RFC 9110 Quiz

**Explanation:** **Terms:** semantics, transport, method meaning. Semantics describe what a request means and what a response means, regardless of whether it is carried by HTTP/1.1, HTTP/2, or HTTP/3. **Correct (A):** Safety, idempotency, cacheability, and status code meaning are semantic concepts. **Options:** - A (correct): This is about meaning and allowed effects. - B (incorrect): Framing is a transport mapping detail. - C (incorrect): QUIC packet behavior is transport protocol detail, not HTTP semantics. **Related:** Keeping semantics stable across versions is why tools like proxies can reason about methods and caching independent of the underlying transport.

**Explanation:** **Terms:** safe method. A safe method is intended to be read-only and not cause state change on the origin server. **Correct (A):** GET is defined as safe. It should not have side effects beyond logging and similar incidental effects. **Options:** - A (correct): GET retrieves a representation and is safe. - B (incorrect): POST is not safe. It is generally used to create or process resources and can change server state. - C (incorrect): DELETE is not safe. It removes a resource and changes state. **Related:** Safe is not the same as cacheable. Some safe responses are cacheable depending on headers.

**Explanation:** **Terms:** idempotent method. Idempotent means making the same request multiple times has the same intended effect as making it once. **Correct (A,C):** PUT and DELETE are defined as idempotent. Retrying them is generally safe at the semantic level, even though the first attempt might partially fail in practice. **Options:** - A (correct): PUT replaces the target state with the provided representation, so repeating should converge to the same result. - B (incorrect): POST is not idempotent by default. Repeating might create multiple resources or trigger repeated processing. - C (correct): DELETE is idempotent. Deleting twice results in the same end state: the resource is gone. - D (incorrect): CONNECT establishes a tunnel and is not generally treated as idempotent. **Related:** Idempotency is central for retries, load balancers, and safe recovery from network errors.

**Explanation:** **Terms:** status code class. The first digit indicates a broad category of response semantics. **Correct (B):** 3xx responses are redirections: the client may need to take additional action or use another URI. **Options:** - A (incorrect): 4xx are client errors. - B (correct): 3xx indicates redirection semantics. - C (incorrect): 5xx are server errors. **Related:** Redirection is not only 301 and 302. 304 Not Modified is also a 3xx related to cache validation.

**Explanation:** **Terms:** cache, store, revalidate. Cache-Control directives influence whether responses may be stored and under what conditions they may be reused. **Correct (C):** no-store is the strongest instruction: do not store the response. **Options:** - A (incorrect): That is closer to no-cache behavior, where storage is allowed but reuse requires validation. - B (incorrect): no-store applies broadly. If you want a shared-cache-specific rule, other directives like private are relevant. - C (correct): no-store tells caches not to keep a copy. **Related:** Use no-store for highly sensitive data where persistence in browser caches or proxies is unacceptable.

**Explanation:** **Terms:** representation, media type. The media type tells the recipient how to interpret the payload bytes. **Correct:** Content-Type. It describes the format of the representation data. **Why others are wrong:** Content-Length is the size, Accept is a request preference, and Host identifies the target authority. None of those declare payload type. **Related:** Media type parameters like charset can affect decoding and security behavior.