Home > Developer > Web Develop

HTTP Knowledge Popularity series: HTTP header

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

  2. HTTP headers must be included in the request and response messages of the HTTP protocol. The first content provides the required information for the client and the server to process requests and responses separately. In the request, the HTTP message is composed of methods, URIs, HTTP versions, HTTP header fields, and so on. In the response, the HTTP message consists of the HTTP version, the status code (number and reason phrase), and the HTTP header field 3.
  4. Both the request and the response use the header field in the process of communicating with the HTTP protocol between the client and server side, which can serve as an additional important message. The first field is for the browser and server to provide the message body size, the language used, authentication information and so on.
  6. What happens when two or more two or more of the same header field names appear in the HTTP header? This situation is not clear within the specification, and the results may not be consistent depending on the internal processing logic of the browser. Some browsers take precedence over first-time occurrences, while others prioritize the last occurrence of the header field.
  8. HTTP Four header field types
    1. Generic header field: The header used by both the request message and the response message.
    2. Request Header field: The header to use when sending request messages from the client to the server side.
    3. Response Header field: The header to use when returning a response message from the server side to the client.
    4. Entity header field: The header used for the entity portion of the request message and response message.
  10. Generic header Field
    1. Cache-control: You can manipulate the caching mechanism by specifying the instruction of the header field Cache-control.
    2. Connection: Controls the header fields that are not forwarded to the agent, and manages persistent connections.
    3. Data: Indicates the time and date when the HTTP message was created.
    4. Pragma: Only used in requests sent by the client, all intermediate servers do not return cached resources.
    5. Trailer: What header fields are recorded after the body of the message is stated beforehand. The same can be used when chunked transfer encoding.
    6. Transfer-encoding: Specifies the encoding method used when transmitting the message body.
    7. Upgrade: Used to detect whether the HTTP protocol and other protocols can communicate using a higher version.
    8. Via: To track the transmission path of the request and response messages between the client and the server.
    9. Warning: A warning about a cache-related issue is usually communicated to the user.
  11. Request Header field: The Request header field is the field used in the message sent from the client to the server to supplement the requested additional information, the client information, the priority associated with the response content, and so on.
    2. Accept: This field notifies the server of the media type and the relative priority of the media type that the user agent can handle.
    4. Accept-charset: Used to inform the server user agent of the supported character sets and the relative precedence of the character set, you can specify multiple character sets at once.
    6. Accept-encoding: Used to inform the server user agent of the content encoding and priority order of content encoding support.
    8. Accept-language: A natural language set (Chinese or English, etc.) that is used to inform the server user agent of the tender consolidation process, as well as the relative precedence of natural language sets.
    10. Authorization: Used to inform the server, the user agent authentication information.
    12. Expect: The client uses the header field except to inform the server of a specified behavior that is expected to occur.
    14. From: The e-mail address of the user who tells the server to use the user agent.
    16. Host: Informs the server of the Internet hostname and port number where the requested resource is located. The Host header field is the only header field within the http/1.1 specification that must be included in the request.
    18. If-match: A request header similar to if-xxx, which can be called a conditional request.
    20. If-modified-since: Tells the server that the field value is older than the resource's update time, and you want to be able to process the request.
    22. If-none-match: When the field is worthy of an entity tag value that is inconsistent with the etag of the requesting resource, it tells the server to process the request.
    24. If-range: It tells the server to process as a range request if the specified If-range field value matches the ETag value or time of the requested resource. Conversely, all resources are returned.
    26. If-unmodified-since: Notifies the server that the specified request resource can process the request only after the date time specified in the field value has not been updated.
    28. Max-forwards: When you send a request that contains the header field max-forwards by using the trace method or the Options method, the field specifies the maximum number of servers that can go through in decimal integers. When the server receives a request with a max-forwards value of 0, it no longer forwards, and instead returns the response directly.
    30. Proxy-authorization: The client sends a request containing the header field proxy-authorization to inform the server of the information required for authentication.
    32. Range: tells the specified range of server resources.
    34. TE: Tells the server client how to handle the transmission encoding and relative priority of the response.
    36. User-agent: Communicates information such as the browser user agent name that created the request to the server.
  13. Response Header field: The Response header field is the field used in the response message returned by the server-side to the client, which complements additional information about the response, server information, and additional requirements for the client.
    1. accept-ranges: Used to tell the client server whether the scope request can be processed to specify a resource to get a portion of the server side.
    2. Age: Tells the client how long ago the source server created the response. Unit seconds.
    3. ETag: informs the client entity identity that it is a way to uniquely identify a resource as a string.
    4. Location: The response receiver can be booted to a resource that is different from the request URI.
    5. proxy-authenticate: Sends the authentication information required by the proxy server to the client.
    6. Retry-after: Tells the client how long after the request should be sent again.
    7. Server: Tells the client about the HTTP server application that is installed on the current server.
    8. Vary: The cache can be controlled, and the source server communicates back to the proxy Server A command about the local cache usage.
    9. www-authenticate: For HTTP access authentication.
  15. Entity header field: The header used in the entity portion of the request message and Response message to supplement the entity-related information such as the update time of the content.
    1. Allow: Use to inform the client that it can support all HTTP methods that Request-uri the specified resource.
    2. Content-encoding: Tells the client server how to encode the content of the body of the entity. (gzip/compress/deflate/identity)
    3. Content-language: Informs the client that the entity body uses the natural language. (English, Chinese or other languages)
    4. Content-length: Indicates the size of the entity body part.
    5. Content-location: Gives the URI corresponding to the return resource of the message body.
    6. CONTENT-MD5: is a string of values generated by the MD5 algorithm, which is designed to check whether the message body remains intact during transmission and confirms the transmission arrival.
    7. Content-range: For range requests, the header field used to return a response tells the client which part of the entity returned is eligible for the scope request.
    8. Content-type: Describes the media type of an object within the entity body, which is assigned a value in type/subtype form.
    9. Expires: the date on which the resource expires will be communicated to the client.
    10. Last-modified: Indicates when the resource was last modified.
  17. A cookie that manages the state between the server and the client. Its working mechanism is user identification and state management. When a cookie is invoked, the validity of the cookie can be verified, as well as the sender's domain, path, protocol, and other information.
  19. Several properties of the Set-cookie field:
    1. Expires property: Specifies the validity period of the cookie that the browser can send.
    2. Path property: A file directory that can be used to limit the sending range of a specified cookie.
    3. Domain property: The specified domain name.
    4. Secure property: Allows you to restrict Web pages from sending cookies only when HTTPS is secure.
    5. Httponly:cookie's extended functionality, which makes JavaScript scripts unable to obtain cookies. Its main purpose is to prevent cross-site scripting attacks on cookie information theft.

HTTP Knowledge Popularity series: HTTP header

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More