The most comprehensive HTTP header information analysis

Source: Internet
Author: User
Tags md5 digest

HTTP header explanation

1. Accept: indicates the media type that the WEB Server accepts. */* indicates any type, and type/* indicates all child types of the type, type/sub-type.

2. Accept-Charset: the browser declares the character set it receives.
Accept-Encoding: indicates the Encoding method received by the browser. It usually specifies the compression method, whether compression is supported, and what compression method (gzip, deflate) is supported)
Accept-Language: the browser declares the difference between the Language it receives and the character set: Chinese is a Language, and Chinese has multiple character sets, such as big5, gb2312, and gbk.

3. Accept-Ranges: indicates whether the WEB Server accepts a request to obtain a part of an object (such as a part of a file. Bytes: Accept, none: not accept.

4. Age: When the contemporary server uses its own cached entities to respond to requests, it uses this header to indicate how long the entity has elapsed since it was generated.

5. Authorization: when the client receives the WWW-Authenticate response from the WEB server, the header responds to its authentication information to the WEB server.

6. Cache-Control: Request: no-cache (the entity that is not cached must be retrieved from the WEB server now)
Max-age: (only accept objects whose Age value is smaller than the max-age value and has no expiration date)
Max-stale: (the objects in the past can be accepted, but the expiration time must be less
Max-stale value)
Min-fresh: (accepting that its fresh life period is greater than the sum of its current Age and min-fresh values
Cache object)
Response: public (you can use the Cached content to respond to any user)
Private (only the user who previously requested the content can be responded to with the cached content)
No-cache (it can be cached, but it can only be returned to the client after it is validated with the WEB server)
Max-age: (the expiration time of the object contained in this response)
ALL: no-store (Cache not allowed)

7. Connection: Request: close (tell the WEB server or proxy server to complete the response of this request
Keepalive (tells the WEB server or proxy server that
After the response, keep the connection and wait for subsequent requests from this connection ).
Response: close (the connection has been closed ).
Keepalive (the connection remains, waiting for subsequent requests from this connection ).
Keep-Alive: If the browser requests to Keep the connection, the header indicates that you want the WEB server to Keep
The time (in seconds) of the connection ).
Example: Keep-Alive: 300

8. Content-Encoding: indicates the compression method (gzip and deflate) used by the WEB server to compress the objects in the response.
Example: Content-Encoding: gzip
Content-Language: the Language of the object that the WEB server tells the browser to respond.
Content-Length: the Length of the object that the WEB server tells the browser to respond.
Example: Content-Length: 26012
Content-Range: the WEB server indicates the part of the object contained in the response.
Example: Content-Range: bytes 21010-47021/47022
Content-Type: the Type of the object that the WEB server tells the browser to respond.
For example, Content-Type: application/xml

9. ETag: indicates the flag value of an object (such as a URL). For an object, such as an html file,
If the Etag is Modified, do not modify the ETag.
The function is similar, mainly for the WEB server to determine whether an object has changed.
For example, the ETag of an html file is obtained when the previous request is made. When this request is made again,
The browser sends the previously obtained ETag value to the WEB server, and then the WEB Server
The ETag will be compared with the current ETag of the file, and then the file will be known.
Has it changed.

10. Expired: the WEB server indicates when the object will expire. For Expired objects, only
After verifying its validity with the WEB server, it can be used to respond to customer requests.
Is the header of HTTP/1.0.
Example: Expires: Sat, 23 May 2009 10:02:12 GMT

11. Host: Specifies the domain name/IP address and port number of the WEB server you want to access.
Example: Host:

12. If-Match: If the object's ETag does not change, it means that the object has not changed before the request action is executed.
If-None-Match: If the ETag of the object changes, the request action is executed only when the object changes.

13. If-Modified-Since: If the requested object is Modified after the time specified in the header, the request is executed.
Action (such as the returned object), otherwise code 304 is returned, telling the browser that the object
Not modified.
Example: If-Modified-Since: Thu, 10 Apr 2008 09:14:42 GMT
If-Unmodified-Since: If the requested object has not been modified after the time specified in the header, it is executed
The requested action (such as the returned object ).

14. If-Range: the browser tells the WEB server that If the object I requested is not changed
Here, if the object changes, the whole object will be given to me. The browser sends
ETag or the last modification time you know is sent to the WEB server to determine whether the object is
Always used with the Range header.

15. Last-Modified: The Last modification time of the object, for example, the Last modification time of the object,
The last generation time of the dynamic page.
Example: Last-Modified: Tue, 06 May 2008 02:42:43 GMT

16. Location: the WEB server tells the browser that the object to be accessed has been moved to another Location,
To the position specified in the header.
Example: Location:

17. Pramga: mainly uses Pramga: no-cache, which is equivalent to Cache-Control: no-cache.
Example: Pragma: no-cache

18. Proxy-Authenticate: the Proxy server responds to the browser and requires it to provide Proxy authentication information.
Proxy-Authorization: the browser responds to the Proxy server's authentication request and provides its own identity information.

19. Range: When a browser (such as flash get multi-thread download) tells the WEB server which part of the object it wants.
Example: Range: bytes = 1173546-

20. Referer: indicates to the WEB server from which the browser obtains/clicks the URL/URL in the current request.
Example: Referer:

21. Server: indicates the software and version of the WEB Server.
Example: Server: Apache/2.0.61 (Unix)

22. User-Agent: indicates the identity of the browser (which browser is used ).
Example: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN;
Rv: Gecko/20080404 Firefox/

23. Transfer-Encoding: the WEB server indicates itself as the Response Message Body (not an object in the message body)
Encoding, such as chunked ).
Example: Transfer-Encoding: chunked

24. Vary: the WEB server uses the content in this header to tell the Cache server under what conditions can this response be used
The returned object responds to subsequent requests.
If the source WEB server receives the first request message, its response header is:
Content-Encoding: gzip; Vary: Content-Encoding, the Cache server will analyze
The header of the request message. Check whether the Accept-Encoding matches the Vary header value of the previous response.
Consistency, that is, whether the same content encoding method is used. This prevents the Cache server from using its own
The compressed object response in the Cache is sent to browsers that do not have the decompression capability.
Example: Vary: Accept-Encoding

25. Via: list the proxy servers through which the response from the client to OCS or in the opposite direction has passed.
Protocol (and version.
When a client request arrives at the first proxy server, the server will
Add the Via header and fill in relevant information. When the next proxy server receives the first proxy
When a request is sent from the server, it copies the request
Header, and add relevant information to the back, and so on, when OCS receives the last Proxy Server
When you check the Via header, you will know the route through which the request is sent.
Example: Via: 1.0 80 (squid/2.6.STABLE13)


Example of the HTTP request message header:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv: Gecko/20080404 Firefox/
Accept: text/xml, application/xml, application/xhtml + xml, text/html; q = 0.9, text/plain; q = 0.8, image/png ,*/*; q = 0.5
Accept-Language: zh-cn, zh; q = 0.5
Accept-Encoding: gzip, deflate
Accept-Charset: gb2312, UTF-8; q = 0.7, *; q = 0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: userId = C5bYpXrimdmsiQmsBPnE1Vn8ZQmdWSm3WRlEB3vRwTnRtW <-- Cookie
If-Modified-Since: Sun, 01 Jun 2008 12:05:30 GMT
Cache-Control: max-age = 0
HTTP Response Message Header instance:
Status: OK-200 <-- response Status code, indicating the web server processing result.
Date: Sun, 01 Jun 2008 12:35:47 GMT
Server: Apache/2.0.61 (Unix)
Last-Modified: Sun, 01 Jun 2008 12:35:30 GMT
Accept-Ranges: bytes
Content-Length: 18616
Cache-Control: max-age = 120
Expires: Sun, 01 Jun 2008 12:37:47 GMT
Content-Type: application/xml
Age: 2
X-Cache: HIT from <-- the HTTP header used by the reverse proxy server
By: 1.0 80 (squid/2.6.STABLE13)
Connection: close

Brief description of HTTP header information

1. The HTTP response code consists of three decimal digits, which appear in the first line of the response sent by the HTTP server.
There are five types of response codes, represented by their first digit:
1xx: information, request received, continue processing
2xx: Successful, accepted, understood, and accepted
3xx: redirection. actions that must be performed further to complete the request
4xx: client error. The request contains a syntax error or the request cannot be implemented.
5xx: server error. The server cannot implement an obviously invalid request.
The following table shows each response code and its meaning:
100 continue 101 group Exchange Association 200 OK201 created 202 accepted 203 unauthorized information 204 NO content 205 reset content 206 part content 300 multiple options 301 permanent transfer 302 found 303 see other 304 not change 305 use proxy 307 temporarily redirect 400 Error request 401 unauthorized 402 request payment 403 Forbidden 404 Not Found Method 405 not allowed method 406 not accepted 407 request proxy authorization 408 request timeout 409 conflict 410 the length of the 411 request is 412. The premise is that the 413 request instance is too large. 414 the request URI is too large. 415 the media type is not supported. 416 the request range cannot be met. 417 the expected 500 internal server error 501 is not 502 Gateway error 503 unavailable service 504 gateway timeout 505 HTTP Version Not Supported
2. the HTTP header is composed of primary key/value pairs. They describe the properties of the client or server, the transferred resources, and the connection to the server.
Four different types of header labels:
1. General header: it can be used for requests or responses. It is associated with transactions as a whole rather than a specific resource.
2. Request Header: allows the client to pass information about itself and the desired response form.
3. Response Header: the server and the response that transmits its own information.
4. Object Header: defines the information of the transferred resource. Can be used for requests or responses.
Header Format: <name >:< value> <CRLF>
The following table describes the header labels used in HTTP/1.1.
Accept defines the media types that can be processed by the client, sorted by priority. In a comma-separated list, you can define multiple types and use wildcards. For example, Accept: image/jpeg, image/png, */* Accept-Charset defines the character sets that can be processed by the client, sorted by priority. In a list separated by commas, you can define multiple types and use wildcards. Example: Accept-Charset: iso-8859-1, *, UTF-8
Accept-Encoding defines the Encoding mechanism that the client can understand. Example: Accept-Encoding: gzip, compress
Accept-Language defines the natural Language list that the client is willing to Accept. Example: Accept-Language: en, de
An Accept-Ranges response header that allows the server to specify that the request will be accepted for the resource component at the given offset and length. The value of this header is considered as the measurement unit of the Request range. For example, Accept-Ranges: bytes or Accept-Ranges: none
Age allows the server to specify the length of time that has elapsed since the server generated the response, in seconds. This header is mainly used to cache responses. Example: Age: 30
Allow is a response header that defines a list of HTTP methods supported by the secondary source in the request URI. Example: Allow: GET, PUT
AUTHORIZATION: A Response Header that defines the aUTHORIZATION required to access a resource (domain and encoded user ID and password ). Example: Authorization: Basic YXV0aG9yOnBoaWw =
Cache-Control a general header used to define Cache commands. Example: Cache-Control: max-age = 30
Connection indicates whether to save the socket Connection as an open general header. For example, Connection: close or Connection: keep-alive
Content-Base is an object header that defines the basic URI. to parse the object relative to URLs within the object range. If the Content-Base header is not defined to parse relative URLs, use the Content-Location URI (exists and is absolute) or use the URI request. For example, Content-Base:


Content-Encoding is a media type modifier that specifies how an object is encoded. For example, Content-Encoding: zipContent-Language is used to specify the natural Language type of data in the input stream. For example, Content-Language: en
Content-Length specifies the Length of bytes contained in the data in the request or response. Example: Content-Length: 382
Content-Location specifies the resource Location (URI) contained in the request or response ). For example. The URL is also the starting point of the relative URL of the object to be parsed. Example: Content-Location:
An MD5 Digest of A Content-MD5 entity used as a Checksum. Both the sender and receiver calculate the MD5 Digest, and the value calculated by the receiver is compared with the value passed in the header. Example: Content-MD5: <base64 of 128 MD5 digest>
Content-Range is sent along with some objects. It indicates the offset between the low and high bytes of the inserted bytes, and the total length of the object. Example: Content-Range: 1001-2000/5000
Contern-Type indicates the MIME Type of the sent or received object. For example, Content-Type: text/html
The Date on which the HTTP message is sent. Example: Date: Mon, 10PR 18:42:51 GMT
ETag is an entity header that assigns a unique identifier to the sent resource. For resources that can use multiple URL requests, ETag can be used to determine whether the actually sent resource is the same resource. Example: ETag: '208f-419e-30f8dc99'
Expires specifies the object validity period. Example: Expires: Mon, 05 Dec 2008 12:00:00 GMT
Form is a request header that specifies the email address of the manual user who controls the user proxy. Example: From:
Host Name of the requested resource. This domain is mandatory for requests that use HTTP/1.1. Example: Host:
If-Modified-Since contains a GET request, the request is conditionally dependent on the date when the resource was last Modified. If the header mark is displayed and the resource has been modified since the specified date, a 304 response code should be returned. Example: If-Modified-Since: Mon, 10PR 18:42:51 GMT
If-Match: If a request is contained, one or more object tags are specified. Only the ETag of the instance is sent to the resource marked with a partition in the list. Example: If-Match: '208f-419e-308dc99'
If-None-Match: If a request is contained, one or more object tags are specified. The resource's ETag does not match any of the conditions in the list before the operation is executed. Example: If-None-Match: '208f-419e-308dc99'
If-Range specifies an object tag of a resource, and the client already owns a copy of the resource. Must be used with the Range header. If the object has not been modified since it was last retrieved by the client, the server sends only the specified range. Otherwise, the server sends the entire resource. Example: Range: byte = 0-499 <CRLF> If-Range: '208f-419e-30f8dc99'
If-Unmodified-Since returns this object only when the requested object has not been modified Since the specified date. Example: If-Unmodified-Since: Mon, 10PR 18:42:51 GMT
Last-Modified specifies the date and time when the requested resource was Last Modified. Example: Last-Modified: Mon, 10PR 18:42:51 GMT
Location: a resource that has been moved is used to redirect the requester to another Location. Used with status code 302 (temporarily moved) or 301 (permanently moved. Example: Location:
Max-Forwards: A request header used for the TRACE method to specify the maximum number of proxies or gateways. This request can be routed through the gateway. The number of proxies or gateways should be reduced before passing requests. Example: Max-Forwards: 3
Pragma is a common header that sends implementation-related information. Example: Pragma: no-cache
Proxy-Authenticate is similar to WWW-Authenticate, and is intended to request authentication only from the next server of the Request chain (Proxy. Example: Proxy-Authenticate: Basic realm-admin
Proxy-Authorization is similar to Authorization, but it does not intentionally pass anything further than in the instant server chain. Example: Proxy-Authorization: Basic YXV0aG9yOnBoaWw =
The Public List displays the method sets supported by the server. Example: Public: OPTIONS, MGET, MHEAD, GET, HEAD
Range specifies the offset Range of a measurement unit and a part of the requested resource. Example: Range: bytes = 206-5513
Refener is a request header field that indicates the initial resource that generates the request. For an HTML form, it contains the address of the web page of the form. Example: Refener:
Retry-After is a response header field that is sent by the server in combination with status code 503 (unable to provide services) to indicate how long it should wait before the request is resumed. This time can be a date or a unit of seconds. Example: Retry-After: 18
Server indicates the header of the Web Server software and its version number. Example: Server: Apache/2.0.46 (Win32)
Transfer-Encoding is a common header label that indicates the type of the message body to be reversed by the recipient. Example: Transfer-Encoding: chunked
Upgrade allows the server to specify a new protocol or Protocol version, which can be used with response code 101 (switching protocol. Example: Upgrade: HTTP/2.0
The User-Agent defines the software type (such as a Web browser) used to generate requests ). Example: User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT; DigExt)
Vary is a response header label used to select a response entity from the available response representation using server-driven negotiation. For example: Vary: * Via a common header containing all intermediate hosts and protocols, used to satisfy the request. Example: Via: 1.0, 1.1
Warning is used to provide the Response Header mark for response status supplement information. Example: Warning: 99 Piano needs tuning
Www-Authenticate: A Response Header that prompts the user agent to provide the user name and password. It can be used with Status Code 401 (unauthorized. Returns an Authorization header. Example: www-Authenticate: Basic realm = zxm. mgmt

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.