Content-Type Header

The Content-Type HTTP header is used to indicate the type of media in the body of the message.

For example, when you upload a PNG image to a website, the browser adds 'Content-Type: image/png' to the request header. When you send a JSON string, the browser will add 'Content-Type: application/json', for XML strings it will add 'Content-Type: application/xml', etc.

Below is an example of an HTTP request to send a JSON string to the server. The 'Content-Type: application/json' header tells the server that the request body contains a JSON string.

Browser Request with Content-Type Header Live Request
POST /echo/post/json HTTP/1.1
Accept: application/json
Content-Type: application/json
Content-Length: 16
Host: reqbin.com

{"key": "value"}

When the server returns a JSON string, it indicates the data type with 'Content-Type: application/json' header.

Server Response with Content-Type Header
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 19

{"success":"true"}

The Content-Type header has been added since HTTP 1.0. Setting this header is critical for both the request and the response and allows the client to control the way the server interprets the request. Properly used Content-Type headers help to avoid Content-Type Sniffing (or MIME Sniffing) attacks.

Syntax


The Content-Type header has a set of parameters that differs for the different types. Most parameters are applied only to certain content-types.

  • Content-Type: text/html; charset=utf-8
  • Content-Type: multipart/form-data; boundary=data_separator

Directives


  • Media-type: Multipurpose Internet Mail Extensions (MIME) type of the data.
  • Charset: character encoding in which the data will be received. The default charset is ISO-8859-1.
  • Boundary: required for multipart entities and is used to enclose the boundaries of the message parts.

Content-Type Header Examples


Application
  • application/json
  • application/xml
  • application/zip
  • application/javascript
  • application/x-www-form-urlencoded
  • application/octet-stream

Image
  • image/png
  • image/jpeg
  • image/svg+xml
  • image/x-icon
  • image/gif

Text
  • text/html
  • text/css
  • text/plain

Multipart
  • multipart/form-data
  • multipart/mixed

Audio
  • audio/mpeg

Video
  • video/mp4
  • video/mpeg

http-headers content-type