问题
Few month ago I had a problem with a custom HTTP header named "SESSION_ID", not been transfered by nginx proxy.
I've been told that underscores are prohibited according to RFC of HTTP protocol.
Googling, I've found that most servers like apache or nginx define them as illegal.
RFC2616 section 4.2 says
follow the same generic format as that given in Section 3.1 of RFC 822 [9]
and RFC822 says
The field-name must be composed of printable ASCII characters (i.e., characters that have values between 33. and 126., decimal, except colon)
underscore is 95 decimal character in ASCII table (belongs to 33-126 range). What am I missing?
回答1:
They are not forbidden. It's CGI legacy. Here
If you do not explicitly set
underscores_in_headers on;, nginx will silently drop HTTP headers with underscores (which are perfectly valid according to the HTTP standard). This is done in order to prevent ambiguities when mapping headers to CGI variables, as both dashes and underscores are mapped to underscores during that process.
回答2:
Underscores in header fields are allowed (RFC 7230, sec. 3.2.), but indeed uncommon.
来源:https://stackoverflow.com/questions/22856136/why-http-servers-forbid-underscores-in-http-header-names