HTTP headers

Definition

HTTP headers are part of data transfer on the internet. HTTP is the abbreviation for Hypertext Transfer Protocol. Before data of a requested website is delivered from a web server to a browser, the server and browser exchange so-called meta information about the document or website via the HTTP header.

With the HTTP request, browsers transmit information about the date of the request, preferred language, or referrer to a server. This information is answered by the server with an HTTP response header in the response message.

Figure: HTTP request and response, Author: Seobility

The HTTP request or response header contains so-called fields, which consist of one line each. Each line contains a name/value pair separated by a colon and is terminated by a CRLF character string (CR = carriage return and LF = line feed).

Values that can be used for an HTTP request or response header are defined in RFC ("Requests for Comments"). These are formal documents of the Internet Engineering Task Force (IETF), which include standards used on the internet.

Examples of Request Header Fields

Below, you can see some examples of possible request header fields. For a comprehensive overview of all request and response header fields, see https://en.wikipedia.org/wiki/List_of_HTTP_header_fields.

Accept

The Accept field in an HTTP request can be used to specify certain media types that are accepted by the client. The general syntax is as follows:

Accept: type/subtype [q=qvalue]

Multiple media types can be separated by commas. The optional value q represents the quality level on a scale from 0 to 1. Example:

Accept: text/plain; q = 0,5, text/html, text/x-dvi; q = 0.8, Text/x-c

Accept-Charset

The Accept-Charset field is used in HTTP headers to specify which character sets the client accepts for the response.

Accept-Charset: character-set

If several character sets are specified, enter them separated by commas. For example:

Accept-Charset: iso-8859-5, Unicode-1-1; q = 0,8

Accept-Encoding

The Accept-Encoding header field limits the encodings that are acceptable in the response. Syntax:

Accept-Encoding: encodings

Examples are:

Accept-Encoding: gzip

Accept-Encoding: *

Accept-Encoding: gzip; q = 0.7

Accept-Language

The Accept-Language header field limits the set of natural languages that are preferred in response to the request. The syntax is:

Accept-Language: language; q=qvalue

Multiple languages can be separated by commas. For example:

Accept-Language: en-US; q = 0.9

Allowed values can be looked up in RFC 1766.

Authorization

The Authorization field is used in HTTP headers to send login information to a server. The syntax is as follows:

Authorization: login information

Cookie

The cookie header field contains a name/value pair with information stored for the requested URL. Multiple cookie information can be specified here:

Cookie: name1=value1; name2=value2; name3=value3

Expect

The HTTP request header field Expect specifies the client's expectations that must be met by a server for the request to be processed properly.

The general syntax is as follows:

Expect : 100-continue

From

The From field of HTTP headers contains an email address of the user who controls the requesting client. Example:

From: [email protected]

The From field can be used in HTTP headers for logging purposes and for identification.

Host

The Host field is used in HTTP headers to specify the internet host and port number for the requested resource. The syntax is:

Host: host:port

If the port number is missing, this implies the default port 80.

If-Match

This header field prompts the server to send the requested file only if it matches the specified entity tags. The syntax is:

If-Match: entity-tag

For example:

If-Match: "*"

An asterisk (*) indicates that any file can be sent.

If-Modified-Since

If If-Modified-Since is specified in HTTP headers, a requested resource will only be delivered by the server if it has been changed since the specified date. Otherwise, there will be no delivery and the page will be loaded from the cache of the browser. Syntax:

If-Modified-Since: HTTP date

An example is:

If-Modified-Since: Sat, 13 Oct 2017 15:16:27 GMT

If-None-Match

This header prompts the server to send the requested file only if it does not match any of the specified entity tags. The syntax is:

If-None-Match: entity-tag

Examples are:

If-None-Match: "xyzzy"

If-None-Match: *

If-Range

The If-Range header field is used in HTTP headers to request only the part of the content that is missing if the content has not been changed, and the entire content if a change has been made to it. The syntax is as follows:

If-Range: entity-tag/HTTP date

Either an entity tag or a date can be used:

If-Range: Sat, 13 Oct 2017 15:16:27 GMT

If the content has not been changed, the server returns the byte range specified by the range header. Otherwise, the entire new document is returned.

If-Unmodified-Since

The general syntax is:

If-Unmodified-Since: HTTP date

This field is used in the same way as the If-Modified-Since field.

Max-Forwards

Max-Forwards tells proxy servers the maximum number of times a message can be forwarded. The syntax is as follows:

Max-Forwards: n

The Max-Forwards value "n" is a decimal number. Max-Forwards is useful for debugging with the TRACE method, avoiding endless loops. The Max-Forwards header field can be ignored for all other methods defined in the HTTP specification.

Proxy-Authorization

The Proxy-Authorization header field allows the client to identify itself or the user to a proxy. Syntax:

Proxy-Authorization: login information

Range

The range request-header field specifies the subranges of content that are requested. The syntax is:

Range: bytes-unit=first-byte-pos "-" [last-byte-pos]

The values "first-byte-pos" and "last-byte-pos" specify the first and last bytes of the included content, but do not have to be both specified. Multiple content areas can be separated by commas.

Referrer

The Referrer header field allows the client to specify the address (URL) of the resource from which the URL was requested. The general syntax is as follows:

Referer: URL