The role of HTTP headers in IIS

In IIS has a concept called the host head, we basically have mastered, there is a concept called HTTP head, some students have asked me this question, in fact, the HTTP header more involved in the software of Dongdong.
The most intuitive HTTP header is when we create an HTML page in Frotpage or Dreamweaver each time, the code on this page has one line of code:

In fact, this is an HTTP header information, the beginning of the HTML page will have a similar line of code.
HTTP in IIS Debugging
So what is the HTTP head? HTTP headers are divided into HTTP request headers and HTTP reply headers. HTTP request headers must indicate the type of request when sending a request to the server when the HTTP client browses the home page on the server. The request type refers to Http-get or http-post, each http-get and Http-post consists of a series of HTTP request headers that define what the client requests from the server, and the response consists of a series of HTTP reply headers and response data. Returns an answer if the request succeeds.

My understanding: Every time a client requests access to a page via IE to a server, the HTTP request header is always sent with the HTTP request hair to send the Get type or post type. When the server sends the answer, it sends an HTTP reply request.

What are the identification of the request headers and responses, we don't go into detail and look at the following:
HTTP request Headers Overview (HttpServletRequest)
An HTTP client, such as a browser, must indicate the type of request (typically get or post) when sending a request to the server. If necessary, the client can also choose to send another request header. Most request headers are not required, except for content-length. Content-length must appear for post requests.
Here are some of the most common request headers

Accept: The MIME type acceptable to the browser.

Accept-charset: Browser-acceptable character set.

Accept-encoding: The data encoding method that the browser can decode, such as gzip. The servlet can return a GZIP-encoded HTML page to a browser that supports gzip. In many cases this can reduce the download time by 5 to 10 times times.

Accept-language: The kind of language that browsers want to use when the server can provide more than one language version.

Authorization: Authorization information that usually appears in the answer to the Www-authenticate headers sent to the server.

Connection: Indicates whether a persistent connection is required. If the servlet sees the value here as "keep-alive" or if it sees that the request uses HTTP 1.1 (HTTP 1.1 By default for persistent connections), it can take advantage of the persistent connection, when the page contains multiple elements (such as applets, pictures), Significantly reduce the time required for downloading. To do this, the servlet needs to send a content-length header in the answer, the simplest way to do this is to write the content to Bytearrayoutputstream, and then calculate its size before the content is formally written out.

Content-length: Indicates the length of the request message body.

Cookie: This is one of the most important request header information

From: Requests the sender's email address, which is used by some special Web client programs and is not used by browsers.

Host: Hosts and ports in the initial URL.

If-modified-since: Returns a 304 "not Modified" answer only if the requested content is returned after the specified date and after it has been modified.

Pragma: Specifies that the "No-cache" value indicates that the server must return a refreshed document, even if it is a proxy server and already has a local copy of the page.

Referer: Contains a URL in which the user accesses the currently requested page from the page represented by the URL.

User-agent: Browser type, which is useful if the content returned by the servlet is related to the browser type.

UA-PIXELS,UA-COLOR,UA-OS,UA-CPU: A nonstandard request header sent by some versions of IE to indicate screen size, color depth, operating system, and CPU type.

For a complete and detailed description of HTTP headers, see the HTTP specification for http://www.w3.org/Protocols/.

HTTP Answer Header Overview (httpservletresponse)
HTTP responses to a Web server generally consist of a status line, one or more answer headers, a blank line, and a content document. Setting the HTTP answer headers is often combined with the status code in the Set status line. For example, there are several status codes that indicate "document location has changed" accompanied by a location header, while the 401 (unauthorized) status code must be accompanied by a www-authenticate header.

However, it is also useful to specify an answer header even when there is no state code to set a special meaning. The answer headers can be used to complete: set cookies, specify modification dates, instruct the browser to refresh the page at specified intervals, declare the length of the document to take advantage of persistent HTTP connections, ... and many other tasks.

The most common method for setting up an answer head is the HttpServletResponse SetHeader, which has two parameters, representing the name and value of the answer header, respectively. Similar to setting the status code, the answer header should be set before any document content is sent.

The Setdateheader method and the Setintheadr method are specifically used to set up an answer header that contains a date and an integer value that avoids the hassle of converting Java time to GMT time strings, and the latter avoids the hassle of converting integers to strings.

HttpServletResponse also offers a number of settings

setContentType: Set Content-type header. This method is used by most servlet.
Setcontentlength: Set Content-length header. This function is useful for browsers that support persistent HTTP connections.
Addcookie: Set a cookie (there is no Setcookie method in the Servlet API because the answer often contains multiple Set-cookie headers).
Also, as described in the previous section, the Sendredirect method sets the location header when the status code is set to 302.

For a detailed and complete description of the HTTP headers, see the http://www.w3.org/Protocols/specification.

HTTP Answer Header Description
The Allow server supports which request methods (such as Get, post, and so on).

The encoding (Encode) method of the Content-encoding document. The content type specified by the Content-type header can be obtained only after decoding. Using gzip compressed documents can significantly reduce the download time for HTML documents. Java Gzipoutputstream can be easily gzip compressed, but only Netscape on Unix and IE 4, IE 5 on Windows support it. Therefore, the servlet should check to see if the browser supports gzip by looking at the accept-encoding header (that is, Request.getheader ("accept-encoding"). Returns a gzip-compressed HTML page for a browser that supports GZIP, returning to a normal page for another browser.

Content-length represents the length of the content. This data is required only if the browser is using persistent HTTP connections. If you want to take advantage of a persistent connection, you can write the output document to Bytearrayoutputstram, view its size after it is finished, and then put the value into the Content-length header, and finally pass Bytearraystream.writeto ( Response.getoutputstream () sends the content.

Content-type indicates what MIME type the following document belongs to. The servlet defaults to Text/plain, but usually needs to be explicitly specified as text/html. Because of the constant need to set up Content-type, HttpServletResponse provides a dedicated method Setcontenttyep.

Date's current GMT time. You can use Setdateheader to set this header to avoid the hassle of converting the time format.

When Expires should think that the document has expired, it will no longer cache it.

Last-modified The last change time for the document. The customer can provide a date through the If-modified-since request header, which is treated as a condition get, and a 304 (not Modified) state is returned only if the document that was modified later than the specified time is returned. Last-modified can also be set using the Setdateheader method.
Location indicates where the customer should go to extract the document. Location is not usually set directly, but through the HttpServletResponse Sendredirect method, which sets the status code to 302.

Refresh indicates how much time the browser should refresh the document, in seconds. In addition to refreshing the current document, you can also pass SetHeader ("Refresh", "5; Url= Http://host/path ") lets the browser read the specified page. Note This feature is typically done by setting the HTML page Head area, because automatic refresh or redirection is important for HTML writers who cannot use CGI or servlet. However, it is more convenient for the servlet to set the refresh header directly. Note that the meaning of refresh is "refresh this page or access the specified page after n seconds" instead of "refreshing this page or accessing the specified page every n seconds." Therefore, continuous refresh requires a refresh header to be sent each time, and sending a 204 status code prevents the browser from continuing refreshing, whether using the refresh header or the. Note that the refresh header is not part of the HTTP 1.1 formal specification, but is an extension, but Netscape and IE support it.

Server name. The servlet typically does not set this value, but is set by the Web server itself.

Set-cookie settings and page associated cookies. The servlet should not use Response.setheader ("Set-cookie", ...), but should use the specialized method provided by HttpServletResponse Addcookie. See below for a discussion of cookie settings.

Www-authenticate What type of licensing information the customer should provide in the authorization header. This header is required in an answer that contains a 401 (unauthorized) status line. For example, Response.setheader ("Www-authenticate", "BASIC realm=/" executives/"). Note that the servlet typically does not do this, but instead gives the Web server a special mechanism to control access to the password-protected page (for example,. htaccess).