A response from a Web server normally consists of a status line, one or more response headers, a blank line, and the document. Setting the HTTP response headers often goes hand in hand with setting the status codes in the status line. For example, several of the "document moved" status codes in the 300's range have an accompanying
Location header, and a
401 (Unauthorized) code must include an accompanying WWW-Authenticate header.
However, specifying headers can play a useful role even when no unusual status code is set. Response headers can be used to specify cookies, to supply the modification date (for caching), to instruct the browser to reload the page after a designated interval, to say how long the file is so that persistent HTTP connections can be used, and many other tasks.
Listed are some common HTTP response headers, along with an interpretation of their meaning or purpose.
|Allow||What request methods (
|Content-Encoding||What method was used to encode the document?
You need to decode it to get the type specified by the
|Content-Length||How many bytes are being sent?
This information is only needed if the browser is using a persistent (keep-alive)
HTTP connection. If you want your servlet to take advantage of this when the
browser supports it, your servlet should write the document into a
|Content-Type||What is the MIME type of the following document? The default for servlets is
|Date||What is current time (formatted in GMT)?|
|Expires||At what time should content be considered out of date and thus no longer cached?|
|Last-Modified||When was document last changed? Client can supply a date
|Location||Where should client go to get the document? This is usually
set indirectly, along with a
|Refresh||How soon should browser ask for an updated page (in seconds)?
Instead of just reloading current page, an alternative page can be specified by supplying an URL after a semicolon, e.g.
Note that this header is not officially part of HTTP1.1, but is an extension supported by both Netscape and Internet Explorer.
|Server||What server is this? This header is usually set by the server itself, and not by servlets.|
|Set-Cookie||Specifies a cookie associated with the page.|
|WWW-Authenticate||What authorization type and realm should client supply