li>
+ <li><code title="">Expect</code></li>
+ <li><code title="">Host</code></li>
+ <li><code title="">Keep-Alive</code></li>
+ <li><code title="http-origin">Origin</code></li>
+ <li><code title="http-origin">Proxy-</code></li>
+ <li><code title="http-origin">Sec-</code></li>
+ <li><code title="">Referer</code></li>
+ <li><code title="">TE</code></li>
+ <li><code title="">Trailer</code></li>
+ <li><code title="">Transfer-Encoding</code></li>
+ <li><code title="">Upgrade</code></li>
+ <li><code title="">Via</code></li>
+</ul>
+
+<div class="note">
+<p><span style="font-size: 14px;"><strong>注意</strong></span>: <a href="https://fetch.spec.whatwg.org/#terminology-headers">根据最新的规范</a>,<code>User-Agent</code> 首部已经从列表中移除。更多内容请参考规范的 forbidden header name list 一节(Firefox 43 实现了对这一更改的支持)。因此,该首部已经可以用于诸如 Fetch 的 <a href="/en-US/docs/Web/API/Headers">Headers</a> 对象,XHR 的 <a href="/en-US/docs/Web/API/XMLHttpRequest#setRequestHeader%28%29">setRequestHeader()</a>? 中。</p>
+</div>