HTTP header Technical data [reprint]

First, the basic article
HTTP (hypertexttransferprotocol) is the abbreviation of Hypertext Transfer Protocol, it is used to transmit data of WWW mode, please refer to RFC2616 for details of HTTP protocol. The HTTP protocol uses a request/response model. The client sends a request to the server that contains the requested method, URI, protocol version, and a mime-like message structure that contains the request modifiers, customer information, and content. The server responds with a status line, which includes the version of the message protocol, the success or error code plus the containing server information, entity meta information, and possible entity content.
Typically, HTTP messages include the client's request message to the server and the server's response message to the client. The two types of messages consist of a starting row, one or more header fields, and an empty row and an optional message body that is just the end of the head field.the HTTP header domain includes a universal header, a request header, a response header, and an entity header four parts。 Each header field consists of a domain name, a colon (:), and a field value of three parts. Domain names are case-insensitive, field values can be added to any number of spaces, and header fields can be extended to multiple lines, at the beginning of each line, with at least one space or tab.
1. common header field
The Common header field contains the header fields supported by both the request and response messages, and the Common header field contains Cache-control, Connection, Date, Pragma, transfer-encoding, Upgrade, Via. Extensions to the common header domain require both sides of the communication to support this extension, and if there are unsupported common header domains, they will normally be treated as entity headers. The following is a brief introduction to a few common header domains used in UPnP messages.
Cache-control Header Field
CACHE-CONTROL Specifies the caching mechanism that the request and response follow. Setting Cache-control in a request message or in a response message does not modify the caching process during another message handling process. The cached instructions at request include No-cache, No-store, Max-age, Max-stale, Min-fresh, only-if-cached, and the instructions in the response message include public, private, No-cache, No-store, No-transform, Must-revalidate, Proxy-revalidate, Max-age. The instructions in each message have the following meanings:
PublicIndicates that the response can be cached by any buffer.
PrivateIndicates that the entire or partial response message for a single user cannot be handled by the shared cache. This allows the server to simply describe a partial response message from the user, which is not valid for other users ' requests.
No-cacheIndicates that a request or response message cannot be cached
No-storeUsed to prevent important information from being inadvertently released. Sending in a request message will not use caching for both request and response messages.
Max-ageIndicates that the client can receive a response that is no longer than the specified time in seconds.
Min-freshIndicates that the client can receive response times that are less than the current time plus a specified time.
Max-staleIndicates that the client can receive response messages that exceed the timeout period. If you specify a value for the Max-stale message, the client can receive a response message that exceeds the specified value for the timeout period.
Date Header Field
The Date header field represents the time when the message was sent, and the description format of the time is defined by rfc822. For example, Date:mon,31dec200104:25:57gmt. When the time represented by the date represents the world standard, it is converted to local time and needs to know the time zone in which the user is located.
pragma header field
The Pragma header field is used to contain implementation-specific instructions, most commonly pragma:no-cache. In the http/1.1 protocol, it has the same meaning as Cache-control:no-cache.
2. Request Message
The first behavior of the request message is in the following format:
Method sp Request-uri sp http-version CRLF 　
method represents the methods that are completed for Request-uri, this field is case sensitive, including options,, POST, put, DELETE, TRACE. The method get and head should be supported by all common Web servers, and the implementation of all other methods is optional.Get MethodRetrieve the information identified by the Request-uri. The head method is also to retrieve the information identified by the Request-uri, except that the message body is not returned when responding.Post MethodYou can request that the server receive entity information contained in the request, which can be used to submit the form and send messages to newsgroups, BBS, mail groups, and databases.
sp denotes space。
Request-uri follow URI format, when the Cheweishing number (*) is used, the request is not used for a particular resource address, but for the server itself.
Http-version represents supported HTTP versions, for example for http/1.1.
CRLF represents a line feed return character.
The request header domain allows the client to deliver additional information about the request or about the client to the server. The Request header field may contain the following fields Accept, Accept-charset, accept-encoding, Accept-language, Authorization, from, Host, If-modified-since, If-match, If-none-match, If-range, If-range, If-unmodified-since, Max-forwards, Proxy-authorization, Range, Referer, User-agent. The extension of the Request header field requires both communication support, and if an unsupported request header field exists, it will normally be treated as an entity header domain.
A typical request message:
Gethttp://class/download.microtool.de:80/somedata.exe
Host:download.microtool.de
accept:*/*
Pragma:no-cache
Cache-control:no-cache
referer:http://class/download.microtool.de/
User-agent:mozilla/4.04[en] (win95;i; NAV)
range:bytes=554554-
The first line of the previous example indicates that the HTTP client (possibly the browser, the download program) obtains the file under the specified URL through the Get method. The brown section represents the information for the Request header field, and the green section represents the generic head section.
Host Header Field
The Host header field specifies the Intenet host and port number of the requesting resource, and must represent the location of the original server or gateway that requested the URL. The http/1.1 request must contain a host header domain or the system will return with a 400 status code.
referer Header Field
The Referer header field allows the client to specify the source resource address of the request URI, which allows the server to generate a fallback list that can be used to log in, optimize cache, and so on. He also permits the abolition or wrong connections to be tracked because of maintenance purposes. If the requested URI does not have its own URI address, Referer cannot be sent. If a partial URI address is specified, this address should be a relative address.
Range Header Field
The Range header field can request one or more child scopes for an entity. For example
Represents the first 500 bytes: bytes=0-499
Represents a second 500 byte: bytes=500-999
Represents last 500 bytes: bytes=-500
Represents 500 bytes after range: bytes=500-
First and last byte: Bytes=0-0,-1
Specify several ranges at the same time: bytes=500-600,601-999
However, the server can ignore this request header, and if the unconditional get contains the range request header, the response is returned in status Code 206 (partialcontent) instead of (OK).
user-agent Header Field
The contents of the User-agent header field contain the user information that made the request.
3. Response message
The first behavior of the response message is in the following format:
http-version sp Status-code sp reason-phrase CRLF
Http-version represents supported HTTP versions, for example for http/1.1.
Status-code is a three-digit result code。
Reason-phrase provides a simple text description for Status-code.。 Status-code is mainly used for automatic machine identification, reason-phrase is mainly used to help users understand. The first number of Status-code defines the category of the response, and the latter two digits do not have a classification effect. The first number may take 5 different values:
1XX: Information response class, which indicates receipt of a request and continues processing
2XX: Handling a successful response class, indicating that the action was successfully received, understood, and accepted
3XX: Redirect Response class, in order to complete the specified action, you must accept further processing
4XX: Client error, customer request contains syntax error or is not properly executed
5XX: Service-side error, server does not perform a correct request correctly
The Response header field allows the server to pass additional information that cannot be placed in the status row, which mainly describes the server's information and Request-uri further information. The Response header field contains age, Location, proxy-authenticate, Public, Retry-after, Server, Vary, Warning, Www-authenticate. The extension of the Response header field requires both communication support and, if an unsupported response header field exists, it will normally be treated as an entity header domain.
Typical response message:
Http/1.0200ok
Date:mon,31dec200104:25:57gmt
server:apache/1.3.14 (Unix)
Content-type:text/html
Last-modified:tue,17apr200106:46:28gmt
Etag: "a030f020ac7c01:1e9f"
content-length:39725426
content-range:bytes554554-40279979/40279980
The first line of the previous example indicates that the HTTP server responds to a GET method. The brown section represents the Response header field information, the green section represents the generic header section, and the red section represents the information for the Entity header field.
Location Response Header
The location response header is used to redirect the recipient to a new URI address.
Server response Header
The server response header contains software information for the original server that processed the request. This field can contain multiple product identities and annotations, and product identities are generally sorted by importance.
4. Entity Information
Both the request message and the response message can contain entity information.entity information is generally composed of entity header fields and entities. The Entity header field contains the original information about the entity, and the entity headers include allow, Content-base, content-encoding, Content-language, Content-length, Content-location, CONTENT-MD5, Content-range, Content-type, Etag, Expires, Last-modified, Extension-header. Extension-header allows clients to define new entity headers, but these domains may not be recognized by the recipient. An entity can be an encoded byte stream encoded by content-encoding or content-type, and its length is defined by content-length or Content-range.
Content-type Entity Header
Content-typeThe entity header is used to indicate the media type of the entity to the receiver, specify the entity media type to which the head method is sent to the receiver, or the request media type sent by the Get method Content-range the entity header
Content-range Entity Header
Used to specify the insertion position of a portion of the entire entity, and he also indicates the length of the entire entity. When the server returns a partial response to the customer, it must describe the scope of the response coverage and the entire entity length. General format:
content-range:bytes-unit SP first-byte-pos-last-byte-pos/entity-legth
For example, the form of a 500-byte secondary field for the transport header: content-range:bytes0-499/1234 If an HTTP message contains this section (for example, a response to a range request or a range of overlapping requests), Content-range represents the range of the transfer, Content-length represents the actual number of bytes transferred.
last-modified Entity Header
Last-modified The entity header specifies the last revision time for content saved on the server.
5, HTTP Header Reference (Microsoft)
Both HTTP requests and HTTP responses use headers to send information about HTTP messages. The header consists of a series of rows, each containing the name, followed by a colon, a space, and a value. Fields can be arranged in any order. Some header fields can be used for both the request header and the response header, while others can only be used for one of the header fields.
Many request header fields allow clients to specify multiple acceptable options in the Value section, and sometimes even rank preferences for these options. Multiple items are separated by commas. For example, a client can send a request header containing "content-encoding:gzip, compress," to indicate that various types of compression can be accepted. If the response body of the server uses gzip encoding, the response header will contain "Content-encoding:gzip".
Some fields can appear multiple times in a single header. For example, a header can have more than one "Warning" field.
The following table lists the HTTP 1.1 header fields. Note: Some header fields are MIME fields. MIME fields are defined in the Internet Engineering Task Force (IETF) document RFC 2045, but can also be used for HTTP 1.1 protocols. For more information about the MIME and HTTP 1.1 specifications, see the Ieif page.
General header Field
General header fields can be used to request messages and response messages.
Name Sample Value
Cache-control"Max-age=10"
Connection"Close"
Date"Tue, June 18:23:51 GMT"
Pragma"No-cache"
Trailer"Date"
transfer-encoding"Chunked"
Upgrade"shttp/1.3"
Via"http/1.1 Proxy1, http/1.1 Proxy2"
Warning"112 Disconnected Operation"
Request Header Field
The Request header field is used only for request messages.
Name Sample Value
Accept"Text/html, image/*."
Accept-charset"Iso8859-5"
accept-encoding"Gzip, compress"
Accept-language"En, FR"
Authorization[Credentials]
content-encoding"Gzip"
Expect"100-continue"
from"User@microsoft.com"
Host"www.microsoft.com"
If-match"Entity_tag001"
if-modified-since"Tue, June 18:23:51 GMT"
If-none-match"Entity_tag001"
If-range"entity_tag001" or "Tue, 18:23:51 GMT"
if-unmodified-since"Tue, June 18:23:51 GMT"
Max-forwards"3"
proxy-authorization[Credentials]
Range"bytes=100-599"
Referer"Http://www.microsoft.com/resources.asp"
TE"Trailers"
user-agent"Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) "
the specific meaning of the >> request header field
Accept:The MIME type acceptable to the browser.
Accept-charset:The character set that the browser can accept.
accept-encoding:The data encoding method that the browser can decode, such as gzip.
Accept-language:The kind of language the browser wants to use when the server is able to provide more than one language version.
Authorization: Authorization information that typically occurs in response to a www-authenticate header sent to the server.
Connection:Indicates whether a persistent connection is required. If the servlet sees the value here as "keep-alive" or if it sees that the request uses HTTP 1.1 (HTTP 1.1 By default for persistent connections), it can take advantage of the persistent connection, when the page contains multiple elements (such as applets, pictures), Significantly reduce the time required for downloading. To do this, the servlet needs to send a content-length header in the answer, the simplest way to do this is to write the content to Bytearrayoutputstream, and then calculate its size before the content is formally written out.
Content-length: Indicates the length of the request message body.
Cookies: Setting cookies, which is one of the most important request header information
From :The email address of the sender is requested by some special Web client program, and the browser does not use it.
Host:The host and port in the initial URL.
if-modified-since: Returns the 304 "not Modified" answer only if the requested content is returned after the specified date and after it has been modified.
Pragma:Specifying a "No-cache" value indicates that the server must return a refreshed document, even if it is a proxy server and already has a local copy of the page.
Referer:Contains a URL that the user accesses the page of the current request from the page represented by the URL.
user-agent:Browser type, which is useful if the content returned by the servlet is related to the browser type.
UA-PIXELS,UA-COLOR,UA-OS,UA-CPU:A non-standard request header sent by some versions of IE that represents screen size, color depth, operating system, and CPU type.
Response Header Field
The Response header field is used only for response messages.
Name Sample Value
accept-ranges"None"
Age"2147483648 (2^31)"
ETag"B38B9-17DD-367C5DCD"
last-modified"Tue, June 18:23:51 GMT"
Location"Http://localhost/redirecttarget.asp"
proxy-authenticate[Challenge]
Retry-after"Tue, June 18:23:51 GMT" or "60"
Server"microsoft-iis/5.0"
Vary"Date"
www-authenticate[Challenge]
Entity Header Field
The Entity header field can be used to request a message or response message. The Entity header field contains information about the body of the message entity, such as the encoding format used.
Name Sample Value
Allow"Get, head"
content-encoding"Gzip"
Content-language"EN"
Content-length"8445"
content-location"Http://localhost/page.asp"
CONTENT-MD5[Md5-digest]
Content-range"Bytes 2543-4532/7898"
Content-type"Text/html"
Expires"Tue, June 18:23:51 GMT"
last-modified"Tue, June 18:23:51 GMT"
the specific meaning of the >> entity header field
AllowWhich request methods are supported by the server (such as Get, post, and so on).
content-encodingThe encoding (Encode) method of the document. The content type specified by the Content-type header can be obtained only after decoding. Using gzip compressed documents can significantly reduce the download time for HTML documents. Java Gzipoutputstream can be easily gzip compressed, but only Netscape on Unix and IE 4, IE 5 on Windows support it.
Content-lengthRepresents the content length. This data is required only if the browser is using persistent HTTP connections.
Content-typeIndicates what MIME type the subsequent document belongs to. The servlet defaults to Text/plain, but usually needs to be explicitly specified as text/html.
DateThe current GMT time. You can use Setdateheader to set this header to avoid the hassle of converting the time format.
ExpiresWhen should you think that the document has expired so that it is no longer cached.
last-modifiedThe last time the document was changed. The customer can provide a date through the If-modified-since request header, which is treated as a condition get, and a 304 (not Modified) state is returned only if the document that was modified later than the specified time is returned.
LocationIndicates where the customer should go to extract the document. Location is not usually set directly, but through the HttpServletResponse Sendredirect method, which sets the status code to 302.
RefreshIndicates how much time the browser should refresh the document, in seconds. In addition to refreshing the current document, you can also pass SetHeader ("Refresh", "5; Url=http://host/path ") lets the browser read the specified page.
Note that this function is usually done by setting the HTML page Head area of <meta http-equiv= "Refresh" content= 5; Url=http://host/path "> This is because automatic refresh or redirection is important for HTML writers who cannot use a CGI or servlet. However, it is more convenient for the servlet to set the refresh header directly.
Note that the meaning of refresh is "refresh this page or access the specified page after n seconds" instead of "refreshing this page or accessing the specified page every n seconds." Therefore, continuous refresh requires a refresh header to be sent each time, and sending a 204 status code can prevent the browser from continuing to refresh, whether using the refresh header or <meta http-equiv= "Refresh" ... >
Note that the refresh header is not part of the HTTP 1.1 formal specification, but is an extension, but Netscape and IE support it.
Request Header Sample
The following is a simple example of an HTTP request.
Get/articles/news/today.asp http/1.1
Accept: */*
Accept-language:en-us
Connection:keep-alive
Host:localhost
Referer:http://localhost/links.asp
user-agent:mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
Accept-encoding:gzip, deflate
The request has a request line, including method (get), Resource Path (/articles/news/today.asp), and HTTP version (http/1.1). Since the request has no body, the content behind all the request lines is part of the header. Immediately after the header is a blank line, indicating that the header has ended.
Sample Response Headers
The WEB server can respond to the previous request in a variety of ways. If the file is accessible and the user has permission to view the file, the response is similar to the following:
http/1.1 OK
server:microsoft-iis/5.0
Date:thu, 05:46:53 GMT
content-length:2291
Content-type:text/html
SET-COOKIE:ASPSESSIONIDQQGGGNCG=LKLDFFKCINFLDMFHCBCBMFLJ; path=/
Cache-control:private
...
The first line of the response is called the status line. It contains the HTTP version, status code (200), and reason phrase used by the response. The example contains a header with five fields, followed by a blank line (carriage return and line feed), and then the first two lines of the response body.
For a complete and detailed description of HTTP headers, see the HTTP specification for http://www.w3.org/Protocols/.

HTTP specification

HTTP1.1