HTTP Headers


HTTP Headers are packets of information that are sent along with HTTP requests that allow a server and a client to exchange useful additional information along with the actual data being exchanged.

HTTP Headers serve a multitude of purposes, but broadly fall into four categories:

  1. Request headers contain information about the resource in question that is being requested. This can include items such as what formats the requesting client can accept, the user agent (browser name and version), also the specific page name or resource ID being requested, or any other specific data that is required for the request to be fulfilled such as a search string, or the clients credentials.

  2. Response headers contain additional information about the actual response and how it was handled. This generally includes a HTTP Status Code. This might include details about the server that responded to the request, whether a cache was used, and how the client should make further requests. This is also (when appropriate) where any cookies are passed from the server to the client.

  3. Representation headers contain information about the body of the resource itself, like its type (a webpage, image or video), what language it is in and whether it is compressed.

  4. Payload headers describe the actual payload, this may include information such as content length and the encoding/ compression method used.


In simplified form (this is tabulated and formatted for clarity), you might expect a request for a search for "today's weather" on Google to look something like:

--- START REQUEST ---
GET /q=todays+weatherThis is the actual request line (how, and what is being requested).
Requested URL: http://www.google.comWhere we want to send the request to.
Method: GETThe method to use - "GET" means to request data.
Query: q=todays+weatherThe actual request, generally google uses q= to identify the "search term (query)".
Origin: xxx.xxx.xxx.xxx [your IP address]Where the request is coming from and where to return the response to.
User Agent: Mozilla/5.0Your browser, so that any specific requirements can be made.
Accept: text/html,xhtml+xml,xmlWhat formats to accept a response.
--- END REQUEST ---


And the response might look like:

--- START RESPONSE ---
HTTP/1.x 200 OKThis is the actual response line containing the http response status.
Status Code: 200The response http status code.
Server: gwsIn this case Google Web Server
Content-type: text/html; charset=ISO-8859-1This URL points to an HTML document.
Set-cookie: {cookie data}Any cookie data that Google might sent in relation to the request.
[Blank line here]

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html;">
</head>
<body>

This is the content of the webpage body - in this case Google results for the search "Today's Weather".
The full response will be HTML/ Javascript, but the resultant page might look something like the image below.

</body>
</html>
--- END RESPONSE ---


You can of course investigate the actual response headers by making a request for "https://www.google.com/?q=todays+weather" in the Full Header Checker.

;