BASIC and DIGEST authentication methods
RFC 2068 (January 1997) - Hypertext Transfer Protocol -- HTTP/1.1 - obsolete, replaced by 2616
RFC 2617 (June 1999) - HTTP Authentication: Basic and Digest Access Authentication - obsolete,
RFC 7616 (September 2015) - HTTP Digest Access Authentication
See also RFC 7235 (obsolete), RFC 7615 (obsolete), RFC 9110.
"HTTP State Management Mechanism"
The specification about cookies. It is implemented by org.apache.tomcat.util.http.Rfc6265CookieProcessor that is available since Tomcat 8.0.15 and is the default one starting with Tomcat 8.5.0. See also "Cookies" page in "Development and Development Issues / Archive" on this wiki.
"Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP)"
Content-Disposition header is used by file uploads. See also Bug 59115
"Hypertext Transfer Protocol (HTTP) Keep-Alive Header". A draft of specification.
Support for sending a Keep-Alive response header was added in Tomcat 8.5.48, 9.0.29 — Bug 63835. This feature can be turned off via an attribute on HTTP/1.1 Connector.
|RFC 9218 (June 2022)|
"Extensible Prioritization Scheme for HTTP"
Defines prioritization scheme and priority signals. To be used in HTTP/2 as a replacement for the original specification of stream priority signals (defined by RFC 7540) that was later deprecated by RFC 9113 (section 5.3.2.).
Not yet implemented by Apache Tomcat. (As of December 6th 2022)
The AJP protocol specification lives on the Apache Tomcat Connector web site.