| | Name | Description |
|---|
  | Accept | Content-Types that are acceptable - Accept: text/plain |
| AcceptCharset | Character sets that are acceptable Accept-Charset: utf-8 |
| AcceptDatetime | Acceptable version in time Accept-Datetime: Thu, 31 May 2007 20:35:00 GMT |
| AcceptEncoding | Acceptable encodings. See HTTP compression. Accept-Encoding: gzip, deflate |
| AcceptLanguage | Acceptable languages for response Accept-Language: en-US |
| AcceptRanges | What partial content range types this server supports Accept-Ranges: bytes |
| Age | The age the object has been in a proxy cache in seconds. Age: 12 |
| Allow | Valid actions for a specified resource. To be used for a 405 Method not allowed. Allow: GET, HEAD |
| Authorization | Authentication credentials for HTTP authentication Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== |
| CacheControl | Used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain Cache-Control: no-cache |
| Connection | Request: What type of connection the user-agent would prefer Connection: keep-alive Respose: Options that are desired for the connection[19]. Connection: close |
| ContentDisposition | An opportunity to raise a "File Download" dialogue box for a known MIME type with binary format or suggest a filename for dynamic content. Quotes are necessary with special characters. Content-Disposition: attachment; filename="fname.ext" |
| ContentEncoding | The type of encoding used on the data. See HTTP compression. Content-Encoding: gzip |
| ContentLanguage | The language the content is in Content-Language: da |
| ContentLength | The length of the request/response body in octets (8-bit bytes) |
| ContentLocation | An alternate location for the returned data. Content-Location: /index.htm |
| ContentMD5 | A Base64-encoded binary MD5 sum of the content of the request/response body Content-MD5: Q2hlY2sgSW50ZWdyaXR5IQ== |
| ContentRange | Where in a full body message this partial message belongs. Content-Range: bytes 21010-47021/47022 |
| ContentType | The MIME type of the body of the request/response (used with POST and PUT requests) Content-Type: application/x-www-form-urlencoded |
| Cookie | An HTTP cookie previously sent by the server with Set-Cookie (below) Cookie: $Version=1; Skin=new; |
| Date | The date and time that the request/response was sent Date: Tue, 15 Nov 1994 08:12:31 GMT |
| ETag | An identifier for a specific version of a resource, often a message digest. ETag: "737060cd8c284d8af7ad3082f209582d" |
| Expect | Indicates that particular server behaviors are required by the client Expect: 100-continue |
| Expires | Gives the date/time after which the response is considered stale. Expires: Thu, 01 Dec 1994 16:00:00 GMT |
| From | The email address of the user making the request From: user@example.com |
| Host | The domain name of the server (for virtual hosting), mandatory since HTTP/1.1. Although domain name are specified as case-insensitive[7][8], it is not specified whether the contents of the Host field should be interpreted in a case-insensitive manner[9] and in practice some implementations of virtual hosting interpret the contents of the Host field in a case-sensitive manner.[citation needed] Host: en.wikipedia.org |
| IfMatch | Only perform the action if the client supplied entity matches the same entity on the server. This is mainly for methods like PUT to only update a resource if it has not been modified since the user last updated it. If-Match: "737060cd8c284d8af7ad3082f209582d" |
| IfModifiedSince | Allows a 304 Not Modified to be returned if content is unchanged. If-Modified-Since: Sat, 29 Oct 1994 19:43:31 GMT |
| IfNoneMatch | Allows a 304 Not Modified to be returned if content is unchanged, see HTTP ETag If-None-Match: "737060cd8c284d8af7ad3082f209582d" |
| IfRange | If the entity is unchanged, send me the part(s) that I am missing; otherwise, send me the entire new entity. If-Range: "737060cd8c284d8af7ad3082f209582d" |
| IfUnmodifiedSince | Only send the response if the entity has not been modified since a specific time. If-Unmodified-Since: Sat, 29 Oct 1994 19:43:31 GMT |
| LastModified | The last modified date for the requested object, in RFC 2822 format. Last-Modified: Tue, 15 Nov 1994 12:45:26 GMT |
| Link | Used to express a typed relationship with another resource, where the relation type is defined by RFC 5988 Link: </feed>; rel="alternate"[23] |
| Location | Used in redirection, or when a new resource has been created. Location: http://www.w3.org/pub/WWW/People.html |
| MaxForwards | Limit the number of times the message can be forwarded through proxies or gateways. Max-Forwards: 10 |
| P3P | This header is supposed to set P3P policy, in the form of P3P:CP="your_compact_policy". However, P3P did not take off,[24] most browsers have never fully implemented it, a lot of websites set this header with fake policy text, that was enough to fool browsers the existence of P3P policy and grant permissions for third party cookies. P3P: CP="This is not a P3P policy! |
| Pragma | Implementation-specific headers that may have various effects anywhere along the request-response chain. Pragma: no-cache |
| ProxyAuthenticate | Request authentication to access the proxy. Proxy-Authenticate: Basic |
| ProxyAuthorization | Authorization credentials for connecting to a proxy. Proxy-Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== |
| Range | Request only part of an entity. Bytes are numbered from 0. Range: bytes=500-999 |
| Referer | This is the address of the previous web page from which a link to the currently requested page was followed. (The word “referrer” is misspelled in the RFC as well as in most implementations.) Referer: http://en.wikipedia.org/wiki/Main_Page |
| Refresh | Used in redirection, or when a new resource has been created. This refresh redirects after 5 seconds. This is a proprietary, non-standard header extension introduced by Netscape and supported by most web browsers. Refresh: 5; url=http://www.w3.org/pub/WWW/People.html |
| RetryAfter | If an entity is temporarily unavailable, this instructs the client to try again after a specified period of time (seconds). Retry-After: 120 |
| Server | A name for the server. Server: Apache/2.4.1 (Unix) |
| SetCookie | An HTTP cookie Set-Cookie: UserID=JohnDoe; Max-Age=3600; Version=1 |
| StrictTransportSecurity | A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains. Strict-Transport-Security: max-age=16070400; includeSubDomains |
| TE | The transfer encodings the user agent is willing to accept: the same values as for the response header Transfer-Encoding can be used, plus the "trailers" value (related to the "chunked" transfer method) to notify the server it expects to receive additional headers (the trailers) after the last, zero-sized, chunk. TE: trailers, deflate |
| Trailer | The Trailer general field value indicates that the given set of header fields is present in the trailer of a message encoded with chunked transfer-coding. Trailer: Max-Forwards |
| TransferEncoding | The form of encoding used to safely transfer the entity to the user. Currently defined methods are: chunked, compress, deflate, gzip, identity. Transfer-Encoding: chunked |
| Upgrade | Ask the server to upgrade to another protocol. |
| UserAgent | The user agent string of the user agent. User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0 |
| Vary | Tells downstream proxies how to match future request headers to decide whether the cached response can be used rather than requesting a fresh one from the origin server. Vary: * |
| Via | Request: Informs the server of proxies through which the request was sent. Via: 1.0 fred, 1.1 nowhere.com (Apache/1.1) Response: Informs the client of proxies through which the response was sent. Via: 1.0 fred, 1.1 nowhere.com (Apache/1.1) |
| Warning | A general warning about possible problems with the entity body. Warning: 199 Miscellaneous warning |
| WWWAuthenticate | Indicates the authentication scheme that should be used to access the requested entity. WWW-Authenticate: Basic |
