General Headers
- Cache-Control – catching directives for both requests and responses.
- Connection - controls the network connection after finishing current transaction.
- Date – representing date/time in Greenwich Mean Time (GMT)
- Pragma - include implementation specific directives along the request/response chain.
- Transfer-Encoding – indicating the type of information suitable for safely transfer
- Upgrade – used to specify additional communication protocols in case server switches protocol
- Via - indicates the intermediate protocols and recipients and should be used by gateways and proxies
- Warning – provides additional information about the status or transformation of a message
Request Headers
- Accept - advertises understandable content types, expressed as MIME types.
- Accept-* - advertises understandable language and preferable locale variant.
- Accept-Encoding – limits the content encodings allowed in the response.
- Accept-Language - restricts the set of preferable natural languages of the response.
- Authorization - consists of credentials containing the authentication information.
- Cookie - send to the server the cookies previously sent by the server with the Set-Cookie header.
- Expect – indicates certain expectations of server behavior on the client side.
- From - contains email address for the user holding control of the requesting agent.
- Host - specifies the host and the port number of the resource that is requested.
- If-Match –makes the method conditional depending on the given value in the tag matching the given entity tags represented by ETag
- If-Modified-Since – makes the method conditional provided the modification state of the requested URL.
- If-Non-Match – condition is that the given value in the tag matches entity provided by ETag.
- If-Range – is used with the conditional GET to request portion or entire entity depending on whether the changes are made or not.
- If-Unmodified-Since – makes the method conditional provided the modification status of the requested resource.
- Max-Forwards - provides restriction mechanism with the TRACE and OPTIONS methods concerning the number of proxies or gateways forwarding the request to the next inbound server.
- Origin - indicates a fetch origin and includes only the server name.
- Proxy-Authorization - allows identification to a proxy that requires authentication.
- Range – specifies the range or ranges of the content requested from the document.
- Referer - contains the address of the previous web page from which the link to the page requested at the moment followed.
- TE - indicates willingness to extent transfer-coding in the response and accept trailer fields in a chunked transfer-coding.
- User-Agent - information about client making the request; vendor, version of the requesting user agent.
Response Headers
- Accept –Patch - specifies patch document formats the server supports
- Accept-Range - allows the server to indicate range requests acceptance.
- Access-Control-Allow-Origin – indicates the possibility of sharing the response with requesting code from the given origin.
- Age - how long in seconds the object is in the proxy cache.
- Alt-Svc – means Alternative Services, indicates different network location or protocol of resources.
- Cache-Control –controls checking the ETag value before using a cached version of a resource.
- Connection - controls options for the current connection and list of hop-by-hop response fields.
- Content-Disposition – gives an opportunity for file download.
- Delta-Base - specifies the delta-encoding entity tag of the response
- ETag - provides the current value of the entity tag for the requested variant.
- IM – Istant Manipulation applied to the response.
- Link - expresses relationship with another resource, type is defined by RFC 5988
- Location - the destination URL for 3xx redirects.
- Proxy-Authenticate – a field to be included as a part of the 407 Proxy Authentication Required response code
- Public-Key-Pins - announces hash of authentic TLS certificate of the website.
- Retry-After – indicates expectation concerning the time when service is unavailable and can be used with a 503 (Service Unavailable) response.
- Server - information about the server (name, version).
- Set-Cookie - contains information to retain for the URL.
- Strict-Transport-Security - informs on the duration of the HTTPS only policy cache and about its application to subdomains.
- Trailer - indicates the presence of the given set of header fields in the trailer of the encoded message.
- Transfer-Encoding - safely transfer of the entity to the user.
- Tk - Tracking Status header
- Upgrade – asks for an upgrade to another protocol.
- Vary - specifies variety of the sources of the entity.
- WWW-Authenticate - indicates applicable authentication schemes and parameters.
Entity Headers
- Allow - lists the set of methods supported by the resource identified by the Request-URI.
- Content-Encoding – used to compress the media-type.
- Content-Language - the content language.
- Content-Length - the size of the entity-body sent to the client, in bytes.
- Content-Location – provides the entity with the resource location if it is obtained from the location which is different from that of requested resource.
- Content-MD5 - supplies an MD5 digest of the entity for checking the integrity of the message.
- Content-Range – specifies the place for the partial body to be applied in the full body.
- Content-Type – used to show the media type of the resource.
- Expires – sets expiration time.
- Last-Modified – indicates time of last modification according to the origin server.