HTTP中,什么是"X-" Prefix header?
例如 github API 的response headers有很多X前缀的头部:
查一下MDN文档:
Custom proprietary headers have historically been used with an X- prefix, but this convention was deprecated in June 2012 because of the inconveniences it caused when nonstandard fields became standard in RFC 6648; others are listed in an IANA registry, whose original content was defined in RFC 4229. IANA also maintains a registry of proposed new HTTP headers.
原来是自定义头部。但是上面文档说,已经deprecated,过时了。
作用
和HTTP headers一样,都是提供额外的信息。
Their main purpose is for providing additional information
RFC表明X前缀的自定义头已经过时了,代替解决方案是什么?
根据keycdn,推荐继续保留:
Although the recommendation to use X- has been deprecated, it doesn’t mean that it is no longer supported. In fact, there are still many scenarios where X- continues to be used.
根据stackoverflow,推荐继续保留:
Just as there are many kids that will never end up as professional athletes, many custom headers will never end up as standards. I'm inclined to keep the "X-" on those
If you're using custom HTTP Headers (as a sometimes-appropriate alternative to cookies) within your app to pass data to/from your server, and these headers are, explicitly, NOT intended ever to be used outside the context of your application, name-spacing them with an "X-" or "X-FOO-" prefix is a reasonable, and common, convention.
总结
虽然RFC已经不推荐使用带X前缀的http 头部,但是不推荐不代表禁止。根据stackoverflow和google一些资料,推荐继续使用这样的自定义头部,有时候会提供极大的便利。经过本人观察,很多网站还在使用带X前缀的HTTP头部。