HTTP se especificó por primera vez a principios de los 90s. Diseñado con extensibilidad en mente, ha visto numerosas adiciones a lo largo de los años; esto lleva a que su especificación se disemine a través de númerosos documentos (en medio de extensiones experimentales abandonadas). Esta página presenta una lista de los recursos relevantes sobre HTTP:
| Specification | Title | Status |
|---|---|---|
| {{rfc(7230)}} | Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing | Proposed Standard |
| {{rfc(7231)}} | Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content | Proposed Standard |
| {{rfc(7232)}} | Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests | Proposed Standard |
| {{rfc(7233)}} | Hypertext Transfer Protocol (HTTP/1.1): Range Requests | Proposed Standard |
| {{rfc(7234)}} | Hypertext Transfer Protocol (HTTP/1.1): Caching | Proposed Standard |
| {{rfc(5861)}} | HTTP Cache-Control Extensions for Stale Content | Informational |
| {{rfc(8246)}} | HTTP Immutable Responses | Proposed Standard |
| {{rfc(7235)}} | Hypertext Transfer Protocol (HTTP/1.1): Authentication | Proposed Standard |
| {{rfc(6265)}} | HTTP State Management Mechanism Defines Cookies |
Proposed Standard |
| Draft spec | Cookie Prefixes | IETF Draft |
| Draft spec | Same-Site Cookies | IETF Draft |
| Draft spec | Deprecate modification of 'secure' cookies from non-secure origins | IETF Draft |
| {{rfc(2145)}} | Use and Interpretation of HTTP Version Numbers | Informational |
| {{rfc(6585)}} | Additional HTTP Status Codes | Proposed Standard |
| {{rfc(7538)}} | The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect) | Proposed Standard |
| {{rfc(7725)}} | An HTTP Status Code to Report Legal Obstacles | On the standard track |
| {{rfc(2397)}} | The "data" URL scheme | Proposed Standard |
| {{rfc(3986)}} | Uniform Resource Identifier (URI): Generic Syntax | Internet Standard |
| {{rfc(5988)}} | Web Linking Defines the {{HTTPHeader("Link")}} header |
Proposed Standard |
| Experimental spec | Hypertext Transfer Protocol (HTTP) Keep-Alive Header | Informational (Expired) |
| Draft spec | HTTP Client Hints | IETF Draft |
| {{rfc(7578)}} | Returning Values from Forms: multipart/form-data | Proposed Standard |
| {{rfc(6266)}} | Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP) | Proposed Standard |
| {{rfc(2183)}} | Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field Only a subset of syntax of the {{HTTPHeader("Content-Disposition")}} header can be used in the context of HTTP messages. |
Proposed Standard |
| {{rfc(7239)}} | Forwarded HTTP Extension | Proposed Standard |
| {{rfc(6455)}} | The WebSocket Protocol | Proposed Standard |
| {{rfc(5246)}} | The Transport Layer Security (TLS) Protocol Version 1.2 This specification has been modified by subsequent RFCs, but these modifications have no effect on the HTTP protocol. |
Proposed Standard |
| Draft spec | The Transport Layer Security (TLS) Protocol Version 1.3 Once ready, this protocol will supersede TLS 1.2. |
IETF Draft |
| {{rfc(2817)}} | Upgrading to TLS Within HTTP/1.1 | Proposed Standard |
| {{rfc(7540)}} | Hypertext Transfer Protocol Version 2 (HTTP/2) | Proposed Standard |
| {{rfc(7541)}} | HPACK: Header Compression for HTTP/2 | On the standard track |
| {{rfc(7838)}} | HTTP Alternative Services | On the standard track |
| {{rfc(7301)}} | Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension Used to negotiate HTTP/2 at the transport to save an extra request/response round trip. |
Proposed Standard |
| {{rfc(6454)}} | The Web Origin Concept | Proposed Standard |
| {{SpecName('Fetch', '#cors-protocol', 'CORS')}} | Cross-Origin Resource Sharing | {{Spec2("Fetch")}} |
| {{rfc(7034)}} | HTTP Header Field X-Frame-Options | Informational |
| {{rfc(6797)}} | HTTP Strict Transport Security (HSTS) | Proposed Standard |
| {{SpecName("Upgrade Insecure Requests")}} | Upgrade Insecure Requests | {{Spec2("Upgrade Insecure Requests")}} |
| {{SpecName("CSP 1.0")}} | Content Security Policy 1.0 CSP 1.1 and CSP 3.0 doesn't extend the HTTP standard |
{{Spec2("CSP 1.0")}} |
| Microsoft document | Specifying legacy document modes* Defines X-UA-Compatible |
Note |
| {{rfc(5689)}} | HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV) These extensions of the Web, as well as CardDAV and CalDAV, are out-of-scope for HTTP on the Web. Modern APIs for application are defines using the RESTful pattern nowadays. |
Proposed Standard |
| {{rfc(2324)}} | Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0) | April 1st joke spec |
| {{rfc(7168)}} | The Hyper Text Coffee Pot Control Protocol for Tea Efflux Appliances (HTCPCP-TEA) | April 1st joke spec |
| {{SpecName("HTML WHATWG")}} | HTML Defines extensions of HTTP for Server-Sent Events |
{{Spec2("HTML WHATWG")}} |
| Tracking Preference Expression | DNT header | Editor's draft / Candidate recommendation |
| Reporting API | Report-To header |
Draft |