Both HTTP requests and HTTP responses use headers to send information about the HTTP message. A header is a series of lines, with each line containing a name followed by a colon and a space, and then a value. The fields can be arranged in any order. Some header fields are used in both request and response headers, while others are appropriate only for either a request or a response.
Many request header fields will allow the client to specify several acceptable options in the value part and, in some cases, even rank each option's preference. Multiple items are separated using a comma. For example, a client could send a request header that includes "Content-Encoding: gzip, compress," indicating it would accept either type of compression. If the server uses gzip encoding for the response body, its response header would include "Content-Encoding: gzip".
Some fields can occur more than once in a single header. For example, a header can have multiple "Warning" fields.
The following tables list HTTP 1.1 header fields. Note that some header fields are MIME fields. MIME fields are defined in the Internet Engineering Task Force (IETF) document RFC 2045, but they are also used by the HTTP 1.1 protocol. See the IETF page for more information about the MIME and HTTP 1.1 specifications.
General Header Fields
General header fields can be used in request messages and response messages.
| Name |
Example Value |
| Cache-Control |
"max-age=10" |
| Connection |
"close" |
| Date |
"Tue, 11 Jul 2000 18:23:51 GMT" |
| Pragma |
"no-cache" |
| Trailer |
"Date" |
| Transfer-Encoding |
"chunked" |
| Upgrade |
"SHTTP/1.3" |
| Via |
"HTTP/1.1 Proxy1, HTTP/1.1 Proxy2" |
| Warning |
"112 Disconnected Operation" |
Request Header Fields
Request header fields are used in request messages only.
| Name |
Example Value |
| Accept |
"text/html, image/*" |
| Accept-Charset |
"iso8859-5" |
| Accept-Encoding |
"gzip, compress" |
| Accept-Language |
"en, fr" |
| Authorization |
[credentials] |
| Content-Encoding |
"gzip" |
| Expect |
"100-continue" |
| From |
"user@microsoft.com" |
| Host |
"www.microsoft.com" |
| If-Match |
"entity_tag001" |
| If-Modified-Since |
"Tue, 11 Jul 2000 18:23:51 GMT" |
| If-None-Match |
"entity_tag001" |
| If-Range |
"entity_tag001" or "Tue, 11 Jul 2000 18:23:51 GMT" |
| If-Unmodified-Since |
"Tue, 11 Jul 2000 18:23:51 GMT" |
| Max-Forwards |
"3" |
| Proxy-Authorization |
[credentials] |
| Range |
"bytes=100-599" |
| Referer |
"http://www.microsoft.com/resources.asp" |
| TE |
"trailers" |
| User-Agent |
"Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)" |
Response Header Fields
Response header fields are used in response messages only.
| Name |
Example Value |
| Accept-Ranges |
"none" |
| Age |
"2147483648(2^31)" |
| ETag |
"b38b9-17dd-367c5dcd" |
| Last-Modified |
"Tue, 11 Jul 2000 18:23:51 GMT" |
| Location |
"http://localhost/redirecttarget.asp" |
| Proxy-Authenticate |
[challenge] |
| Retry-After |
"Tue, 11 Jul 2000 18:23:51 GMT" or "60" |
| Server |
"Microsoft-IIS/5.0" |
| Vary |
"Date" |
| WWW-Authenticate |
[challenge] |
Entity Header Fields
Entity header fields can be used in request messages or response messages. Entity header fields contain information about the entity-body of the message, such as the encoding format used.
| Name |
Example Value |
| Allow |
"GET, HEAD" |
| Content-Encoding |
"gzip" |
| Content-Language |
"en" |
| Content-Length |
"8445" |
| Content-Location |
"http://localhost/page.asp" |
| Content-MD5 |
[md5-digest] |
| Content-Range |
"bytes 2543-4532/7898" |
| Content-Type |
"text/html" |
| Expires |
"Tue, 11 Jul 2000 18:23:51 GMT" |
| Last-Modified |
"Tue, 11 Jul 2000 18:23:51 GMT" |
Request Header Example
The following is a simple example of an HTTP request.
GET /articles/news/today.asp HTTP/1.1
Referer: http://localhost/links.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
Accept-Encoding: gzip, deflate
This request has a request-line, which includes the method (GET), the resource path (/articles/news/today.asp) and the HTTP version (HTTP/1.1). Everything after the request-line is part of the header, since this request does not have a body. Following the header is an empty line, which marks the end of the headers.
Response Header Example
The Web server could respond to the previous request in a number of ways. Assuming the file was accessible and the user had rights to view it, the response would be similar to the following:
Server: Microsoft-IIS/5.0
Date: Thu, 13 Jul 2000 05:46:53 GMT
Set-Cookie: ASPSESSIONIDQQGGGNCG=LKLDFFKCINFLDMFHCBCBMFLJ; path=/
The first line of the response is called the status-line. It contains the HTTP version used for the response, the status code (200), and the reason phrase. There is a header, with five fields in this example, followed by an empty line (a carriage return and line feed) and then the first two lines of the response body.
See Also
Request.Headers property | Response.Headers property | Headers object | Header object | Internet Engineering Task Force main page