Glossary Term
HTTP Header
Learn what HTTP headers are and how they provide metadata about requests and responses. Understand common headers like Content-Type and Authorization.
TL;DR: Key-value pairs that carry metadata about HTTP requests and responses. They control caching, authentication, content type, and other essential communication details.
HTTP headers are key-value pairs that carry additional information about HTTP requests and responses. Think of them like the envelope information on a letter - they don’t contain the main message, but they tell you important details about it.
Headers work like labels: each has a name (key) and a value. For example, Content-Type: application/json tells the receiver that the message body contains JSON data.
There are two main types:
- Request headers: Sent by the client (like
User-Agentidentifying your browser) - Response headers: Sent by the server (like
Content-Lengthindicating data size)
Headers matter because they help browsers and servers understand how to handle the data being exchanged. They control caching, security, content formatting, and much more.
Examples:
- Content-Type:
text/html(this is an HTML webpage) - Authorization:
Bearer abc123(here’s my login token) - Cache-Control:
max-age=3600(cache this for 1 hour)
Related terms: HTTP Request, HTTP Response, Cookie
Frequently Asked Questions
What is an HTTP header?
HTTP headers are key-value pairs that carry metadata about requests and responses. They control caching, authentication, content type, and many other aspects of HTTP.
What are common request headers?
Common request headers include Host, User-Agent, Accept, Authorization, Cookie, and Content-Type. They tell the server about the client and request.
What are common response headers?
Common response headers include Content-Type, Content-Length, Cache-Control, Set-Cookie, and Location. They describe the response and control client behavior.
Can I create custom headers?
Yes, use X- prefix by convention (though no longer required). Custom headers are useful for application-specific metadata but may be stripped by proxies.