2. HTTP Headers

Headers are name/value pairs that appear in both request and response messages. The name of the header is separated from the value by a single colon. For example, this line in a request message:

User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko

provides a header called User-Agent whose value is Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1). The purpose of this particular header is to supply the web server with information about the type of browser making the request. A complete definition of this and other commonly encountered HTTP headers can be found in the HTTP 1.1 specification.

Some web applications use custom headers to add comments or annotations to an HTTP message. The convention is to prefix the header name with X- to indicate that it is non-standard. In the previous example, the HTTP response message from this web server set an X-AspNet-Version header to indicate which version of  ASP.NET it is running.

Example 2

Clicking the Get Current Time button requests an updated copy of the following image:

2.1 Request Headers

HTTP clients use headers in the request message to identify themselves and control how content is returned. If you are using IE, you will have seen the following headers sent with the request in Example 2:

Accept:*/*

This header indicates that the browser will accept all types of content.

Accept-Language: en-gb

The browser prefers British English content.

Accept-Encoding: gzip, deflate

The browser can handle gzip or deflate compressed content

Connection: Keep-Alive

The browser is requesting the use of persistent TCP connections.

Host: www.httpwatch.com

HTTP/1.1 requires that the host name is supplied with every request so that multiple domains can be hosted on a single IP address.

Referer: http://www.httpwatch.com/httpgallery/headers/

This is supplied by the browser to indicate if the current request was the result of a link from another web page. The server may use this information to gather usage statistics or to track which web sites have links to a page.

User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko

This identifies the browser is Internet Explorer Version 11 running on Windows 8.1 x64

2.2 Response Headers

HTTP servers use headers in the response message to specify how content is being returned and how it should be handled. If you are using IE, you will have seen the following headers returned with the image in Example 2:

Cache-Control: no-cache

This header indicates whether the resource may be cached by the browser or any immediate caches. The value no-cache disables all caching. (See 5. Caching for more information)

Content-Length: 2748

This header contains the length in bytes of the resource (i.e. the gif image) that follows the headers.

Content-Type: image/gif

The content is in GIF format.

Date: Wed, 4 Oct 2004 12:00:00 GMT

This is the current date and time on the web server.

Expires: -1

The Expires header specifies when the content should be considered to be out of date. The value -1 indicates that the content expires immediately and would have to be re-requested before being displayed again.

Pragma: no-cache

The browser may be connecting to the server via HTTP/1.0 proxies or caches, that do not support the Cache-Control header. Setting Pragma to no-cache header prevents HTTP/1.0 caches from storing the content.

Server: Microsoft-IIS/6.0

The web server is an IIS 6 web server.

X-AspNet-Version: 4.0.30319

The web server is running ASP.NET 4.0

X-Powered-By: ASP.NET

The web server is running ASP.NET.