HTTP header¶
What are HTTP headers?¶
HTTP headers contain metadata in key-value pairs sent along with HTTP requests and responses. They can be used to define caching behavior, facilitate authentication, and manage session state.
Common HTTP headers¶
Accept¶
The Accept header defines the media types the client can accept from the server. For instance, Accept: application/json, text/html indicates that the client prefers JSON or HTML responses.
User-Agent¶
The User-Agent header identifies the web browser or client application making the request, enabling the server to tailor its response to the client.
Authorization¶
The Authorization header sends the client’s credentials to the server when the client attempts to access a protected resource.
Content-Type¶
The Content-Type header identifies the media type of the content in the request body. For instance, Content-Type: application/json indicates that the request body contains JSON data.
Cookie¶
The client can use the Cookie header to return previously-stored cookies to the server. The server then uses these cookies to associate the request with a specific user or session. This header is vital in delivering personalized experiences, enabling the server to remember a user’s login state or language preference.
Common Response Headers¶
Content-Type¶
The Content-Type response header is the counterpart of the Content-Type request header, as it indicates the data the server sends to the client.
Cache-Control¶
The Cache-Control header controls caching behavior in the client’s browser or intermediate caches. It defines how the response can be cached, when it expires, and how it should be revalidated.
Server¶
The Server header includes the name and version of the server software that generated the response and information about the server’s technology stack. For instance, Server: Apache/2.4.10 (Unix) indicates that the Apache web server version 2.4.10 generated the response.
Set-Cookie¶
The Set-Cookie header instructs the client to store a cookie with the specified name, value, and additional attributes, such as expiration, domain, path, and security flags.
Content-Length¶
The Content-Length header, which specifies the size of the response body in bytes, can help the client anticipate how much data it will receive.