The most complete history of the browser HTTP protocol request headers

  HTTP message typically includes a client request message and a response message to the server of the server to the client. The client sends a request to the server, the request header contains the request method, URI, protocol version, and comprises a request modifiers, similar to the customer information and content MIME message structure. A server response status line, including the corresponding protocol version of the message, plus the success or error code comprises information server, the entity may be an entity meta information and content.
Here Insert Picture Description
Http protocol defines a number of ways to interact with the server, there are four basic kinds, namely GET, POST, PUT, DELETE. URL address is used to describe a resource on a network, and in HTTP GET, POST, PUT, DELETE it corresponds to the investigation of this resource, change, add, delete four operations, our most common is the GET and POST . GET is generally used to get / query resource information, and POST are generally used to update resource information.

A, HTTP header information interpretation

HTTP header includes common header field, the request header, and response header entity header portion of four. Each header field consists of a domain name, a colon (:) and the value of three parts.

Universal head: the head of client and server can be used to provide some very useful common functions between the client, server and other applications, such as Date header.

Request header: a request packet unique, they provide some additional information to the server, such as what type of client wants to receive data, such as Accept head.

Response header: ease of client information, such as, in the end customer interaction, such as head and Server what type of server.

Entity head: means for coping with the entity body portion of the head, for example, an entity header may be used to illustrate the data type of the entity body portion, such as the Content-Type header.

1, HTTP universal head

Common header field comprises a header field support request and response messages, the common header field comprises a header cache Cache-Control, Pragma header and informative Connection, Date, Transfer-Encoding, Update, Via.


Cache-Control specify the request and response caching mechanism to follow. Cache-Control setting request message or the response message does not modify the cache of another processing procedure of message processing. Cache instruction request includes no-cache, no-store, max-age, max-stale, min-fresh, only-if-cached, the response message includes instructions public, private, no-cache, no- store, no-transform, must-revalidate, proxy-revalidate, max-age. Meaning of each instruction message is as follows:

no-cache: indicating a request or response message can not be cached, in fact, may be stored in the local cache, but prior to the original freshness authentication server, the cache can not be used to provide it to the client.

no-store: the cache should remove all traces of a document from memory as soon as possible, because it may contain sensitive information.

max-age: cache did not return a cached longer than a predetermined max-age second document, if over a predetermined second browser will not send a corresponding request to the server, the data returned directly from the cache; over this period was further processed by the server We decided to return the new data cache or still available. If also transmitted max-stale instructions of use may exceed its expiration time.

min-fresh: at least the next document within the specified seconds to keep it fresh, to accept its freshness lifetime greater than the current and the Age with min-fresh value of the cache object.

max-stale: indicates that the client can receive the response message expires, if the specified value max-stale message, the client may receive a message in response to expiration but within the specified value.

only-if-cached: only when there are copies exist in the cache, the client will get a copy.

Public: indicates response may be any buffer cache, the cache can respond to any user with the content.

Private: indication for the whole or part of the message in response to a single user and can not be shared caching, the user can respond to a previous request for the cached content with the content.

2, Pragma

Pragma header field for containing instructions implement particular, is the most commonly used Pragma: no-cache. In HTTP / 1.1 protocol, its meaning and Cache- Control: the same no-cache.


Connection expressed the need for persistent connections. If here the value Servlet see "Keep-Alive", or see the request using HTTP 1.1 (HTTP 1.1 persistent connections default), it can take advantage of persistent connections, when the page containing a plurality of elements (e.g. Applet, pictures), significantly reducing the time required to download. To achieve this, Servlet need to send a Content-Length header in the response, the easiest method is to achieve: first write the contents of ByteArrayOutputStream, and then calculate its size before the official written content.

Close: Tell WEB server or proxy server, in response to the completion of this request, disconnected, this subsequent requests do not wait for a connection.

Keepalive: Tell WEB server or proxy server, upon completion of the response to this request, remain connected, wait for the current connection subsequent requests.

Keep-Alive: If the browser request remains connected to the head portion connected to the server indicating a desire to WEB how long (in seconds), as Keep-Alive: 300.


Date header field indicates the time message sent by the server in response to include in the header, because the cache when evaluating freshness of use in response to which the time description format defined by RFC822. For example, Date: Mon, 31 Dec 2001 04:25:57 GMT. Date when the time described represents the world standard, the conversion cost in time, need to know the user's time zone.


WEB server indicate their body made of the response message (message body is not inside the object) how the encoding, such as whether the block (chunked), for example: Transfer-Encoding: chunked


It can specify another may be completely different protocol, such as HTTP / 1.1 client may send a HTTP / 1.0 request to the server, which contains a value of "HTTP / 1.1" Update the head, so that the client can test server whether to use HTTP / 1.1 up.


Lists the response from the client to the OCS or in the opposite direction through which the proxy server, they request sent what protocol (and version).

When a client request arrives first proxy server, which will add its own Via header in the request sent inside, and fill in their own information, the next proxy server receives a request of a proxy server, it will Via header of the request before the request sent by itself inside a copy of the proxy server, and the related information to his back, so that when OCS receives a request last proxy server, checks the Via header, it know the route through which the request. For example: Via: 1.0 (squid / 2.6.STABLE13)

2, HTTP request header

Request header is used to explain who or what sent the request, where the request originated, or preferences and capabilities of the client. The server may request the client information in the header analysis, trying to provide a better response to the client. Request-header field may contain the following fields Accept, Accept-Charset, Accept- Encoding, Accept-Language, Authorization, From, Host, If-Modified-Since, If-Match, If-None-Match, If-Range, If-Range , If-Unmodified-Since, Max-Forwards, Proxy-Authorization, Range, Referer, User-Agent. Extension of the request header fields required to support communications both sides, if you do not support the request header field is present, the general will as an entity header field processing.


WEB server told myself to accept what the media type, / represents any type, type / * represents all sub-types under that type, type / sub-type.


Browser tells the server character set that he can receive.


Affirming their own browser coding method received, generally designated compression method supports compression, support what compression method (gzip, deflate).


Browser affirm their own language received. With a distinctive language character sets: Chinese language, Chinese has a variety of character sets, such as big5, gb2312, gbk and so on.


When a client receives the WWW-Authenticate response from the WEB server, with the head to respond to their own authentication information to the WEB server.


If the ETag target has not changed, in fact, also means that the object has not changed, only the implementation of an action request, access to documents.


If the ETag object changes, but in fact it means that the object has changed, only to perform the requested action to obtain documents.


If the requested object is modified in the head after a specified time, it performs the requested action (for example, returns the object), otherwise the code 304, tells the browser that the object is not modified. For example: If-Modified-Since: Thu, 10 Apr 2008 09:14:42 GMT


If the requested object is not modified after a specified time of the head, it performs the required action (such as the return object).


WEB browser tells the server object if my request has not changed, I was the missing piece to me, if the object has changed, put the entire object to me. ETag browser by sending a request to modify the object or the last time they know to the WEB server, allowed to determine whether the object is changed. Always used together with a Range header.


Browser (such as multi-threaded downloading Flashget) WEB server tell which part they want to take an object. For example: Range: bytes = 1173546


Response proxy browser, proxy authentication required to provide information.


Response proxy browser authentication request, provide their own identity.


WEB server specified by the client they want to access the domain name / IP address and port number. As Host:


WEB browser indicates to the server what URL is clicked in the current request URL / URL from which page, for example: Referer: http: //


Browser to identify themselves (which browser). For example: User-Agent: Mozilla / 5.0 (Windows; U; Windows NT 5.1; zh-CN; rv: Gecko / 20080404 Firefox /

3, HTTP response header

Response header to the client to provide some additional information, such as who is sending the response, responders, and even some special instructions related to the response. These headers help clients respond to treatment, and initiate requests better in the future. Response header field contains Age, Location, Proxy-Authenticate, Public, Retry- After, Server, Vary, Warning, WWW-Authenticate. Extension of the response header fields required to support communications both sides, if you do not support the existence of a response header field, generally will be treated as an entity header field.


When the proxy server's cache with their own entity to respond to the request by the head of the entity from generation to show that now after more than a long time.


WEB server showed himself to be what software and version information. For example: Server: Apache / 2.0.61 (Unix)


WEB server indicate whether they accept the request for obtaining a part of an entity (such as a portion of a file) is. bytes: acceptance, none: non-acceptance.


WEB server tells Cache server with the contents of the head, under what conditions can respond to subsequent requests with objects returned in this response. If the source WEB server, upon receiving the first request message, the response header of the message as: Content-Encoding: gzip; Vary: Content-Encoding, then the analysis server Cache subsequent request header of the message, check Accept- encoding, whether with Vary header value in response to a previous agreement, that is, whether to use the same content encoding method, so you can prevent server Cache Cache with the entity after their response to the compression inside the browser does not have the ability to decompress. For example: Vary: Accept-Encoding.

4, HTTP entity header

Entity header provides a wealth of information about entities and their contents, the types of information relating to the object, the request method can effectively use various resources. In short, the head of the entity can inform the recipient what it is processed. Request and response messages can contain information about the entity, the entity information and entity-header field generally consists of entities. The entity header field contains the raw information about the entity, the entity header of the header information included Allow, Location, the content header Content-Base, Content-Encoding, Content-Language, Content-Length, Content-Location, Content-MD5, Content- Range, Content-Type, the cache head Etag, Expires, Last-Modified, extension-header.


The method that the server supports the request (such as GET, POST, etc.).


It indicates that the client should go fetch the document for the receiving end positioned on the location (URL) resources. Location usually not directly, but through sendRedirect HttpServletResponse method, the method while setting the status code to 302.


Resolve the base URL to use when the body of a relative URL.


WEB server indicated you use what compression method (gzip, deflate) compression target response. For example: Content-Encoding: gzip


WEB server tells the browser that natural language understanding the most appropriate body to use.


WEB server tells the browser to the length or size of the object in response to their own, such as: Content-Length: 26012


The actual location of the resource is located.


MD5 checksum and body.


Entity header is used to specify the position of the insertion portion of the overall entity, he also indicates the length of the entire entity. Returns a response to the client part of the server, it must describe the overall physical length of the response from the scope and coverage. The general format: Content-Range: bytes-unitSPfirst-byte-pos-last-byte-pos / entity-legth. For example, the first 500 bytes transmitted in the form of sub-fields: Content-Range: bytes0- 499/1234 If this section contains an http message (e.g., in response to a range request or a request for a range overlapping series), Content-Range range represented transmitted, Content-Length indicates the number of bytes actually transmitted.


WEB server tells the browser type of the object of their own responses. For example: Content-Type: application / xml


Is an object (such as URL) flag value, in relation to a target, such as a html file, if it is changed, it will not modify Etag, therefore, the role of ETag Last-Modified action with almost primarily for WEB server determines whether an object has changed. When such a request before a html file, get its ETag, when this time requesting the file, the browser will get the previous ETag value is sent to the WEB server, WEB server will then present the file with the ETag ETag comparison, then you know that the file has not changed.


After WEB server indicates that the entity will expire at what time, for the expired object only to verify its validity with WEB server, it can be used to respond to customer requests. The head HTTP / 1.0 in. For example: Expires: Sat, 23 May 2009 10:02:12 GMT


WEB server think last modified objects, such as the last file modification time, last time produce dynamic pages, and so on. For example: Last-Modified: Tue, 06 May 2008 02:42:43 GMT

Two, HTTP Request Header information of

1, HTTP request method

Here Insert Picture Description
Description: The main use of the "GET" and "POST".

Example: POST / test / tupian / cm HTTP / 1.1

Divided into three parts:

(1) POST: HTTP request method

(2) / test / tupian / cm: the address of the Web server requests the directory (or instructions)

(3) HTTP / 1.1: URI (Uniform Resource Identifier, Uniform Resource Identifier) ​​and version

NOTE: In Ajax, the corresponding method attribute set.


Description: web server domain name address request


Note: For more information HTTP client running the browser type. By this header information, web server may determine whether the client browser type current HTTP request.

Examples: User-Agent: Mozilla / 5.0 (Windows; U; Windows NT 5.1; zh-CN; rv: Gecko / 20071127 Firefox /


Explanation: The content type of the client to receive the content type in the order of priorities that the client receives.


NOTE: Prototyp (1.5) Ajax code package, the Accept default setting is "text / JavaScript, text / HTML, file application / XML, text / XML, / ." This is because the default Ajax Json data acquisition mode returned by the server. In Ajax code, you can use the XMLHttpRequest object setRequestHeader function method to dynamically set the Header information.


Description: Specifies the HTTP client browser to return to the language used to display information preference.

Example: Accept-Language: zh-cn, zh; q = 0.5 default Chinese herein.


Description: Specifies the client browser to support web server returns the content compression encoding type. Representation allows the server to send the output to the client before the content is compressed to conserve bandwidth. The return compression format set here is that the client browser is capable of supporting.

实例:Accept-Encoding: gzip,deflate

Note: In fact, before Baidu many product lines, apache returned to the client page in the data, the data is compressed in gzip format.


Description: The browser can accept character encoding.

Example: Accept-Charset: gb2312, utf-8; q = 0.7, *; q = 0.7


Description: HTTP request to display this type of content submitted. Generally only when the post submission need to set the property.

实例:Content-type: application/x-www-form-urlencoded;charset:UTF-8

NOTE: For Content-Type attribute value can encode the following two types:

(1) "application / x-www-form-urlencoded": encoding type when the form data used by the server, the default value is the default "application / x-www-form-urlencoded". However, in a lot of text sent to the server, which is very low coding efficiency when text or binary data contains non-ASCII characters.

(2) "multipart / form-data": when the file upload, type of encoding used should be "multipart / form-data", it can either send the text data, binary data are also supported on the carrier.

When the data submission is alone, you can use "application / x-www-form-urlencoded"; when the file is submitted, it is necessary to use "multipart / form-data" encoding type.

Or specify the submission of the Content-Type charset property which character encoding. Generally not set, it just tells what character encoding used in the data submitted by the web server post.

In the development process in general, is a front-end engineering and back-end UI engineer what character encoding format to use to post a good discussion submitted, then the back-end ui engineer a fixed character encoding to parse the data submitted. So charset set here is not much.


Description: Indicates whether a persistent connection. If the web server to see here is "Keep-Alive", or see the request using HTTP 1.1 (HTTP 1.1 persistent connections default), it can take advantage of persistent connections, when a page contains multiple elements (eg Applet, pictures), significantly reducing the time required to download. To achieve this, web server needs to return to the client HTTP header information to send a Content-Length (return message body length) head, the easiest method is to achieve: first write the contents of ByteArrayOutputStream, then write in the official calculate its size before the content.

Example: Connection: keep-alive


Description: Keep-Alive display time for this HTTP connection. The client to server connection remain in effect when subsequent requests to the server appears, Keep-Alive feature prevents establish or re-establish the connection. Before the stop is connected to the HTTP request, then from the HTTP / 1.1 protocol, there is a long link, i.e. within a predetermined time Keep-Alive, the connection is not disconnected.

Examples: Keep-Alive: 300


Description: When an HTTP request, will save all the values ​​in the cookie is sent with the domain name request to the web server.


Description: Contains a URL, URL of the page the user from accessing pages on behalf of the current request

13, HTTP Response Header information of

Header Explanation Examples
Accept-Ranges It indicates whether the server supports the specified range requests and what type of segmentation request Accept-Ranges: bytes
Age Formed from the original estimated time server to the proxy cache (in seconds, non-negative) Age: 12
Allow To conduct a valid request network resources, do not allow returns 405 Allow: GET, HEAD
Cache-Control Are tell all the caching mechanism can be cached and what type Cache-Control: no-cache
Content-Encoding Supported web server returns the content compression encoding type. Content-Encoding: gzip
Content-Language Body language response Content-Language: en,zh
Content-Length Length of the response body Content-Length: 348
Content-Location Another alternative address request resource spare Content-Location: /index.htm
Content-MD5 Return resources MD5 checksum Content-MD5: Q2hlY2sgSW50ZWdyaXR5IQ==
Content-Range Returns the entire body of this part of the byte position Content-Range: bytes 21010-47021/47022
Content-Type Returns the MIME type content Content-Type: text/html; charset=utf-8
Date Time of the original message sent by the server Date: Tue, 15 Nov 2010 08:12:31 GMT
ETag Request the current value of variable entity tag ETag: “737060cd8c284d8af7ad3082f209582d”
Expires In response date and time expired Expires: Thu, 01 Dec 2010 16:00:00 GMT
Last-Modified The last modification time of the requested resource Last-Modified: Tue, 15 Nov 2010 12:45:26 GMT
Location The recipient to redirect unsolicited location URL or request to complete a new resource identifier Location:
Pragma Achieve a particular including instructions, which can be applied to any recipient in the response chain Pragma: no-cache
Proxy-Authenticate 它指出认证方案和可应用到代理的该URL上的参数 Proxy-Authenticate: Basic
refresh 应用于重定向或一个新的资源被创造,在5秒之后重定向(由网景提出,被大部分浏览器支持) Refresh: 5; url=
Retry-After 如果实体暂时不可取,通知客户端在指定时间之后再次尝试 Retry-After: 120
Server web服务器软件名称 Server: Apache/1.3.27 (Unix) (Red-Hat/Linux)
Set-Cookie 设置Http Cookie Set-Cookie: UserID=JohnDoe; Max-Age=3600; Version=1
Trailer 指出头域在分块传输编码的尾部存在 Trailer: Max-Forwards
Transfer-Encoding 文件传输编码 Transfer-Encoding:chunked
Vary 告诉下游代理是使用缓存响应还是从原始服务器请求 Vary: *
Via 告知代理客户端响应是通过哪里发送的 Via: 1.0 fred, 1.1 (Apache/1.1)
Warning 警告实体可能存在的问题 Warning: 199 Miscellaneous warning
WWW-Authenticate 表明客户端请求实体应该使用的授权方案 WWW-Authenticate: Basic









100 continue 101 packet switching Association 200 OK 201 is created 202 was adopted
203 Non-Authoritative Information 204 No Content 205 Reset Content Part 206 300 Options
301 permanently transfer 302 found 303 See Other 304 No change 305 use a proxy
307 temporary redirect 400 Bad Request 401 Unauthorized 402 payment is required 403 Forbidden
404 Not Found 405 Method Not Allowed 406 not been adopted 407 Proxy Authorization Requirements 408 Request Timeout
409 Conflict 410 Expired Required length 411 Without the establishment of 412 413 Request instance too
414 Request URI too large 415 Unsupported media type Range 416 requests can not be met 417 failed expectations 500 Internal Server Error
501 is not used 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 505 HTTP version not supported
Published 107 original articles · won praise 14 · views 40000 +

Guess you like