Here we look at a series of often-used headers, whether they are request or response headers, and how they can be used.
Header | Request | Response | Notes |
---|---|---|---|
|
yes |
This shows the formats, with an indication of preference, that the requesting client can understand. Closely related are the additional headers |
|
|
yes |
This is free-form information to prove a user’s identity. This is used in basic authentication, digest authentication, OAuth, and so on; each has their own format of exactly what goes in the header. |
|
|
yes |
Cookies are key/value pairs sent with each request, separated by a semicolon. This is the sister header to |
|
|
yes |
yes |
Any request or response with body content should also have the |
|
yes |
yes |
Any request or response with body content should include the |
|
yes |
This is an identifier for the version of the resource that is being returned. If the client caches the resource, this information can be used with |
|
|
yes |
This informs the server that there is a cached copy of this resource and allows the server to return a 304 status code if that resource is still valid. |
|
|
yes |
This provides information about when this resource was last updated; the client can use this to check if it has the most recent version of the resource upon subsequent requests. |
|
|
yes |
This provides information about a location and is used either with 300-series status codes when redirecting, or with 201/202 to give information about the location of a new resource. |
|
|
yes |
This sends cookies to be stored on the client and sent back in a |
|
|
yes |
This provides information about the client software making the request. |