1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>
4 <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" />
6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
7 This file is generated from xml source: DO NOT EDIT
8 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
10 <title>HTTP Protocol Compliance - Apache HTTP Server Version 2.5</title>
11 <link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
12 <link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
13 <link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
14 <script src="./style/scripts/prettify.min.js" type="text/javascript">
17 <link href="./images/favicon.ico" rel="shortcut icon" /></head>
18 <body id="manual-page"><div id="page-header">
19 <p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p>
20 <p class="apache">Apache HTTP Server Version 2.5</p>
21 <img alt="" src="./images/feather.png" /></div>
22 <div class="up"><a href="./"><img title="<-" alt="<-" src="./images/left.gif" /></a></div>
24 <a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="./">Version 2.5</a></div><div id="page-content"><div id="preamble"><h1>HTTP Protocol Compliance</h1>
26 <p><span>Available Languages: </span><a href="./en/compliance.html" title="English"> en </a> |
27 <a href="./fr/compliance.html" hreflang="fr" rel="alternate" title="Français"> fr </a></p>
30 <p>This document describes the mechanism to set a policy for HTTP
31 protocol compliance for a given URL space by the origin servers or
32 applications behind that URL space.</p>
34 <p>For those who may have received an error message from a rejected
35 policy, and need to know what the policy rejection means and what
36 they might do to fix the error, each policy is described below.</p>
38 <div id="quickview"><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#intro">Enforcing HTTP Protocol Compliance in Apache 2</a></li>
39 <li><img alt="" src="./images/down.gif" /> <a href="#policyconditional">Conditional Request Policy</a></li>
40 <li><img alt="" src="./images/down.gif" /> <a href="#policylength">Content-Length Policy</a></li>
41 <li><img alt="" src="./images/down.gif" /> <a href="#policytype">Content-Type Policy</a></li>
42 <li><img alt="" src="./images/down.gif" /> <a href="#policykeepalive">Keepalive Policy</a></li>
43 <li><img alt="" src="./images/down.gif" /> <a href="#policymaxage">Freshness Lifetime / Maxage Policy</a></li>
44 <li><img alt="" src="./images/down.gif" /> <a href="#policynocache">No Cache Policy</a></li>
45 <li><img alt="" src="./images/down.gif" /> <a href="#policyvalidation">Validation Policy</a></li>
46 <li><img alt="" src="./images/down.gif" /> <a href="#policyvary">Vary Header Policy</a></li>
47 <li><img alt="" src="./images/down.gif" /> <a href="#policyversion">Protocol Version Policy</a></li>
48 </ul><h3>See also</h3><ul class="seealso"><li><a href="filter.html">Filters</a></li><li><a href="#comments_section">Comments</a></li></ul></div>
49 <div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
51 <h2><a name="intro" id="intro">Enforcing HTTP Protocol Compliance in Apache 2</a></h2>
53 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyconditional">PolicyConditional</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policylength">PolicyLength</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policykeepalive">PolicyKeepalive</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policytype">PolicyType</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policyvary">PolicyVary</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policyvalidation">PolicyValidation</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policynocache">PolicyNocache</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policymaxage">PolicyMaxage</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policyversion">PolicyVersion</a></code></li></ul></td></tr></table>
55 <p>The HTTP protocol follows the <strong>robustness principle</strong>
56 as described in <a href="http://tools.ietf.org/html/rfc1122">RFC1122</a>,
57 which states <strong>"Be liberal in what you accept, and conservative in
58 what you send"</strong>. As a result of this principle, HTTP clients will
59 compensate for and recover from incorrect or misconfigured responses, or
60 responses that are uncacheable.</p>
62 <p>As a website is scaled up to face greater and greater traffic loads,
63 suboptimal or misconfigured applications or server configurations can
64 threaten both the stability and scalability of the website, as well as
65 the hosting costs associated with it. A website can also scale up to face
66 greater configuration complexity, and it can be increasingly difficult to
67 detect and keep track of suboptimally configured URL spaces on a given
70 <p>Eventually a point is reached where the principle "conservative in
71 what you send" needs to be enforced by the server administrator.</p>
73 <p>The <code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code> module provides a set of filters
74 which can be applied to a server, allowing key features of the HTTP
75 protocol to be explicitly tested, and non compliant responses logged as
76 warnings, or rejected outright as an error. Each filter can be applied
77 separately, allowing the administrator to pick and choose which policies
78 should be enforced depending on the circumstances of their environment.
81 <p>The filters might be placed in testing and staging environments for
82 the benefit of application and website developers, or may be applied
83 to production servers to protect infrastructure from systems outside
84 the administrator's direct control.</p>
87 <img src="images/compliance-reverse-proxy.png" width="666" height="239" alt="Enforcing HTTP protocol compliance for an application server" />
90 <p>In the above example, an Apache httpd server has been placed between
91 the application server and the internet at large, and configured to cache
92 responses from the application server. The <code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code>
93 filters have been added to enforce support for cacheable content and
94 conditional requests, ensuring that both <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> and
95 public caches on the internet are fully able to cache content created
96 by the restful application server efficiently.</p>
99 <img src="images/compliance-static.png" width="469" height="239" alt="Enforcing HTTP protocol compliance in a static server" />
102 <p>In the above simpler example, a static server serving highly cacheable
103 content has a set of policies applied to ensure that the server configuration
104 conforms to a minimum level of compliance.</p>
106 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
107 <div class="section">
108 <h2><a name="policyconditional" id="policyconditional">Conditional Request Policy</a></h2>
110 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyconditional">PolicyConditional</a></code></li></ul></td></tr></table>
112 <p>This policy will be rejected if the server does not correctly respond
113 to a conditional request with the appropriate status code.</p>
115 <p>Conditional requests form the mechanism by which an HTTP cache makes
116 stale content fresh again, and particularly for content with short freshness
117 lifetimes, lack of support for conditional requests can add avoidable load
120 <p>Most specifically, the existence of any of following headers in the
121 request makes the request conditional:</p>
124 <dt><code>If-Match</code></dt>
125 <dd>If the provided ETag in the <code>If-Match</code> header does not match
126 the ETag of the response, the server should return
127 <code>412 Precondition Failed</code>. Full details of how to handle an
128 <code>If-Match</code> header can be found in
129 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.24">
130 RFC2616 section 14.24</a>.</dd>
132 <dt><code>If-None-Match</code></dt>
133 <dd>If the provided ETag in the <code>If-None-Match</code> header matches
134 the ETag of the response, the server should return either
135 <code>304 Not Modified</code> for GET/HEAD requests, or
136 <code>412 Precondition Failed</code> for other methods. Full details of how
137 to handle an <code>If-None-Match</code> header can be found in
138 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.26">
139 RFC2616 section 14.26</a>.</dd>
141 <dt><code>If-Modified-Since</code></dt>
142 <dd>If the provided date in the <code>If-Modified-Since</code> header is
143 older than the <code>Last-Modified</code> header of the response, the server
144 should return <code>304 Not Modified</code>. Full details of how to handle an
145 <code>If-Modified-Since</code> header can be found in
146 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.25">
147 RFC2616 section 14.25</a>.</dd>
149 <dt><code>If-Unmodified-Since</code></dt>
150 <dd>If the provided date in the <code>If-Modified-Since</code> header is
151 newer than the <code>Last-Modified</code> header of the response, the server
152 should return <code>412 Precondition Failed</code>. Full details of how to
153 handle an <code>If-Unmodified-Since</code> header can be found in
154 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.28">
155 RFC2616 section 14.28</a>.</dd>
157 <dt><code>If-Range</code></dt>
158 <dd>If the provided ETag or date in the <code>If-Range</code> header matches
159 the ETag or Last-Modified of the response, and a valid <code>Range</code>
160 is present, the server should return
161 <code>206 Partial Response</code>. Full details of how to handle an
162 <code>If-Range</code> header can be found in
163 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.27">
164 RFC2616 section 14.27</a>.</dd>
168 <p>If the response is detected to have been successful (a 2xx response),
169 but was conditional and one of the responses above was expected instead,
170 this policy will be rejected. Responses that indicate a redirect or a
171 failure of some kind (3xx, 4xx, 5xx) will be ignored by this policy.</p>
173 <p>This policy is implemented by the <strong>POLICY_CONDITIONAL</strong>
176 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
177 <div class="section">
178 <h2><a name="policylength" id="policylength">Content-Length Policy</a></h2>
180 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policylength">PolicyLength</a></code></li></ul></td></tr></table>
182 <p>This policy will be rejected if the server response does not contain
183 an explicit <code>Content-Length</code> header.</p>
185 <p>There are a number of ways of determining the length of a response
186 body, described in full in
187 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.4">
188 RFC2616 section 4.4 Message Length</a>.</p>
190 <p>When the <code>Content-Length</code> header is present, the size of
191 the body is declared at the start of the response. If this information
192 is missing, an HTTP cache might choose to ignore the response, as it
193 does not know in advance whether the response will fit within the
194 cache's defined limits.</p>
196 <p>HTTP/1.1 defines the <code>Transfer-Encoding</code> header as an
197 alternative to <code>Content-Length</code>, allowing the end of the
198 response to be indicated to the client without the client having to
199 know the length beforehand. However, when HTTP/1.0 requests are
200 processed, and no <code>Content-Length</code> is specified, the only
201 mechanism available to the server to indicate the end of the request
202 is to drop the connection. In an environment containing load
203 balancers, this can cause the keepalive mechanism to be bypassed.
206 <p>If the response is detected to have been successful (a 2xx response),
207 and has a response body (this excludes <code>204 No Content</code>), and
208 the <code>Content-Length</code> header is missing, this policy will be
209 rejected. Responses that indicate a redirect or a failure of some kind
210 (3xx, 4xx, 5xx) will be ignored by this policy.</p>
212 <div class="warning">It should be noted that some modules, such as
213 <code class="module"><a href="./mod/mod_proxy.html">mod_proxy</a></code>, add their own <code>Content-Length</code>
214 header should the response be small enough for it to have been possible
215 to read the response lacking such a header in one go. This may cause
216 small responses to pass this policy, while larger responses may
217 fail for the same URL.</div>
219 <p>This policy is implemented by the <strong>POLICY_LENGTH</strong>
222 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
223 <div class="section">
224 <h2><a name="policytype" id="policytype">Content-Type Policy</a></h2>
226 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policytype">PolicyType</a></code></li></ul></td></tr></table>
228 <p>This policy will be rejected if the server response does not contain
229 an explicit and syntactically correct <code>Content-Type</code> header
230 that matches the server defined pattern.</p>
232 <p>The media type of the body is placed in the <code>Content-Type</code>
233 header, and the format of the header is described in full in
234 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.7">
235 RFC2616 section 3.7 Media Types</a>.</p>
237 <p>A syntactically valid content type might look as follows:</p>
239 <div class="example"><p><code>
240 Content-Type: text/html; charset=iso-8859-1
243 <p>Invalid content types might include:</p>
245 <div class="example"><p><code>
247 Content-Type: foo<br />
252 <p>The server administrator has the option to restrict the policy to one
253 or more specific types, or could specify a general wildcard type such as
254 <code>*/*</code>.</p>
256 <p>This policy is implemented by the <strong>POLICY_TYPE</strong>
259 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
260 <div class="section">
261 <h2><a name="policykeepalive" id="policykeepalive">Keepalive Policy</a></h2>
263 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policykeepalive">PolicyKeepalive</a></code></li></ul></td></tr></table>
265 <p>This policy will be rejected if the server response does not contain
266 an explicit <code>Content-Length</code> header, or a
267 <code>Transfer-Encoding</code> of chunked.</p>
269 <p>There are a number of ways of determining the length of a response
270 body, described in full in
271 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.4">
272 RFC2616 section 4.4 Message Length</a>.</p>
274 <p>When the <code>Content-Length</code> header is present, the size of
275 the body is declared at the start of the response. HTTP/1.1 defines the
276 <code>Transfer-Encoding</code> header as an alternative to
277 <code>Content-Length</code>, allowing the end of the response to be
278 indicated to the client without the client having to know the length
279 beforehand. In the absence of these two mechanisms, the only way for
280 a server to indicate the end of the request is to drop the connection.
281 In an environment containing load balancers, this can cause the keepalive
282 mechanism to be bypassed.
285 <p>Most specifically, we follow these rules:</p>
289 <dd>we have not marked this connection as errored;</dd>
292 <dd>the client isn't expecting 100-continue</dd>
295 <dd>the response status does not require a close;</dd>
298 <dd>the response body has a defined length due to the status code
299 being 304 or 204, the request method being HEAD, already having defined
300 Content-Length or Transfer-Encoding: chunked, or the request version
301 being HTTP/1.1 and thus capable of being set as chunked</dd>
304 <dd>we support keepalive.</dd>
307 <div class="warning">The server may choose to turn off keepalive for
308 various reasons, such as an imminent shutdown, or a Connection: close from
309 the client, or an HTTP/1.0 client request with a response with no
310 <code>Content-Length</code>, but for our purposes we only care that
311 keepalive was possible from the application, not that keepalive actually
314 <p>It should also be noted that the Apache httpd server includes a filter
315 that adds chunked encoding to responses without an explicit content
316 length. This policy catches those cases where this filter is bypassed or
319 <p>This policy is implemented by the <strong>POLICY_KEEPALIVE</strong>
322 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
323 <div class="section">
324 <h2><a name="policymaxage" id="policymaxage">Freshness Lifetime / Maxage Policy</a></h2>
326 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policymaxage">PolicyMaxage</a></code></li></ul></td></tr></table>
328 <p>This policy will be rejected if the server response does not have
329 an explicit <strong>freshness lifetime</strong> at least as long
330 as the server defined limit, or if the freshness lifetime is
331 calculated based on a heuristic.</p>
333 <p>Full details of how a freshness lifetime is calculated is described in
335 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.2">
336 RFC2616 section 13.2 Expiration Model</a>.</p>
338 <p>During the freshness lifetime, a cache does not need to contact the
339 origin server at all, it can simply pass the cached content as is back
342 <p>When the freshness lifetime is reached, the cache should contact the
343 origin server in an effort to check whether the content is still fresh,
344 and if not, replace the content.</p>
346 <p>When the freshness lifetime is too short, it can result in excessive
347 load on the server. In addition, should an outage occur that is as long
348 or longer than the freshness lifetime, all cached content will become
349 stale, which could cause a thundering herd of traffic when the
350 server or network returns.</p>
352 <p>This policy is implemented by the <strong>POLICY_MAXAGE</strong>
355 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
356 <div class="section">
357 <h2><a name="policynocache" id="policynocache">No Cache Policy</a></h2>
359 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policynocache">PolicyNocache</a></code></li></ul></td></tr></table>
361 <p>This policy will be rejected if the server response declares itself
362 uncacheable using either the <code>Cache-Control</code> or
363 <code>Pragma</code> headers.</p>
365 <p>Full details of how content may be declared uncacheable is described in
367 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.1">
368 RFC2616 section 14.9.1 What is Cacheable</a>, and within the definition
369 for the <code>Pragma</code> header in
370 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.32">
371 RFC2616 section 14.32 Pragma</a>.</p>
373 <p>Most specifically, should any of the following header combinations
374 exist in the response headers, the response will be rejected:</p>
377 <li><code>Cache-Control: no-cache</code></li>
378 <li><code>Cache-Control: no-store</code></li>
379 <li><code>Cache-Control: private</code></li>
380 <li><code>Pragma: no-cache</code></li>
383 <p>When unexpected, uncacheable content may produce unacceptable levels
384 of server load, or may incur significant cost. When this policy is enabled,
385 all server defined uncacheable content will be rejected.</p>
387 <p>This policy is implemented by the <strong>POLICY_NOCACHE</strong>
390 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
391 <div class="section">
392 <h2><a name="policyvalidation" id="policyvalidation">Validation Policy</a></h2>
394 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyvalidation">PolicyValidation</a></code></li></ul></td></tr></table>
396 <p>This policy will be rejected if the server response does not contain
397 either a syntactically correct <code>ETag</code> or
398 <code>Last-Modified</code> header.</p>
400 <p>The <code>ETag</code> header is described in full in
401 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.19">
402 RFC2616 section 14.19 Etag</a>, and the <code>Last-Modified</code> header
403 is described in full in
404 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.29">
405 RFC2616 section 14.29 Last-Modified</a>.</p>
407 <p>In addition to being checked present, the headers are checked for
410 <p>An <code>ETag</code> that is not surrounded with quotes, or is not
411 declared "weak" by prefixing it with a "W/" will cause the policy to be
412 rejected. A <code>Last-Modified</code> that is not parsed as a valid date
413 will cause the policy to be rejected.</p>
415 <p>This policy is implemented by the <strong>POLICY_VALIDATION</strong>
418 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
419 <div class="section">
420 <h2><a name="policyvary" id="policyvary">Vary Header Policy</a></h2>
422 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyvary">PolicyVary</a></code></li></ul></td></tr></table>
424 <p>This policy will be rejected if the server response contains a
425 <code>Vary</code> header, and that header in turn contains a header
426 blacklisted by the administrator.</p>
428 <p>The <code>Vary</code> header is described in full in
429 <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.44">
430 RFC2616 section 14.44 Vary</a>.</p>
432 <p>Some client provided headers, such as <code>User-Agent</code>,
433 can contain thousands or millions of combinations of values over a period
434 of time, and if the response is declared cacheable, a cache might attempt
435 to cache each of these responses separately, filling up the cache and
436 crowding out other entries in the cache. In this scenario, if so
437 configured, the policy will reject the response.</p>
439 <p>This policy is implemented by the <strong>POLICY_VARY</strong>
442 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
443 <div class="section">
444 <h2><a name="policyversion" id="policyversion">Protocol Version Policy</a></h2>
446 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyversion">PolicyVersion</a></code></li></ul></td></tr></table>
448 <p>This policy will be rejected if the client request was made with a
449 version number lower than the version of HTTP specified.</p>
451 <p>This policy is typically used with restful applications where
452 control over the type of client is desired. This policy can be used
453 alongside the <code>POLICY_KEEPALIVE</code> filter to ensure that
454 HTTP/1.0 clients don't cause keepalive connections to be dropped.</p>
456 <p>Possible minimum versions that could be specified are:</p>
458 <ul><li><code>HTTP/1.1</code></li>
459 <li><code>HTTP/1.0</code></li>
460 <li><code>HTTP/0.9</code></li>
463 <p>This policy is implemented by the <strong>POLICY_VERSON</strong>
467 <div class="bottomlang">
468 <p><span>Available Languages: </span><a href="./en/compliance.html" title="English"> en </a> |
469 <a href="./fr/compliance.html" hreflang="fr" rel="alternate" title="Français"> fr </a></p>
470 </div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
471 <script type="text/javascript"><!--//--><![CDATA[//><!--
472 var comments_shortname = 'httpd';
473 var comments_identifier = 'http://httpd.apache.org/docs/trunk/compliance.html';
475 if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
476 d.write('<div id="comments_thread"><\/div>');
477 var s = d.createElement('script');
478 s.type = 'text/javascript';
480 s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
481 (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
484 d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
486 })(window, document);
487 //--><!]]></script></div><div id="footer">
488 <p class="apache">Copyright 2016 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
489 <p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
490 if (typeof(prettyPrint) !== 'undefined') {