Sitemap

Sign in

Medium Logo
Write

Sign in

11. HTTP Headers & HTTP Status Codes

Prabath Shalitha
6 min readJul 4, 2022

In this article, I’m going to talk about some important HTTP headers and HTTP status codes. Before we get into them, let's slightly look into what is HTTP and why we need HTTP.

HTTP

HTTP or Hyper Text Transfer Protocol is a protocol designed to transfer information between network devices. Since we are using HTTP to load web pages using hypertext links, we can call HTTP as the foundation of the World Wide Web (www). The flow of how HTTP works, the client machine makes a request to the server and the server sends a response message back to the client according to the response. So, HTTP is responsible for modern-day communication over the internet. All the information passing through the internet such as text, images, scripts, layout descriptions, etc. is transferred using HTTP.

The initiation of the communication which we call (HTTP) request, is the way client (browser) asks for information that needs to load the web page. It carries a series of encoded data such as,

  • A URL
  • HTTP version type
  • An HTTP method
  • HTTP headers
  • HTTP body

The response message sent back to the client from the server is called an (HTTP) response. It consists of,

  • HTTP status code
  • HTTP headers
  • HTTP body (optional)

Now we got a basic idea behind HTTP communication. So, let’s dig a bit deep into HTTP headers & HTTP codes.

HTTP Headers

As discussed above, HTTP headers are contains in both HTTP requests & responses. They used to pass additional information between client & server . Some important points about headers,

  • All headers are Case-insensitive
  • Header fields are separated by a colon
  • Key-value pairs in clear-text string format

There are 4 types of headers context-wise,

  1. Request Headers
  2. Response Headers
  3. Representation Headers
  4. Entity Headers

Let’s brief 5 example HTTP headers from each type.

01. Request Headers

Used in the HTTP requests that contain information about requests. Can include information about resources to be fetched, or about the client requesting the resources. Some of them are,

  • Accept — specify media types that are acceptable for the response.
Accept: text/plain
  • Accept-Charset — specify what character sets are acceptable for the response
Accept-Charset: iso-8859-5, unicode-1-1; q=0.8
  • Authorization — specify credentials containing the authentication information of the user agent
Authorization: BASIC Z3Vlc3Q6Z3Vlc3QxMjM=
  • Cookie — specify a name/value pair of information stored for that URL.
Cookie: name1=value1;name2=value2;name3=value3
  • Host — specify the Internet host and the port number of the resource being requested.
Host: www.w3.org

02. Response Headers

Used in the HTTP response and contain information about the response that the client requested. Some of them are,

  • Accept-Ranges — allows the server to indicate its acceptance of range requests for a resource.
Accept-Ranges: bytes
  • Age — sender’s estimate of the amount of time.
Age: 1030
  • Location — redirect the recipient to a location other than the Request-URI for completion.
Location: http://www.tutorialspoint.org/http/index.htm
  • Set-Cookie — contains a name/value pair of information to retain for this URL.
Set-Cookie: NAME=VALUE; OPTIONS
  • Server — contains information about the software used by the origin server to handle the request.
Server: Apache/2.2.14 (Win32)

03. General Headers

Applicable for both HTTP request & response messages. Some of them are,

  • Cache-Control — specify directives for caching mechanism.
Cache-control: no-cache

Some important cache request directives,

  1. Used with request header - no-cache, no-store, max-age=[seconds], min-fresh=[seconds], no-transform
  2. Used with response header - no-cache, no-store, max-age=[seconds], public, private
  • Connection — allows the sender/client to specify options that are desired for a particular connection.
Connection: keep-alive
  • Date — includes date/time stamps represented in Greenwich Mean Time (GMT).
Date: Mon, 18 Jul 2016 16:06:00 GMT
  • Pragma — include implementation-specific directives that might apply to any recipient in the request/response chain.
Pragma: no-cache
  • Warning — carry additional information about the status or transformation of a message.
Warning : warn-code SP warn-agent SP warn-text SP warn-date

04. Entity Headers

These headers define meta-information about the message body or the resource identified by the request.

  • Allow — lists the set of methods supported by the resource identified by the Request-URI.
Allow: GET, HEAD, PUT
  • Content-Encoding — used as a modifier to the media type.
Content-Encoding: gzip
  • Content-Language — describes the natural languages of the intended audience.
Content-Language: mi, en
  • Content-Type — indicates the media type of the entity-body sent to the recipient
Content-Type: text/html; charset=ISO-8859-4
  • Expires — gives the date/time after which the response is considered stale.
Expires: Thu, 01 Dec 1994 16:00:00 GMT

HTTP Status Codes

Now, we know what is an HTTP header and 20 HTTP headers with what they can be used to do. Let’s talk about HTTP status codes.

As we discussed above, the HTTP status code is sent back to the client by the server mentioning the status of the communication. It can be a 3-digit code from 100 to 599 which is used by clients to identify whether an HTTP request has been successfully completed.

There are 5 different groups based on the status of the response.

  • Informational response (100 - 199)
  • Successful response (200 - 299)
  • Redirection message (300 - 399)
  • Client error response (400 - 499)
  • Server error response (500–599)

01. Informational response

Status codes starting with 1 indicate the request has been received & process is continuing.

  • 100 (Continue) — indicates that the client should continue the request or ignore the response if the request is already finished.
  • 101 (Switching Protocols) — indicates the protocol the server is switching to. This code is sent in response to an Upgrade request header from the client
  • 102 (Processing /WebDAV) — indicates that the server has received and is processing the request, but no response is available yet.
  • 103 (Early Hints) — letting the user agent start preloading resources while the server prepares a response. Used with the Link header.

02. Successful response

Status codes starting with 2 indicate the action was successfully received, understood, and accepted.

  • 200 (OK) — indicates that the request succeeded.
  • 201 (Created) — indicates the request succeeded, and a new resource was created as a result.
  • 202 (Accepted) — indicates that the request is accepted for processing, but the processing is not complete.
  • 204 (No Content) — indicates there is no content to send for this request, but the headers may be useful.

03. Redirection message

Status codes starting with 3 indicate further action must be taken in order to complete the request.

  • 300 (Multiple Choices) —This request has more than one possible response. The user agent/user should choose one of them.
  • 301 (Moved Permanently) — indicates that the URL of the requested resource has been changed permanently & new URL is given in the response.
  • 302 (Found) — indicates that the URI of requested resource has been changed temporarily.
  • 304 (Not Modified) — tells the client that the response has not been modified, so the client can continue to use the same cached version of the response.

04. Client error response

Status codes starting with 4 indicate the request contains incorrect syntax or cannot be fulfilled.

  • 400 (Bad Request) — indicates that the server cannot/will not process the request due to something that is perceived to be a client error.
  • 401 (Unauthorized) — indicates that the client must authenticate itself to get the requested response.
  • 403 (Forbidden) — indicates that the client does not have access rights to the content.
  • 404 (Not Found) — indicates that the URL is not recognized. In an API, this also means that the endpoint is valid but the resource itself does not exist.

05. Server error response

Status codes starting with 5 indicate the server failed to fulfill a valid request.

  • 500 (Internal Server Error) — indicates that the server has encountered a situation it does not know how to handle.
  • 502 (Bad Gateway) — indicates that the server, while working as a gateway to get a response needed to handle the request, got an invalid response.
  • 503 (Service Unavailable) — indicates that the server is not ready to handle the request.
  • 505 (HTTP Version Not Supported) — indicates that the HTTP version used in the request is not supported by the server.

References:

HTTP - Header Fields

HTTP header fields provide required information about the request or response, or about the object sent in the message…

www.tutorialspoint.com

HTTP headers - GeeksforGeeks

The HTTP headers are used to pass additional information between the clients and the server through the request and…

www.geeksforgeeks.org

HTTP response status codes - HTTP | MDN

This interim response indicates that the client should continue the request or ignore the response if the request is…

developer.mozilla.org

Http Request
Http Status Code
Http Headers
Http Response

--

--

Prabath Shalitha
Prabath Shalitha

Written by Prabath Shalitha

21 followers
3 following

Graduated from SLIIT in Software Engineering. Working as an Associate Software Engineer at Virtusa.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech