Common HTTP Headers
Request
- METHOD <url> HTTP/1.1. The method includes GET, POST, PUT, DELETE, and OPTIONS. The latter is often for CORS.
- Referer
- Accept
- Accept-Language
- Access-Control-Request-Method. Used with the OPTIONS method to indicate the actually method the subsequent request will use.
- Access-Control-Request-Headers. Used with the OPTIONS method to indicate the headers that the application (not the browser) will set in the subsequent request.
- Origin. The domain of the site making the request. Useful in cross-origin requests (CORS).
- Accept-Encoding
- User-Agent. The browser usually sets this.
- Host. The browser usually sets this.
- Content-Length. The browser usually sets this.
- Content-Language
- Content-Type
- Last-Event-ID
Response
- Cache-Control
- Pragma
- Content-Type
- Access-Control-Allow-Origin. Lists the allowed origins in CORS.
- Access-Control-Allow-Headers. Lists the allowed headers in CORS.
- Access-Control-Allow-Methods. Lists the allowed methods in CORS.
- Date
- Content-Length