Scribd
Upload
10 views

HTTP Basics3

HTTP headers facilitate the exchange of additional information between clients and servers in requests and responses. They are categorized into request headers, response headers, representation headers, payload headers, end-to-end headers, and hop-by-hop headers, each serving specific functions. Key headers include Content-Type, Cache-Control, and various security headers that enhance communication and data handling in HTTP transactions.

Uploaded by

anjaneyulusanskriti
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
10 views

HTTP Basics3

HTTP headers facilitate the exchange of additional information between clients and servers in requests and responses. They are categorized into request headers, response headers, representation headers, payload headers, end-to-end headers, and hop-by-hop headers, each serving specific functions. Key headers include Content-Type, Cache-Control, and various security headers that enhance communication and data handling in HTTP transactions.

Uploaded by

anjaneyulusanskriti
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

HTTP

headers
HTTP headers let the client and the server pass
additional information with a message in a request or
response.
Headers can be grouped according to
their contexts
Request headers
Contain more information about the resource to be fetched, or about the
client requesting the resource.

Response headers
Hold additional information about the response, like its location or
about the server providing it.

Representation headers
Contain information about the body of the resource, like its MIME type,
or encoding/compression applied.
Payload headers
Contain representation-independent information about payload data,
including content length and the encoding used for transport.

End-to-end headers
These headers must be transmitted to the final recipient of the message:
the server for a request, or the client for a response. Intermediate
proxies must retransmit these headers unmodified and caches must
store them.

Hop-by-hop headers
These headers are meaningful only for a single transport-level
connection, and must not be retransmitted by proxies or cached. Note
that only hop-by-hop headers may be set using the Connection
header.
Content-Type
Cache-
Control
Security

Session
Content-
Type
The HTTP Content-Type representation header is used to indicate
the original media type of a resource before any content encoding is
applied.

In responses, the Content-Type header informs the client about


the media type of the returned data
In requests such as POST or PUT, the client uses the Content-
Type header to specify the type of content being sent to the
server.
HTTP/1.1 200
content-encoding: br
content-type: text/javascript; charset=utf-
8
vary: Accept-Encoding
date: Fri, 21 Jun 2024 14:02:25 GMT
content-length: 2978

const
videoPlayer=document.getElementById...
Cache-
Control
The HTTP Cache-Control header holds directives (instructions)
in both requests and responses that control caching in browsers
and shared caches (e.g., Proxies)

(HTTP) cache
Implementation that holds requests and responses for reusing
in subsequent requests. It can be either a shared cache or a
private cache.

Shared cache
Cache that exists between the origin server and clients (e.g.
Proxy, CDN). It stores a single response and reuses it with
multiple users — so developers should avoid storing
Private cache
Cache that exists in the client. It is also called local
cache or browser cache. It can store and reuse
personalized content for a single user.

Store response
Store a response in caches when the response is
cacheable. However, the cached response is not always
reused as-is. (Usually, "cache" means storing a
response.)

Reuse response
Reuse cached responses for subsequent requests.

Age
Revalidate response
Ask the origin server whether or not the stored
response is still fresh. Usually, the revalidation is done
through a conditional request.

Fresh response
Indicates that the response is fresh. This usually means
the response can be reused for subsequent requests,
depending on request directives.

Stale response
Indicates that the response is a stale response. This
usually means the response can't be reused as-is.
Cache storage isn't required to remove stale responses
immediately because revalidation could change the
HTTP security
headers
HTTP security headers are those HTTP headers that are
related specifically to security, exchanged between a
client (like a web browser) and a server to define the
security of HTTP communication
The most important HTTP
security headers
Strict-Transport- Permissions-
Security Policy
Content-Security- X-Frame-
Policy Options
X-Content-Type- X-XSS-
HTTP
session
In client-server protocols, like HTTP, sessions consist of
three phases:

 The client establishes a TCP connection (or the


appropriate connection if the transport layer is not
TCP).

 The client sends its request, and waits for the answer.

 The server processes the request, sending back its


answer, providing a status code and appropriate data.

You might also like