Options
All
  • Public
  • Public/Protected
  • All
Menu

Enumeration HttpResponseHeaderEnum

HTTP response headers enum.

see

https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Response_fields

Enumeration members

Enumeration members

ACCEPT_CH

ACCEPT_CH: = "accept-ch"

Requests HTTP Client Hints.

ACCEPT_PATCH

ACCEPT_PATCH: = "accept-patch"

Specifies which patch document formats this server supports

ACCEPT_RANGES

ACCEPT_RANGES: = "accept-ranges"

What partial content range types this server supports via byte serving.

ACCESS_CONTROL_ALLOW_CREDENTIALS

ACCESS_CONTROL_ALLOW_CREDENTIALS: = "access-control-allow-credentials"

Specifying which web sites can participate in cross-origin resource sharing.

ACCESS_CONTROL_ALLOW_HEADER

ACCESS_CONTROL_ALLOW_HEADER: = "access-control-allow-headers"

Specifying which web sites can participate in cross-origin resource sharing.

ACCESS_CONTROL_ALLOW_METHODS

ACCESS_CONTROL_ALLOW_METHODS: = "access-control-allow-methods"

Specifying which web sites can participate in cross-origin resource sharing.

ACCESS_CONTROL_ALLOW_ORIGIN

ACCESS_CONTROL_ALLOW_ORIGIN: = "access-control-allow-origin"

Specifying which web sites can participate in cross-origin resource sharing.

ACCESS_CONTROL_EXPOSE_HEADERS

ACCESS_CONTROL_EXPOSE_HEADERS: = "access-control-expose-headers"

Specifying which web sites can participate in cross-origin resource sharing.

ACCESS_CONTROL_MAX_AGE

ACCESS_CONTROL_MAX_AGE: = "access-control-max-age"

Specifying which web sites can participate in cross-origin resource sharing.

AGE

AGE: = "age"

The age the object has been in a proxy cache in seconds.

ALLOW

ALLOW: = "allow"

Valid methods for a specified resource. To be used for a 405 Method not allowed.

ALT_SVC

ALT_SVC: = "alt-svc"

A server uses "Alt-Svc" header (meaning Alternative Services) to indicate that its resources can also be accessed at a different network location (host or port) or using a different protocol.
When using HTTP/2, servers should instead send an ALTSVC frame.

CACHE_CONTROL

CACHE_CONTROL: = "cache-control"

Tells all caching mechanisms from server to client whether they may cache this object.
It is measured in seconds.

CONNECTION

CONNECTION: = "connection"

Control options for the current connection and list of hop-by-hop response fields.
Must not be used with HTTP/2.

CONTENT_DISPOSITION

CONTENT_DISPOSITION: = "content-disposition"

An opportunity to raise a "File Download" dialogue box for a known MIME type with binary format or suggest a filename for dynamic content.
Quotes are necessary with special characters.

CONTENT_ENCODING

CONTENT_ENCODING: = "content-encoding"

The type of encoding used on the data. See HTTP compression.

CONTENT_LANGUAGE

CONTENT_LANGUAGE: = "content-language"

The natural language or languages of the intended audience for the enclosed content.

CONTENT_LENGTH

CONTENT_LENGTH: = "content-length"

The length of the response body in octets (8-bit bytes).

CONTENT_LOCATION

CONTENT_LOCATION: = "content-location"

An alternate location for the returned data.

CONTENT_MD5

CONTENT_MD5: = "content-md5"

A Base64-encoded binary MD5 sum of the content of the response

CONTENT_RANGE

CONTENT_RANGE: = "content-range"

Where in a full body message this partial message belongs

CONTENT_TYPE

CONTENT_TYPE: = "content-type"

The MIME type of this content

DATE

DATE: = "date"

The date and time that the message was sent (in "HTTP-date" format as defined by RFC 7231)

DELTA_BASE

DELTA_BASE: = "delta-base"

Specifies the delta-encoding entity tag of the response.

ETAG

ETAG: = "etag"

An identifier for a specific version of a resource, often a message digest

EXPIRES

EXPIRES: = "expires"

Gives the date/time after which the response is considered stale (in "HTTP-date" format as defined by RFC 7231)

IM

IM: = "im"

Instance-manipulations applied to the response.

LAST_MODIFIED

LAST_MODIFIED: = "last-modified"

The last modified date for the requested object (in "HTTP-date" format as defined by RFC 7231)

LINK

LINK: = "link"

Used to express a typed relationship with another resource, where the relation type is defined by RFC 5988

LOCATION

LOCATION: = "location"

Used in redirection, or when a new resource has been created.

P3P

P3P: = "p3p"

This field is supposed to set P3P policy, in the form of P3P:CP="your_compact_policy". However, P3P did not take off, most browsers have never fully implemented it, a lot of websites set this field with fake policy text, that was enough to fool browsers the existence of P3P policy and grant permissions for third party cookies.

PRAGMA

PRAGMA: = "pragma"

Implementation-specific fields that may have various effects anywhere along the request-response chain.

PREFERENCE_APPLIED

PREFERENCE_APPLIED: = "preference-applied"

Indicates which Prefer tokens were honored by the server and applied to the processing of the request.

PROXY_AUTHENTICATE

PROXY_AUTHENTICATE: = "proxy-authenticate"

Request authentication to access the proxy.

PUBLIC_KEY_PINS

PUBLIC_KEY_PINS: = "public-key-pins"
HTTP Public Key Pinning, announces hash of website's authentic TLS certificate

RETRY_AFTER

RETRY_AFTER: = "retry-after"

If an entity is temporarily unavailable, this instructs the client to try again later. Value could be a specified period of time (in seconds) or a HTTP-date.

SERVER

SERVER: = "server"

A name for the server

SET_COOKIE

SET_COOKIE: = "set-cookie"

An HTTP cookie

STRICT_TRANSPORT_SECURITY

STRICT_TRANSPORT_SECURITY: = "strict-transport-security"

A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

TK

TK: = "tk"

Tracking Status header, value suggested to be sent in response to a DNT(do-not-track), possible values: - "!" — under construction - "?" — dynamic - "G" — gateway to multiple parties - "N" — not tracking - "T" — tracking - "C" — tracking with consent - "P" — tracking only if consented - "D" — disregarding DNT - "U" — updated

TRAILER

TRAILER: = "trailer"

The Trailer general field value indicates that the given set of header fields is present in the trailer of a message encoded with chunked transfer coding.

TRANSFER_ENCODING

TRANSFER_ENCODING: = "transfer-encoding"

The form of encoding used to safely transfer the entity to the user. Currently defined methods are: chunked, compress, deflate, gzip, identity. Must not be used with HTTP/2.

UPGRADE

UPGRADE: = "upgrade"

Ask the client to upgrade to another protocol. Must not be used in HTTP/2.

VARY

VARY: = "vary"

Tells downstream proxies how to match future request headers to decide whether the cached response can be used rather than requesting a fresh one from the origin server.

VIA

VIA: = "via"

Informs the client of proxies through which the response was sent.

WARNING

WARNING: = "warning"

A general warning about possible problems with the entity body.

WWW_AUTHENTICATE

WWW_AUTHENTICATE: = "www-authenticate"

Indicates the authentication scheme that should be used to access the requested entity.

X_FRAME_OPTIONS

X_FRAME_OPTIONS: = "x-frame-options"

Clickjacking protection:

  • deny - no rendering within a frame
  • sameorigin - no rendering if origin mismatch
  • allow-from - allow from specified location
  • allowall - non-standard, allow from any location