Questions tagged [http-headers]

In the Hypertext Transfer Protocol (HTTP), HTTP header fields contain the operating parameters of an HTTP request or response. With the request or response line (first line of message), they form the message header.

The header fields define various characteristics of the data transfer that is requested, or the data that is provided in the message body.

Header fields start with the field name, terminated with a colon character, followed by the field value. Field names and values may be any application-specific strings, but a core set of fields is standardized by the Internet Engineering Task Force (IETF) in RFC 2616 and other updates and extension documents (e.g. RFC 4229), and are commonly understood by all compliant protocol implementations.

Many parameters may be followed by a quality or 'q' value, giving a weight to use in content negotiation. The HTTP message header is separated from the message body by a blank line.

List of HTTP Header fields

11266 questions
37 answers

What is the correct JSON content type?

I've been messing around with JSON for some time, just pushing it out as text and it hasn't hurt anybody (that I know of), but I'd like to start doing things properly. I have seen so many purported "standards" for the JSON content…
  • 225,853
  • 62
  • 212
  • 293
30 answers

How do I POST JSON data with cURL?

I use Ubuntu and installed cURL on it. I want to test my Spring REST application with cURL. I wrote my POST code at the Java side. However, I want to test it with cURL. I am trying to post a JSON data. Example data is like…
  • 68,775
  • 67
  • 216
  • 347
19 answers

403 Forbidden vs 401 Unauthorized HTTP responses

For a web page that exists, but for which a user does not have sufficient privileges (they are not logged in or do not belong to the proper user group), what is the proper HTTP response to serve? 401 Unauthorized? 403 Forbidden? Something else? What…
29 answers

How do we control web page caching, across all browsers?

Our investigations have shown us that not all browsers respect the HTTP cache directives in a uniform manner. For security reasons we do not want certain pages in our application to be cached, ever, by the web browser. This must work for at least…
Edward Wilde
  • 24,759
  • 8
  • 54
  • 64
11 answers

How to send a header using a HTTP request through a cURL call?

I wish to send a header to my Apache server on a Linux box. How can I achieve this via a cURL call?
  • 32,833
  • 28
  • 74
  • 102
10 answers

What does enctype='multipart/form-data' mean?

What does enctype='multipart/form-data' mean in an HTML form and when should we use it?
  • 19,959
  • 13
  • 52
  • 90
6 answers

application/x-www-form-urlencoded or multipart/form-data?

In HTTP there are two ways to POST data: application/x-www-form-urlencoded and multipart/form-data. I understand that most browsers are only able to upload files if multipart/form-data is used. Is there any additional guidance when to use one of the…
  • 27,547
  • 11
  • 50
  • 74
3 answers

Proper MIME media type for PDF files

When working with PDFs, I've run across the MIME types application/pdf and application/x-pdf among others. Is there a difference between these two types, and if so what is it? Is one preferred over the other? I'm working on a web app which must…
  • 64,008
  • 16
  • 112
  • 180
6 answers

Custom HTTP headers : naming conventions

Several of our users have asked us to include data relative to their account in the HTTP headers of requests we send them, or even responses they get from our API. What is the general convention to add custom HTTP headers, in terms of naming,…
Julien Genestoux
  • 28,068
  • 19
  • 64
  • 91
8 answers

Are HTTP headers case-sensitive?

In a blog post I use the following PHP to set the content-type of a response: header('content-type: application/json; charset=utf-8'); I just got a comment on that post saying that content-type needs to be capitalized, Content-type. Is this…
  • 144,159
  • 166
  • 440
  • 597
8 answers

What's the difference between Cache-Control: max-age=0 and no-cache?

The header Cache-Control: max-age=0 implies that the content is considered stale (and must be re-fetched) immediately, which is in effect the same thing as Cache-Control: no-cache.
  • 7,401
  • 3
  • 17
  • 15
8 answers

Getting only response header from HTTP POST using cURL

One can request only the headers using HTTP HEAD, as option -I in curl(1). $ curl -I / Lengthy HTML response bodies are a pain to get in command-line, so I'd like to get only the header as feedback for my POST requests. However, HEAD and POST are…
Jonathan Allard
  • 17,288
  • 11
  • 52
  • 74
21 answers

How to encode the filename parameter of Content-Disposition header in HTTP?

Web applications that want to force a resource to be downloaded rather than directly rendered in a Web browser issue a Content-Disposition header in the HTTP response of the form: Content-Disposition: attachment; filename=FILENAME The filename…
Atif Aziz
  • 35,022
  • 16
  • 61
  • 71
9 answers

How can I view HTTP headers in Google Chrome?

Till 9.x, the headers were under the resources in the Developer Tools, but now I can't find it anywhere.
5 answers

What MIME type should I use for CSV?

I've seen application/csv used and also text/csv. Is there a difference? Does it matter which as long as the request matches something that's available? Are they interchangeable?
Steve Dunn
  • 19,546
  • 11
  • 60
  • 87
2 3
99 100