HTTP MESSAGES

KARTHIK B.S Click to edit Master subtitle style

4/28/12

HTTP METHODS
CONNECT DELETE GET

-Optional

Asks server (usually a proxy) to establish a tunnel.

-Optional

Asks server to delete the indicated resource.

-Required

Asks server to return requested resource.

HEAD -Required

Asks server to reply as if it were going to return the requested resource, but not to include the resource itself in the response.

4/28/12

HTTP METHODS
OPTIONS

-Optional

Asks server to indicate the options it supports for the indicated resource.
POST

-Optional

Asks server to pass the message body to the indicated resource.

PUT

-Optional

Asks server to accept the message body as the indicated resource.

TRACE

-Optional Asks server simply to respond to the request.

4/28/12

HTTP HEADER FIELDS

Accept

The Accept header, which is a request header, lets a client explicitly indicate what types of content it can accept in the message body of the servers response, as well as its relative preference for each content type.
EX: Accept: text/plain; q=0.5, text/html, text/x-dvi; q=0.8, text/x-c

4/28/12

HTTP HEADER FIELDS

Accept-Charset

Clients can include an Accept-Charset header in their requests to tell the server which character encodings they prefer for the message body returned in the response. The Accept-Charset header acts much like the basic Accept header (as well as other headers in the Accept- family). Clients may include a list of different character sets, and they can indicate a relative preference for different character sets by including a quality factor. If the quality factor is absent,the server assumes a value of 1.0.

EX:Accept-Charset: unicode, *; q=0.8

4/28/12

HTTP HEADER FIELDS

Accept-Encoding

The Accept-Encoding header gives clients another way to express their preferences for the message body of the servers response. In addition to content type (the Accept header) and character set (the Accept-Charset header), this header lets clients suggest content encodings for the response. (The TE header, described in section 3.2.44, lets clients express preferences for transfer encodings.) The format of the header is the same as the other Accept headers, a list of acceptable encodings, each with an optional quality factor.

EX: Accept-Encoding: compress, gzip; q=0.9, identity; q=0.8

4/28/12

HTTP HEADER FIELDS

Accept-Language

This header lets the client express a preference for the language of the returned message. EX:Accept-Language: en-gb, en; q=0.8

Age The Age header is a response header that estimates the age of the associated resource. Cache servers use this value to judge whether a cached resource is still valid or whether it has expired and must be refreshed from the origin server. The Age headers value is the number of seconds that the sender estimates have elapsed since the origin server generated or revalidated the response.

4/28/12

HTTP HEADER FIELDS

Allow

The Allow header identifies which http methods a particular resource supports. The header simply lists those methods as its value. The text below, for example, indicates that a resource supports the GET, HEAD, and PUT methods.

EX: Allow: GET, HEAD, PUT

Authentication-Info

The Authentication-Info completes a three-message user authentication exchange. It is a response header that servers can include in a successful response, and it gives the client additional information about the authentication exchange.

4/28/12

HTTP HEADER FIELDS

Authorization

Clients use the Authorization header to identify and authenticate themselvesor their usersto a server.
Cache-Control

The Cache-Control header is a master header for several different directives that specify caching behavior. These directives , some of which have parameters associated with them and some of which do not, are separated from each other by commas. EX: Cache-Control: max-age=3600, no-transform, no-cache="Accept-Ranges"

4/28/12

HTTP HEADER FIELDS

Connection

The Connection header allows the message sender (the client in the case of requests, the server for responses) to indicate to proxies any other headers in the message that should not be forwarded further. Consider the example of figure 3.8. In the figure,the client issues a request that includes two message headers: Upgrade and Connection. The proxy server,
4/28/12

HTTP HEADER FIELDS

Content-Encoding

The Content-Encoding header identifies any special encodings that are an inherent part of the resource contained in the message body. EX: Content-Encoding: gzip
Content-Length

The Content-Length header gives the size of the message body in bytes or, in the case of a response to a HEAD method, the size of the message body if it were to be included.

4/28/12

HTTP HEADER FIELDS

If a client wishes to support http state management, it provides any cookies it has received from a server in subsequent requests to that server. Those cookies are carried in a Cookie header, much like the following. This example shows only a single cookie, but a client may conceivably have multiple cookies from the server, in which case it may combine all of them in one header or use separate headers. EX: Cookie: $Version="1"; NAME="VALUE"; $Path="/shopping"; $Domain="www.shop.com"; $Port="80"
Cookie

4/28/12

HTTP HEADER FIELDS

The ETag header gives servers a more reliable way to identify resources, especially to improve caching performance. Without the ETag header, it can be difficult for caches (whether in proxy servers or in the client) to unambiguously identify requestes resources. An ETag value can contain arbitrary characters within double quotation marks; the actual value is completely up to the origin server. The following fragment is how a server might assign an ETag value in its response. EX:ETag: "xyzzy"
Etag

4/28/12

HTTP HEADER FIELDS

Expect
With the Expect header, a client tells a server that it expects a particular behavior. The http specifications define Expect as an extensible header, but the only currently defined use for it is if a client expects a server to send a 100 Continue status. In that case the client includes the following header. EX: Expect: 100-continue

Expires
The Expires header indicates a time, beyond which a resource may no longer be valid. Until then, caches may keep a copy of the response and return that copy in response to subsequent Requests. EX: Expires: Thu, 01 Dec 1994 16:00:00 GMT

4/28/12

HTTP HEADER FIELDS

From
Clients can use the From header to identify the human user for a request. The value of this header, as the example below shows, is an email address. Because unsolicited email has made many users very wary of revealing their email addresses, most http clients no longer include this field in their requests.

EX:From: stephen.thomas@waterscreek.com

4/28/12

HTTP HEADER FIELDS

If-Match The server accepts the request only if certain conditions are true. Specifically, the If-Match header lists one or more entity tags, and the server should process the request only if the identified resource matches one of the entity tags. The server The If-Match header makes a clients request conditional; must not use weak Etag for its comparison.
Ex: If-Match: * In the above example theclient asks the server to carry out the request only if the resource already exists, regardless of its current entity tag. A client might use this option if it wanted to prevent its PUT request from creating a brand new resource.

4/28/12

HTTP HEADER FIELDS

If-Modified-Since
The If-Modified-Since header lets clients and proxy servers make more efficient use of their caches. It asks a server to respond to a request only if the resource has changed since the specified date.

If-None-Match The If-None-Match header is the complement of the IfMatch header; it has the exact opposite effect. When a client includes If-None-Match, it asks a server to complete a request only if the indicated resource has an entity tag that differs from that in the header. If-Unmodified-Since condition doe not hold, a server returns a 412 Precondition Failed status.

4/28/12

HTTP HEADER FIELDS

If-Range The If-Range header improves performance for clients or proxies that have part of an object in their local cache. Without If-Range, the client may require two separate exchanges to get a new copy of the object once that object has been modified. If-Unmodified-Since The If-Unmodified-Since header is the opposite of If-Modified-Since. If a client includes If- Unmodified-Since in its request, it asks the server to accept the request only if the referenced resource has not changed since the indicated date.

4/28/12

HTTP HEADER FIELDS

Last-Modified
The Last-Modified header provides the date the origin server believes the indicated resource was last modified. Ex:Last-Modified: Tue, 15 Nov 1994 12:45:26 GMT

Location
Servers use the Location header to redirect clients to a new uri for a resource. The most common use of Location is in responses with 3xx status codes, but a server might also use Location in a 201 Created response. In that case, the header would tell a client where it could retrieve a copy of a resource that it just sent to the server using a PUT method.

4/28/12

HTTP HEADER FIELDS

Max-Forwards
The Max-Forwards header, along with the OPTIONS and TRACE methods, helps clients fix problems that prevent them from getting any response from a server. There are two classes of problems that can be particularly difficult to diagnose without the Max-Forwards headerfailed intermediaries and request looping

4/28/12

HTTP HEADER FIELDS

Meter
The Meter header supports several different options known as directives. Caching proxy servers and origin servers use these directives to report the cached page views and to limit the caching of resources. EX:GET / HTTP/1.1 Via: proxy Connection: Meter

4/28/12

HTTP HEADER FIELDS

Pragma
This header is intended as a way for clients to indicate that they do not want any intermediate servers to reply to the request with a cached response. EX: Pragma: no-cache

Proxy-Authenticate
The Proxy-Authenticate header lets intermediate proxy servers authenticate a client. By including this header in a response, the proxy asks the client to reissue the request but to include its authorization credentials. Proxy servers must always include Proxy-Authenticate in any response with a 407 Proxy Authentication Required status. In operation, Proxy-Authenticate is similar to WWW-Authenticate, except that it is generated by proxy servers rather than origin 4/28/12 servers.

HTTP HEADER FIELDS

Range
The Range header lets a client request part of a resource instead of the entire object. As we first saw in section 3.2.5, the header takes the following form. In a request, this header asks for the second 500 bytes (byte number 500 through byte number 999, inclusive) and for the last 2 bytes of the resource. Note that http 1.1 numbers bytes starting with 0. EX:Range: bytes 500-999, -2

4/28/12

HTTP HEADER FIELDS

Referer
The Referer header (yes, it is misspelled) appears in client requests so the server can identify where the client obtained the uri in its req.uest EX:<A href="http://www.iana.org">IANA</A>

Retry-After
Servers use the Retry-After header to tell a client when it should retry its request. The header can specify a date, so that the following header asks a client to wait until 1 January 2001 to reissue its request. EX: Retry-After: Sun, 31 Dec 2000 23:59:59 GMT

4/28/12

HTTP HEADER FIELDS

Server
With the Server header, an http server identifies the software that it uses to implement http. This header is the servers version of the User-Agent header. EX:Apache/1.3.6 (Unix) (Red Hat/Linux)

TE
The TE header tells a server which transfer encodings the client can accept in a response, and it can indicate the clients relative preferences for those transfer encodings. This header is very similar to the Accept-Encoding header, except that it applies to transfer encodings rather than content encodings. EX:TE: gzip, deflate;q=0.9

4/28/12

HTTP HEADER FIELDS

Trailer
Clients and servers may include the Trailer header when they use the chunked transfer encoding for the message body. This header lists any other http headers that appear after the message body, rather than in the normal position before the body. It tells the recipient which http headers it can expect in the chunked transfer encodings trailer.

Upgrade
The Upgrade header lets a client and server gracefully negotiate an upgrade to a different communications protocol. The new protocol may be a newer version of http or a completely different protocol such as Transport Layer Security. EX:GET http://www.bank.com/acct.html?749394889300 HTTP/1.1 4/28/12 Host: www.bank.com

HTTP HEADER FIELDS

User-Agent The User-Agent header is the clients version of the Server header. With User-Agent, a client identifies the specific http implementation it is using. For example, the following is how Netscape Navigator on an Apple Macintosh identifies itself. EX:User-Agent: Mozilla/4.x (Macintosh) VARY
The Vary header origin servers give proxy servers extra guidance in the management of their local caches. The Vary header lists other http headers that, in addition to the uri, determine which resource the server returns in its response.

4/28/12