Header Description

Accept

Acceptable types of response contents.

Accept-Charset

Acceptable character sets.

Accept-Datetime

Acceptable versions displayed by time.

Accept-Encoding

Acceptable encoding methods.

Accept-Language

Acceptable natural languages of response contents.

Authorization

Information used for HTTP authentication.

Cache-Control

Instructions that must be followed by all cache mechanisms for a request or response chain.

Connection

Priority connection types for a browser.

Content-Length

The length of the request body represented by 8-byte arrays.

Content-MD5

The binary MD5 hash value of the content of the request body, which is encoded using Base64.

Content-Type

Multimedia types of the request body (used in POST and PUT requests).

Cookie

An HTTP cookie sent by servers through the Set-Cookie.

Date

The date and time when a message is sent.

DNT

A request for a web application to stop tracking a user. In the Firefox browser, it is equivalent to the X-Do-Not-Track protocol header field (supported for Firefox/4.0 Beta 11 or later). Safari and Internet Explorer 9 also support this field.

Expect

Specific actions required by a client for a server.

Front-End-Https

Refers to non-standard header fields used by Microsoft servers and load balancers.

From

The email address of the user who initiates the request.

Host

Domain name of the server (used for virtual host), and port number of the transmission control protocol listened to by the server. If the requested port is the standard port of the corresponding service, the port number can be omitted.

This field is mandatory since HTTP/1.1. If the domain name in the URL is an IP address, this field is automatically added. Otherwise, enter the IP address and port number of the tested application in this field.

If-Match

The corresponding operation is performed only when the entity provided by the client matches the entity on the server. It is used in a method such as PUT to update a resource which has not been modified since the last update.

If-Modified-Since

Returning of 304 Not Modified is allowed when the corresponding content is not modified.

If-None-Match

Returning of 304 Not Modified is allowed when the corresponding content is not modified. Refer to the HTTP entity tag.

In a typical use, when a URL is requested, the web server returns the resource and its corresponding ETag value, which is placed in the ETag field of the HTTP. The client can then decide whether to cache the resource and its ETag. If the client wants to request the same URL again, it sends a request that contains the saved ETag and the If-None-Match field.

If-Range

If an entity is not modified, send one or more parts that are missing to the sender. Otherwise, send the entire new entity.

If-Unmodified-Since

A response is sent only when the entity has not been modified since a specific time.

Max-Forwards

Refers to the number of times a message can be forwarded by the proxy and gateway.

Origin

Refers to a sharing request initiated for resources of different origins. The server is required to add an Access-Control-Allow-Origin field to the response.

Pragma

Related to specific implementations and may produce multiple effects at any time in the request or response chain.

Proxy-Authorization

Information used to authenticate a proxy.

Proxy-Connection

Derives from the errors in the implementation of an early HTTP version. The function of this field is the same as that of the standard Connection field.

Proxy-Password

Proxy password.

Proxy-Server

Proxy service.

Proxy-Username

Proxy username.

Range

Requests only a part of an entity with the byte offset starting from 0.

Referer

Refers to the previous page accessed by a browser. A link on this page brings the browser to the currently requested page.

TE

Refers to the transmission coding mode expected by a browser. You can use a value of Transfer-Encoding in the response protocol header. In addition, the value trailers (related to the block transmission mode) indicates that the browser expects to receive additional fields if the size of the last block is 0.

Upgrade

The server needs to be upgraded to another protocol.

User-Agent

Refers to the character string of the browser identity.

Via

Refers to request-sending agents informed to a server.

Warning

Refers to a general warning indicating that errors may exist in the body of an entity.

X-Wap-Profile

Refers to an XML file linked to the Internet. The file describes devices being connected.

X-Requested-With

Used to identify Ajax and XML requests. Most JavaScript frameworks send this field and set its value to XMLHttpRequest.

X-Http-Method-Override

A web application is requested to use the method (usually PUT or DELETE) specified in the protocol header field to override the method specified in the request (usually POST). Use this method when a browser or firewall prevents direct sending of the PUT or DELETE method (may be caused by a vulnerability in the software, which needs to be fixed, or because a configuration option is required, in which case the situation should not be bypassed).

X-Forwarded-Proto

Refers to a fact standard used to identify the protocol used at the beginning of an HTTP request.

X-Forwarded-Host

Refers to a fact standard used to identify the host request header originally sent by the client.

X-Forwarded-For

Refers to a fact standard used to identify the original Internet address of a client that is connected to a web server through an HTTP agent or load balancer.

X-Csrf-Token

The X-CSRFToken or X-XSRF-TOKEN header is used to prevent cross-site request forgery.

X-ATT-DeviceId

Enables the server to easily interpret the common device models and firmware information in the User-Agent field of the AT&T device.