HomeInsightsToolsContact
Eckher
Your guide to what's next.
Eckher
English
Home › Eckher Insights › HTTP headers
Apr 17, 2020

HTTP headers

The list of commonly used HTTP headers.

HTTP headers are included with each HTTP request and response.

Request headers

The following table lists the common HTTP request headers:

HeaderDescription
AcceptLists the content types that the client can understand.
Accept-CharsetLists the character encodings the client understands.
Accept-EncodingLists the content encodings that the client understands.
Accept-LanguageLists the languages and locales that the client prefers.
AuthorizationContains authentication/authorization credentials.
Cache-ControlHolds caching instructions.
ConnectionUsed to specify whether the network connection should stay open.
Content-LengthIndicates the size of the request body.
Content-TypeIndicate the media type of the request body.
CookieContains the client's cookies previously provided by the server with the Set-Cookie response header.
HostSpecifies the domain name of the website accessed.
If-MatchUsed for making conditional requests.
If-Modified-SinceUsed for making conditional requests.
If-None-MatchUsed for making conditional requests.
If-RangeUsed for making conditional range requests.
If-Unmodified-SinceUsed for making conditional requests.
OriginUsed to specify which website the request originates from.
PragmaImplementation-specific header.
Proxy-AuthorizationContains proxy server authentication/authorization credentials.
Proxy-ConnectionDeprecated header.
RangeIndicates which portion of a resource the server should return.
RefererFor requests sent when the user follows a link from page A to page B, contains the address of page A.
Transfer-EncodingSpecifies the encoding for transferring the request body to the server.
User-AgentUsed by the browser to identify itself when sending the request.

Response headers

The following table lists the common HTTP response headers:

HeaderDescription
ConnectionUsed to specify whether the network connection should stay open.
Proxy-ConnectionDeprecated header.
Keep-AliveUsed for keeping the connection open.
TrailerSpecifies which HTTP headers will be present in the trailer part of chunked messages.
Transfer-EncodingSpecifies the encoding for transferring the request body to the client.
WWW-AuthenticateDefines the authentication method supported and required by the server.
Proxy-AuthenticateDefines the authentication method supported and required by the proxy server.
Set-CookieUsed to send cookies from the server to the client.
Set-Cookie2Obsolete header.
Clear-Site-DataPrompts the browser to clear browsing data (cookies, storage, cache) associated with the website.
Strict-Transport-SecurityTells the browser that the website should only be accessed using HTTPS.
TESpecifies the transfer encodings that the server accepts.
Content-LocationSpecifies the alternate location for the returned resource.
Content-MD5Provides an integrity check for the response body.
EtagIdentifies a specific version of the resource.
Content-EncodingIndicates the encoding applied to the response body.
Content-RangeIndicates which portion of a resource the server has returned.
Content-TypeUsed to indicate the media type of the returned response.
Content-LengthUsed to indicate the size of the returned response.
X-Frame-OptionsIndicates whether the browser is allowed to load the page inside the <iframe> and related elements.
X-XSS-ProtectionStops the page from loading in the context of cross-site scripting (XSS) attacks.
Cache-ControlHolds caching instructions.
LocationSpecifies the destination redirect URL.
PragmaImplementation-specific header.
AgeSpecifies how long the object has been cached for.
DateIndicates the moment in time at which the response was initiated.
Last-ModifiedIndicates the moment in time at which the resource was last modified.
ExpiresIndicates the moment in time after which the resource is to be considered stale.
Cover
See also
Signed exchanges
What are signed exchanges and how to implement them?
System-wide HTTP requests
Inspecting all HTTP network requests.
Eckher
Your guide to what's next.
Copyright © 2021 Eckher. Various trademarks held by their respective owners.