headers
The full list of HTTP headers is shared with MIME headers and is maintained by the IANA at Message Headers
Headers by Function
Informational
- Main article: Requesting resources: GET, HEAD, OPTIONS
- Main article: Modification of resources: PUT, PATCH
- Main article: Forms and scripts: POST with HTML Forms, using 3xx Status codes
- User-Agent
- Server
- From
- Date
- Referer [sic]
Resource Metadata
- Main article: Resource metadata: Link, Last-Modified, Content-Type, Allow, etc
- Content-Location
- Link
- Last-Modified
- ETag
- Content-MD5
- Allow
Transfer Control
- Main article: Requesting resources: GET, HEAD, OPTIONS
- Transfer-Encoding
- Content-Length
- Expect: 100-continue
Entity Body and Partial Content
- Main article: Partial content responses
- Content-Range
- Accept-Ranges
- If-Range
- Range
Caching
- Main article: Layered requests with proxies and gateways
- Expires
- Date
- Age
- Cache-Control
- ETag
- Last-Modified
- Content-Location
Conditional Requests
- Main article: Caching and conditional requests
- Main article: Conditional updates
- If-Modified-Since
- If-Match
- If-Unmodified-Since
- If-None-Match
- If-Range
- ETag
- Last-Modified
Authentication and Access Control
Content-Type Negotiation
- Main article: Content negotiation: Accept, Content-Location
- Accept
- Accept-Charset
- Accept-Language
- Accept-Ranges
Crafting New Headers
If the response is identifying another resource, use the Link header with a URI as the relation name, e.g.:
Link: <http://example.com/AcmeMetals>;rel="http://example.com/coin-minted-by"
Table of Headers
| Header | Description | Reference |
|---|---|---|
| A-IM | RFC4229 | |
| Accept | RFC7231, Section 5.3.2 | |
| Accept-Additions | Used in Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0) | RFC2324 |
| Accept-Charset | RFC7231, Section 5.3.3 | |
| Accept-Datetime | RFC7089 | |
| Accept-Encoding | RFC7231, Section 5.3.4 | |
| Accept-Features | Experimental | RFC2995 |
| Accept-Language | Locales that a user agent prefers | RFC7231, Section 5.3.5 |
| Accept-Patch | Specifies media types that are acceptable for PATCH requests | RFC5789 |
| Accept-Ranges | Server indication of which range units it understands (e.g. byte) | RFC7233, Section 2.3 |
| Age | Estimate of how stale the resource is, in seconds, used by caches | RFC7234, Section 5.1 |
| Allow | Indicate which methods can be used on the resource | RFC7231, Section 7.4.1 |
| Alternates | Experimental | RFC2295 |
| Apply-To-Redirect-Ref | RFC4437 | |
| Authentication-Info | Control data and information about the authentication session | RFC4229 |
| Authorization | Credentials for accessing a resource on the server | RFC7235, Section 4.2 |
| Cache-Control | Information for how and when to cache the resource | RFC7234, Section 5.2 |
| Close | Not actually a valid header. Reserved to prevent conflicts with Connection: close | RFC7230, Section 8.1 |
| Connection | RFC7230, Section 6.1 | |
| Content-Base | Provides a base URI for the document (largely unsupported and obsolete) | RFC2068RFC2616 |
| Content-Disposition | Conveys additional information about how to process the response payload | RFC6266 |
| Content-Encoding | See also Transfer-Encoding | RFC7231, Section 3.1.2.2 |
| Content-ID | Obsolete | RFC4229 DRP |
| Content-Language | The locale/language of the entity-body | RFC7231, Section 3.1.3.2 |
| Content-Length | The octet (byte) length of the attached entity-body | RFC7230, Section 3.3.2 |
| Content-Location | The URI of the attached entity-body | RFC7231, Section 3.1.4.2 |
| Content-MD5 | Obsolete | RFC4229 |
| Content-Range | Identifies the enclose entity-body is a subset of the requested resource | RFC7233, Section 4.2 |
| Content-Script-Type | HTML 4.01 Section 18.2.2 | |
| Content-Style-Type | HTML 4.01 Section 14.2.1 | |
| Content-Type | The media type of the attached entity-body | RFC7231, Section 3.1.1.5 |
| Content-Version | Obsolete | RFC4229 |
| Cookie | Declares a stored cookie value to the server | RFC6265 |
| Cookie2 | Declares a stored cookie value to the server; Obsolete | RFC2965RFC6265 |
| DASL | RFC5323 | |
| DAV | Used in WebDAV | RFC4918 |
| Date | The date and time at which the message was originated | RFC7231, Section 7.1.1.2 |
| Default-Style | HTML 4.01 Section 14.3.2 | |
| Delta-Base | The entity tag of the base instance against which the delta applies | RFC4229 |
| Depth | Used in WebDAV | RFC4918 |
| Derived-From | RFC4229 | |
| Destination | Used in WebDAV | RFC4918 |
| Differential-ID | RFC4229 | |
| Digest | Indicates a hash/digest for the full resource | RFC4229 |
| ETag | Differentiates between multiple versions/representations of the same resource | RFC7232, Section 2.3 |
| Expect | Require that downstream nodes support specified functionality | RFC7231, Section 5.1.1 |
| Expires | Controls caching | RFC7234, Section 5.3 |
| Ext | RFC4229 | |
| Forwarded | Shows where the message originated from, further upstream | RFC7239 |
| From | Contact information for the user making the request, especially for Web spiders | RFC7231, Section 5.5.1 |
| Host | Hostname component of the request-URI (Required) | RFC7230, Section 5.4 |
| IM | Instance Manipulation | RFC4229 RFC 3229 |
| If | Used in WebDAV | RFC4918 |
| If-Match | Conditional request header | RFC7232, Section 3.1 |
| If-Modified-Since | Conditional request header | RFC7232, Section 3.3 |
| If-None-Match | Conditional request header | RFC7232, Section 3.2 |
| If-Range | Conditional request header | RFC7233, Section 3.2 |
| If-Schedule-Tag-Match | Part of Scheduling Extensions to CalDAV | RFC6638 |
| If-Unmodified-Since | Conditional request header | RFC7232, Section 3.4 |
| Keep-Alive | RFC4229 | |
| Label | Used in WebDAV | RFC4229 |
| Last-Modified | RFC7232, Section 2.2 | |
| Link | Declares a link relationship to another resource | RFC5988 |
| Location | Points to another resource, typically for redirection purposes | RFC7231, Section 7.1.2 |
| Lock-Token | Used in WebDAV | RFC4918 |
| Man | Experimental | RFC4229 |
| Max-Forwards | Limit the number of forwards, similar to a TTL | RFC7231, Section 5.1.2 |
| Memento-Datetime | RFC7089 | |
| Meter | RFC4229 RFC2227 | |
| MIME-Version | The HTTP Message is also MIME compatible (obsolete) | RFC7231, Appendix A.1 |
| Negotiate | RFC4229 RFC2295 | |
| Opt | RFC4229 | |
| Ordering-Type | RFC4229 | |
| Origin | RFC6454 | |
| Overwrite | Used in WebDAV | RFC4918 |
| P3P | RFC4229 | |
| PEP | RFC4229 | |
| PICS-Label | RFC4229 | |
| Pep-Info | RFC4229 | |
| Position | RFC4229 | |
| Pragma | (Deprecated HTTP/1.0 header) | RFC7234, Section 5.4 |
| Prefer | Indicate a preference for how the server should respond to a query | RFC7240 |
| Preference-Applied | RFC7240 | |
| ProfileObject | RFC4229 | |
| Proxy-Authenticate | Use of proxy requires authentication | RFC7235, Section 4.3 |
| Proxy-Authentication-Info | RFC4229 | |
| Proxy-Authorization | Send credentials to a proxy | RFC7235, Section 4.4 |
| Proxy-Features | RFC4229 | |
| Proxy-Instruction | RFC4229 | |
| Public | RFC4229 | |
| Range | Request a subset of the resource | RFC7233, Section 3.1 |
| Redirect-Ref | RFC4437 | |
| Referer | (Sic) Page that was linked from | RFC7231, Section 5.5.2 |
| Retry-After | RFC7231, Section 7.1.3 | |
| Safe | RFC4229 | |
| Schedule-Reply | Part of Scheduling Extensions to CalDAV | RFC6638 |
| Schedule-Tag | Part of Scheduling Extensions to CalDAV | RFC6638 |
| Sec-WebSocket-Accept | Used for negotiating a WebSocket connection | RFC6455 |
| Sec-WebSocket-Extensions | Used for negotiating a WebSocket connection | RFC6455 |
| Sec-WebSocket-Key | Used for negotiating a WebSocket connection | RFC6455 |
| Sec-WebSocket-Protocol | Used for negotiating a WebSocket connection | RFC6455 |
| Sec-WebSocket-Version | Used for negotiating a WebSocket connection | RFC6455 |
| Security-Scheme | Used to indicate S-HTTP support (not to be confused with HTTPS) | RFC4229 |
| Server | Indicates the server’s software and version | RFC7231, Section 7.4.2 |
| Set-Cookie | Request to store a cookie on the user-agent | RFC6265 |
| Set-Cookie2 | Request to store a cookie on the user-agent; Obsolete | RFC2965RFC6265 |
| Slug | Specifies a “slug” string to be used in the generation of URLs of new resources. Used by the Atom Publishing Protocol. | RFC5023 |
| SoapAction | RFC4229 | |
| Status-URI | Used by WebDAV | RFC4229 |
| Strict-Transport-Security | HSTS, asks that future requests must only go over TLS | RFC6797 |
| Surrogate-Capability | RFC4229 | |
| Surrogate-Control | RFC4229 | |
| TCN | RFC4229 | |
| TE | RFC7230, Section 4.3 | |
| Timeout | Used in WebDAV | RFC4918 |
| Trailer | RFC7230, Section 4.4 | |
| Transfer-Encoding | Specifies how the payload has been compressed. See also Content-Encoding | RFC7230, Section 3.3.1 |
| URI | RFC4229 | |
| Upgrade | RFC7230, Section 6.7 | |
| User-Agent | Indicates the user agent’s software and version | RFC7231, Section 5.5.3 |
| Variant-Vary | RFC4229 | |
| Vary | The server’s response was chosen based on the specified headers | RFC7231, Section 7.1.4 |
| Via | RFC7230, Section 5.7.1 | |
| WWW-Authenticate | RFC7235, Section 4.1 | |
| Want-Digest | RFC4229 | |
| Warning | RFC7234, Section 5.5 | |
| X-Frame-Options | Older variation on Frame-Options header | RFC7034 CSP |