The HTTP header is part of the Hypertext Transfer Protocol (HTTP) and transmits additional information during HTTP requests or responses. In addition to the data that is delivered to a browser by the web server of the called website, server and browser exchange meta information about the document via the HTTP header.
An HTTP request contains a header area with information such as the date of the request, the referrer, or the preferred language. The HTTP response also contains a header field in which the server sends its information to the user's browser. This information exchange is usually invisible to the end user.
HTTP headers include fields which themselves consist of one line. Each line contains a name/value pair - called key-value pair - separated by a colon and is terminated by a line break.
Values that can be used for the HTTP header are defined in the RFC ("Requests for Comments"). In addition to the specified fields, there are also non-standard headers that can be used to add user-defined information. These headers usually start with an
Examples of Request Header Fields
Below, you can see some examples of possible request header fields. For a comprehensive overview of all request and response header fields, see https://en.wikipedia.org/wiki/List_of_HTTP_header_fields.
This field informs the server what kind of data can be returned.
The Accept field in the HTTP request can be used to specify certain MIME types that are accepted by the client. The general syntax is as follows:
Accept: <MIME_type>/<MIME_subtype> ;q=value
Multiple media types can be separated by commas. The optional value q represents the quality level on a scale from 0 to 1. Example:
Accept: text/plain; q = 0,5, text/html, text/x-dvi; q = 0.8, Text/x-c
The available directives are:
- The client supports exactly one MIME type such as text/html:
- A MIME type without a specified subtype. image/* matches image/png, image/svg, image/gif and all other image types:
- Any MIME type:
Each value used is put into a preference order that is expressed using the relative quality value called weight:
;q= (q-factor weighting)
The Accept-Charset field is used in HTTP headers to specify which character sets the client accepts for the response.
If several character sets are specified, enter them separated by commas. For example:
Accept-Charset: iso-8859-5, Unicode-1-1; q = 0,8
The Accept-Encoding header field limits the encoding algorithms that are acceptable in the response. Syntax:
The Accept-Language header field tells the server what human-readable language the server is expected to return. This is an indication and is not necessarily completely controlled by the user. The server should always avoid overriding an explicit user selection. The syntax is:
Accept-Language: <language>; q=qvalue
Multiple languages can be separated by commas. For example:
Accept-Language: en-US; q=0.9
Allowed values can be looked up in RFC 1766.
The Authorization field is used in HTTP headers to authenticate a user-agent with the server. The syntax is as follows:
The Cookie HTTP Request header contains stored HTTP cookies in name/value pairs previously sent by the server using the Set-Cookie header. This behavior can be blocked by browsers so that no cookies are transmitted to the server.
Cookie: name1=value1; name2=value2; name3=value3
The HTTP request header field Expect specifies the client's expectations that must be met by a server for the request to be processed properly.
The general syntax is as follows:
Expect : 100-continue
The From field of HTTP headers contains an email address of the user who controls the requesting client. Example:
The From field can be used in HTTP headers for logging purposes.
The Host field is used in HTTP headers to specify the internet host and port number for the requested resource. The syntax is:
If the port number is missing, this implies the default port 80.
This header field prompts the server to send the requested file only if it matches the specified entity tags. The syntax is:
An asterisk (*) indicates that any file can be sent.
If If-Modified-Since is specified in HTTP headers, a requested resource will only be delivered by the server if it has been changed since the specified date. Otherwise, there will be no delivery and the page will be loaded from the cache of the browser. Syntax:
If-Modified-Since: HTTP date
An example is:
If-Modified-Since: Sat, 13 Oct 2017 15:16:27 GMT
This header prompts the server to send the requested file only if it does not match any of the specified entity tags. The syntax is:
The If-Range header field is used in HTTP headers to request only the part of the content that is missing if the content has not been changed, and the entire content if a change has been made to it. The syntax is as follows:
If-Range: entity-tag/HTTP date
Either an entity tag or a date can be used:
If-Range: Sat, 13 Oct 2017 15:16:27 GMT
If the content has not been changed, the server returns the byte range specified by the range header. Otherwise, the entire new document is returned.
The general syntax is:
If-Unmodified-Since: HTTP date
This field is used in the same way as the If-Modified-Since field.
The Proxy-Authorization header field allows the client to identify itself or the user to a proxy. Syntax:
Proxy-Authorization: <type> <credentials>
The Range header field specifies the subranges of content that are requested. The syntax is:
Range: bytes-unit=first-byte-pos "-" [last-byte-pos]
The values "first-byte-pos" and "last-byte-pos" specify the first and last bytes of the included content, but do not have to be both specified. Multiple content areas can be separated by commas.
The Referrer header field allows the client to specify the address (URL) of the resource from which the URL was requested. The general syntax is as follows:
This header field sends information about the client to a server. For example, the syntax can be as follows:
User-Agent: <product>/<product version> <comment>