httpheaders.com
:: overview :: header fields :: header viewer :: articles :: links :: contact :: home :: 
Header Fields


:: General Headers :: Request Headers :: Response Headers :: Entity Headers ::

Accept-Ranges
Age
ETag
Location
Proxy-Authenticate
Retry-After
Server
Vary
WWW-Authenticate


Accept-Ranges

Indicates the server's acceptance of range requests for a resource.

Example:

Accept-Ranges: bytes
back to top


Age

Gives the sender's estimate of the amount of time since the response (or its revalidation) was generated at the origin server.

Example:

Age: 86400
back to top


ETag

Provides the current value of the entity tag for the requested variant, for caching purposes.

Example:

ETag: "d08289b67439c21:9aa"
back to top 		Note:
The ETag header field is what is known as a validator. If a header does not contain any explicit freshness information about the entity, the user agent can use the ETag header field to determine if an entity fresh. CacheRight, DynaCache, and XCache are some products that can help you with your cache control policies.


Location

Redirects the recipient to a location other than the Request-URI for completion of the request or identification of a new resource.

Example:

Location: http://www.httpheaders.com/overview.htm
back to top


Proxy-Authenticate

Included as part of a 407 (Proxy Authentication Required) response. The field value consists of a challenge that indicates the authentication scheme and parameters applicable to the proxy for this Request-URI.

Example:

Proxy-Authenticate: NTLM TlRMTVNTUAABAAAAB7IAAAsACwAtAAAA
back to top


Retry-After

Indicates how long the service is expected to be unavailable to the requesting client.

Example:

Retry-After: Mon, 5 Aug 2002 19:43:31 GMT
back to top


Server

Contains information about the software used by the origin server to handle the request.

Example:

Server: Microsoft-IIS/5.0
back to top 		Note:
Having the Server in your response header can be potentially dangerous. If a "hacker" were to find out what server software you using, they can then use that to exploit any known security vulnerabilities of your particular server's software. The general rule of security by obscurity applies here. A good fix for IIS servers is ServerMask.


Vary

Indicates the set of request-header fields that fully determines, while the response is fresh, whether a cache is permitted to use the response to reply to a subsequent request without revalidation.

Example:

Vary: "Date"
back to top


WWW-Authenticate

Used in 401 (Unauthorized) response messages. The field value consists of at least one challenge that indicates the authentication scheme(s) and parameters applicable to the Request-URI.

Example:

WWW-Authenticate: Basic realm="All"
back to top


[ overview ] [ header fields ] [ header viewer ] [ articles ] [ links ] [ contact ] [ home ]
info@httpheaders.com
© 2002-2009 HTTPheaders.com