What are headers

• HTTP headers let the client and the server pass additional information with an HTTP request or response. An HTTP header consists of its case-insensitive name followed by a colon (:), then by its value. Whitespace before the value is ignored.
• Headers can be grouped according to their contexts:
  • General headers apply to both requests and responses, but with no relation to the data transmitted in the body. A general header is an HTTP header that can be used in both request and response messages but doesn't apply to the content itself. Depending on the context they are used in, general headers are either response or request headers (e.g. Cache-Control).
  • Request headers contain more information about the resource to be fetched, or about the client requesting the resource. A request header is an HTTP header that can be used in an HTTP request to provide information about the request context, so that the server can tailor the response. For example, the Accept-* headers indicate the allowed and preferred formats of the response. Other headers can be used to supply authentication credentials (e.g. Authorization), to control caching, or to get information about the user agent or referrer, etc.
  • Response headers hold additional information about the response, like its location or about the server providing it. A response header is an HTTP header that can be used in an HTTP response and that doesn't relate to the content of the message. Response headers, like Age, Location or Server are used to give a more detailed context of the response.
  • Entity headers contain information about the body of the resource, like its content length or MIME type. An entity header is an HTTP header that describes the payload of an HTTP message (i.e. metadata about the message body). Entity headers include: Content-Length, Content-Language, Content-Encoding, Content-Type, Expires, etc. Entity headers may be present in both HTTP request and response messages.
• Let's quickly see the headers in a real request.
• If you are interested, you can read up on all the different headers that are available and what they do. WE will see the most commonly used security headers in the next video.