Difference between revisions of "HTTP headers"

From Seobility Wiki
Jump to: navigation, search
Line 15: Line 15:
  
 
Below, you can see some examples of possible request header fields. For a comprehensive overview of all request and response header fields, see https://en.wikipedia.org/wiki/List_of_HTTP_header_fields.
 
Below, you can see some examples of possible request header fields. For a comprehensive overview of all request and response header fields, see https://en.wikipedia.org/wiki/List_of_HTTP_header_fields.
 +
 +
=== Accept Fields ===
 +
 +
The following fields are used to specify what kind of response is accepted by the server.
  
 
'''Accept'''
 
'''Accept'''
Line 82: Line 86:
 
Allowed values can be looked up in RFC 1766.
 
Allowed values can be looked up in RFC 1766.
  
'''Authorization'''
+
=== Authorization ===
  
 
The Authorization field is used in HTTP headers to authenticate a user-agent with the server. The syntax is as follows:
 
The Authorization field is used in HTTP headers to authenticate a user-agent with the server. The syntax is as follows:
Line 88: Line 92:
 
<pre>Authorization:<type> <credentials></pre>
 
<pre>Authorization:<type> <credentials></pre>
  
'''Cookie'''
+
=== Cookie ===
  
 
The [[Cookie]] HTTP Request header contains stored HTTP cookies in name/value pairs previously sent by the server using the Set-Cookie header. This behavior can be blocked by browsers so that no cookies are transmitted to the server.
 
The [[Cookie]] HTTP Request header contains stored HTTP cookies in name/value pairs previously sent by the server using the Set-Cookie header. This behavior can be blocked by browsers so that no cookies are transmitted to the server.
Line 94: Line 98:
 
<pre>Cookie: name1=value1; name2=value2; name3=value3</pre>
 
<pre>Cookie: name1=value1; name2=value2; name3=value3</pre>
  
'''Expect'''
+
=== Expect ===
  
 
The HTTP request header field Expect specifies the client's expectations that must be met by a server for the request to be processed properly.
 
The HTTP request header field Expect specifies the client's expectations that must be met by a server for the request to be processed properly.
Line 102: Line 106:
 
<pre>Expect : 100-continue</pre>
 
<pre>Expect : 100-continue</pre>
  
'''From'''
+
=== From ===
  
 
The From field of HTTP headers contains an email address of the user who controls the requesting client. Example:
 
The From field of HTTP headers contains an email address of the user who controls the requesting client. Example:
Line 110: Line 114:
 
The From field can be used in HTTP headers for logging purposes.
 
The From field can be used in HTTP headers for logging purposes.
  
'''Host'''
+
=== Host ===
  
 
The Host field is used in HTTP headers to specify the internet host and port number for the requested resource. The syntax is:
 
The Host field is used in HTTP headers to specify the internet host and port number for the requested resource. The syntax is:
Line 117: Line 121:
  
 
If the port number is missing, this implies the default port 80.
 
If the port number is missing, this implies the default port 80.
 +
 +
=== If Fields ===
 +
 +
The following fields are used to specify certain conditions under which the requested files should be returned.
  
 
'''If-Match'''
 
'''If-Match'''
Line 172: Line 180:
 
This field is used in the same way as the If-Modified-Since field.
 
This field is used in the same way as the If-Modified-Since field.
  
'''Proxy-Authorization'''
+
=== Proxy-Authorization ===
  
 
The Proxy-Authorization header field allows the client to identify itself or the user to a proxy. Syntax:
 
The Proxy-Authorization header field allows the client to identify itself or the user to a proxy. Syntax:
Line 178: Line 186:
 
<pre>Proxy-Authorization: <type> <credentials></pre>
 
<pre>Proxy-Authorization: <type> <credentials></pre>
  
'''Range'''
+
=== Range ===
  
 
The Range header field specifies the subranges of content that are requested. The syntax is:
 
The Range header field specifies the subranges of content that are requested. The syntax is:
Line 186: Line 194:
 
The values "first-byte-pos" and "last-byte-pos" specify the first and last bytes of the included content, but do not have to be both specified. Multiple content areas can be separated by commas.
 
The values "first-byte-pos" and "last-byte-pos" specify the first and last bytes of the included content, but do not have to be both specified. Multiple content areas can be separated by commas.
  
'''Referrer'''
+
=== Referrer ===
  
 
The Referrer header field allows the client to specify the address (URL) of the resource from which the URL was requested. The general syntax is as follows:
 
The Referrer header field allows the client to specify the address (URL) of the resource from which the URL was requested. The general syntax is as follows:
Line 196: Line 204:
 
<pre>Referer: http://www.example.com</pre>
 
<pre>Referer: http://www.example.com</pre>
  
'''User-Agent'''
+
=== User-Agent ===
  
 
This header field sends information about the client to a server. For example, the syntax can be as follows:
 
This header field sends information about the client to a server. For example, the syntax can be as follows:

Revision as of 14:31, 16 May 2022

Definition

HTTP Header
Figure: HTTP Header - Author: Seobility - License: CC BY-SA 4.0

The HTTP header is part of the Hypertext Transfer Protocol (HTTP) and transmits additional information during HTTP requests or responses. In addition to the data that is delivered to a browser by the web server of the called website, server and browser exchange meta information about the document via the HTTP header.

An HTTP request contains a header area with information such as the date of the request, the referrer, or the preferred language. The HTTP response also contains a header field in which the server sends its information to the user's browser. This information exchange is usually invisible to the end user.

HTTP headers include fields which themselves consist of one line. Each line contains a name/value pair - called key-value pair - separated by a colon and is terminated by a line break.

Values that can be used for the HTTP header are defined in the RFC ("Requests for Comments"). In addition to the specified fields, there are also non-standard headers that can be used to add user-defined information. These headers usually start with an x-.

Examples of Request Header Fields

Below, you can see some examples of possible request header fields. For a comprehensive overview of all request and response header fields, see https://en.wikipedia.org/wiki/List_of_HTTP_header_fields.

Accept Fields

The following fields are used to specify what kind of response is accepted by the server.

Accept

This field informs the server what kind of data can be returned.

The Accept field in the HTTP request can be used to specify certain MIME types that are accepted by the client. The general syntax is as follows:

Accept: <MIME_type>/<MIME_subtype> ;q=value

Multiple media types can be separated by commas. The optional value q represents the quality level on a scale from 0 to 1. Example:

Accept: text/plain; q = 0,5, text/html, text/x-dvi; q = 0.8, Text/x-c

The available directives are:

  • The client supports exactly one MIME type such as text/html:
<MIME_type>/<MIME_subtype>
  • A MIME type without a specified subtype. image/* matches image/png, image/svg, image/gif and all other image types:
<MIME_type>/*
  • Any MIME type:
*/*

Each value used is put into a preference order that is expressed using the relative quality value called weight:

;q= (q-factor weighting)

Accept-Charset

The Accept-Charset field is used in HTTP headers to specify which character sets the client accepts for the response.

Accept-Charset: character-set

If several character sets are specified, enter them separated by commas. For example:

Accept-Charset: iso-8859-5, Unicode-1-1; q = 0,8

Accept-Encoding

The Accept-Encoding header field limits the encoding algorithms that are acceptable in the response. Syntax:

Accept-Encoding: encodings

Examples are:

Accept-Encoding: gzip
Accept-Encoding: *
Accept-Encoding: gzip;q=0.7

Accept-Language

The Accept-Language header field tells the server what human-readable language the server is expected to return. This is an indication and is not necessarily completely controlled by the user. The server should always avoid overriding an explicit user selection. The syntax is:

Accept-Language: <language>; q=qvalue

Multiple languages can be separated by commas. For example:

Accept-Language: en-US; q=0.9

Allowed values can be looked up in RFC 1766.

Authorization

The Authorization field is used in HTTP headers to authenticate a user-agent with the server. The syntax is as follows:

Authorization:<type> <credentials>

Cookie

The Cookie HTTP Request header contains stored HTTP cookies in name/value pairs previously sent by the server using the Set-Cookie header. This behavior can be blocked by browsers so that no cookies are transmitted to the server.

Cookie: name1=value1; name2=value2; name3=value3

Expect

The HTTP request header field Expect specifies the client's expectations that must be met by a server for the request to be processed properly.

The general syntax is as follows:

Expect : 100-continue

From

The From field of HTTP headers contains an email address of the user who controls the requesting client. Example:

From: [email protected]

The From field can be used in HTTP headers for logging purposes.

Host

The Host field is used in HTTP headers to specify the internet host and port number for the requested resource. The syntax is:

Host: host:port

If the port number is missing, this implies the default port 80.

If Fields

The following fields are used to specify certain conditions under which the requested files should be returned.

If-Match

This header field prompts the server to send the requested file only if it matches the specified entity tags. The syntax is:

If-Match: entity-tag

For example:

If-Match: "*"

An asterisk (*) indicates that any file can be sent.

If-Modified-Since

If If-Modified-Since is specified in HTTP headers, a requested resource will only be delivered by the server if it has been changed since the specified date. Otherwise, there will be no delivery and the page will be loaded from the cache of the browser. Syntax:

If-Modified-Since: HTTP date

An example is:

If-Modified-Since: Sat, 13 Oct 2017 15:16:27 GMT

If-None-Match

This header prompts the server to send the requested file only if it does not match any of the specified entity tags. The syntax is:

If-None-Match: entity-tag

Examples are:

If-None-Match: "xyzzy"
If-None-Match: *

If-Range

The If-Range header field is used in HTTP headers to request only the part of the content that is missing if the content has not been changed, and the entire content if a change has been made to it. The syntax is as follows:

If-Range: entity-tag/HTTP date

Either an entity tag or a date can be used:

If-Range: Sat, 13 Oct 2017 15:16:27 GMT

If the content has not been changed, the server returns the byte range specified by the range header. Otherwise, the entire new document is returned.

If-Unmodified-Since

The general syntax is:

If-Unmodified-Since: HTTP date

This field is used in the same way as the If-Modified-Since field.

Proxy-Authorization

The Proxy-Authorization header field allows the client to identify itself or the user to a proxy. Syntax:

Proxy-Authorization: <type> <credentials>

Range

The Range header field specifies the subranges of content that are requested. The syntax is:

Range: bytes-unit=first-byte-pos "-" [last-byte-pos]

The values "first-byte-pos" and "last-byte-pos" specify the first and last bytes of the included content, but do not have to be both specified. Multiple content areas can be separated by commas.

Referrer

The Referrer header field allows the client to specify the address (URL) of the resource from which the URL was requested. The general syntax is as follows:

Referer: URL

For example:

Referer: http://www.example.com

User-Agent

This header field sends information about the client to a server. For example, the syntax can be as follows:

User-Agent: <product>/<product version> <comment>

Similar articles