登录
注册
node.js 学习社区
HTTP Header 属性列表

放弃浮华

2014-12-19 12:34

HTTP header中包含HTTP请求与响应的操作参数. header属性定义了所传输数据的各种特性. header属性以属性名开始,以冒号结尾,最后是属性值.属性名及值会因应用的不同,而有所不同,但IETF(Internet Engineering Task Force)在RFC2616中定义了一套核心的属性,以及其它更新及扩展文档,


请求(Request)

Field name Description Example
Accept Content-Types that are acceptable Accept: text/plain
Accept-Charset Character sets that are acceptable Accept-Charset: utf-8
Accept-Encoding Acceptable encodings Accept-Encoding: <compress | gzip | identity>
Accept-Language Acceptable languages for response Accept-Language: en-US
Accept-Ranges Allows the server to indicate its acceptance of range requests for a resource Accept-Ranges: bytes
Authorization Authentication credentials for HTTP authentication Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Cache-Control Used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain Cache-Control: no-cache
Connection What type of connection the user-agent would prefer Connection: close
Cookie an HTTP cookie previously sent by the server with Set-Cookie (below) Cookie: $Version=1; Skin=new;
Content-Length The length of the request body in octets (8-bit bytes) Content-Length: 348
Content-Type The mime type of the body of the request (used with POST and PUT requests) Content-Type: application/x-www-form-urlencoded
Date The date and time that the message was sent Date: Tue, 15 Nov 1994 08:12:31 GMT
Expect Indicates that particular server behaviors are required by the client Expect: 100-continue
From The email address of the user making the request From: user@email.com
Host The domain name of the server (for virtual hosting), mandatory since HTTP/1.1 Host: en.wikipedia.org
If-Match Only perform the action if the client supplied entity matches the same entity on the server. This is mainly for methods like PUT to only update a resource if it has not been modified since the user last updated it. If-Match: "737060cd8c284d8af7ad3082f209582d"
If-Modified-Since Allows a 304 Not Modified to be returned if content is unchanged If-Modified-Since: Sat, 29 Oct 1994 19:43:31 GMT
If-None-Match Allows a 304 Not Modified to be returned if content is unchanged, see HTTP ETag If-None-Match: "737060cd8c284d8af7ad3082f209582d"
If-Range If the entity is unchanged, send me the part(s) that I am missing; otherwise, send me the entire new entity If-Range: "737060cd8c284d8af7ad3082f209582d"
If-Unmodified-Since Only send the response if the entity has not been modified since a specific time. If-Unmodified-Since: Sat, 29 Oct 1994 19:43:31 GMT
Max-Forwards Limit the number of times the message can be forwarded through proxies or gateways. Max-Forwards: 10
Pragma Implementation-specific headers that may have various effects anywhere along the request-response chain. Pragma: no-cache
Proxy-Authorization Authorization credentials for connecting to a proxy. Proxy-Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Range Request only part of an entity. Bytes are numbered from 0. Range: bytes=500-999
Referer This is the address of the previous web page from which a link to the currently requested page was followed. Referer: http://en.wikipedia.org/wiki/Main_Page
TE The transfer encodings the user agent is willing to accept: the same values as for the response header Transfer-Encoding can be used, plus the "trailers" value (related to the "chunked" transfer method) to notify the server it accepts to receive additional headers (the trailers) after the last, zero-sized, chunk. TE: trailers, deflate;q=0.5
Upgrade Ask the server to upgrade to another protocol. Upgrade: HTTP/2.0, SHTTP/1.3, IRC/6.9, RTA/x11
User-Agent The user agent string of the user agent User-Agent: Mozilla/5.0 (Linux; X11)
Via Informs the server of proxies through which the request was sent. Via: 1.0 fred, 1.1 nowhere.com (Apache/1.1)
Warning A general warning about possible problems with the entity body. Warning: 199 Miscellaneous warning

响应(Response)

Field name↓ Description Example
Accept-Ranges What partial content range types this server supports Accept-Ranges: bytes
Age The age the object has been in a proxy cache in seconds Age: 12
Allow Valid actions for a specified resource. To be used for a 405 Method not allowed Allow: GET, HEAD
Cache-Control Tells all caching mechanisms from server to client whether they may cache this object Cache-Control: max-age
Content-Encoding The type of encoding used on the data Content-Encoding: gzip
Content-Language The language the content is in Content-Language: da
Content-Length The length of the response body in octets (8-bit bytes) Content-Length: 348
Content-Location An alternate location for the returned data Content-Location: /index.htm
Content-Disposition An opportunity to raise a "File Download" dialogue box for a known MIME type Content-Disposition: attachment; filename=fname.ext
Content-MD5 A Base64-encoded binary MD5 sum of the content of the response Content-MD5: Q2hlY2sgSW50ZWdyaXR5IQ==
Content-Range Where in a full body message this partial message belongs Content-Range: bytes 21010-47021/47022
Content-Type The mime type of this content Content-Type: text/html; charset=utf-8
Date The date and time that the message was sent Date: Tue, 15 Nov 1994 08:12:31 GMT
ETag An identifier for a specific version of a resource, often a Message Digest, see ETag ETag: "737060cd8c284d8af7ad3082f209582d"
Expires Gives the date/time after which the response is considered stale Expires: Thu, 01 Dec 1994 16:00:00 GMT
Last-Modified The last modified date for the requested object, in RFC 2822 format Last-Modified: Tue, 15 Nov 1994 12:45:26 GMT
Link Used to express a typed relationship with another resource, where the relation type is defined by RFC 5988 Link: ; rel="alternate"
Location Used in redirection, or when a new resource has been created. Location: http://www.w3.org/pub/WWW/People.html
Pragma Implementation-specific headers that may have various effects anywhere along the request-response chain. Pragma: no-cache
Proxy-Authenticate Request authentication to access the proxy. Proxy-Authenticate: Basic
Refresh Used in redirection, or when a new resource has been created. This refresh redirects after 5 seconds.
(This is a proprietary/non-standard header extension introduced by Netscape and supported by most web browsers.)
Refresh: 5; url=http://www.w3.org/pub/WWW/People.html
Retry-After If an entity is temporarily unavailable, this instructs the client to try again after a specified period of time. Retry-After: 120
Server A name for the server Server: Apache/1.3.27 (Unix) (Red-Hat/Linux)
Set-Cookie an HTTP cookie Set-Cookie: UserID=JohnDoe; Max-Age=3600; Version=1
Trailer The Trailer general field value indicates that the given set of header fields is present in the trailer of a message encoded withchunked transfer-coding. Trailer: Max-Forwards
Transfer-Encoding The form of encoding used to safely transfer the entity to the user. Currently defined methods are: chunked, compress, deflate, gzip, identity. Transfer-Encoding: chunked
Vary Tells downstream proxies how to match future request headers to decide whether the cached response can be used rather than requesting a fresh one from the origin server. Vary: *
Via Informs the client of proxies through which the response was sent. Via: 1.0 fred, 1.1 nowhere.com (Apache/1.1)
Warning A general warning about possible problems with the entity body. Warning: 199 Miscellaneous warning
WWW-Authenticate Indicates the authentication scheme that should be used to access the requested entity. WWW-Authenticate: Basic

通用非标准Headers

Field name↓ Description Example
X-Frame-Options[2] Clickjacking protection: "deny" - no rendering within a frame, "sameorigin" - no rendering if origin mismatch X-Frame-Options: deny
X-XSS-Protection[3] Cross-site scripting (XSS) filter X-XSS-Protection: 1; mode=block
X-Content-Type-Options[4] the only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type X-Content-Type-Options: nosniff
X-Requested-With[5] mainly used to identify Ajax requests. Most JavaScript frameworks send this header with value of XMLHttpRequest X-Requested-With: XMLHttpRequest
X-Forwarded-For[6] a de facto standard for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer X-Forwarded-For: client1, proxy1, proxy2
X-Forwarded-Proto[7] a de facto standard for identifying the originating protocol of an HTTP request, since a reverse proxy (load balancer) communicates with a web server using HTTP X-Forwarded-Proto: https
X-Powered-By[8] specifies the technology (ASP.NET, PHP, JBoss, e.g.) supporting the web application (version details are often in X-Runtime, X-Version, or X-AspNet-Version) X-Powered-By: PHP/5.2.1

参考: http://en.wikipedia.org/wiki/List_of_HTTP_header_fields

回复 · 0

发表回复

你可以在回复中 @ 其他人