Get HTTP Header

Delve into the world of HTTP headers and enhance your understanding of web requests. Discover the significance of HTTP headers, how they influence web interactions, and how to analyze them efficiently. Our HTTP header tool provides a user-friendly platform to explore and optimize your web requests, empowering you to fine-tune your web presence for better performance and user experience.

Remove Ads

Enter URL

Share on Social Media:

Whether you're a programmer or not, you've seen it everywhere on the web. Right now, your browser's address bar shows something that starts with "https://". Even your first Hello World script sent HTTP headers without you realizing it. In this article, we're going to learn the basics of HTTP headers and how we can use them in our web applications.

 

What are HTTP headers?

Get HTTP Header

 The initials HTTP stand for "Hypertext Transfer Protocol". The entire World Wide Web uses this protocol. It was established in the early 1990s. Almost everything you see in your browser is transmitted to your computer via HTTP. For example, when you open the page of this article, your browser has probably sent more than 40 HTTP requests and received HTTP responses for each one.

HTTP headers are the core part of those HTTP requests and responses, and they carry information about the client browser, the requested page, the server, and more.

Example When you type a URL in the address bar, your browser sends an HTTP request, and it might look like this:

 

1GET /tutorials/other/top-20-mysql-best-practices/ HTTP/1.1
2Host: net.tutsplus.com
3User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)
4Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
5Accept-Language: en-us,en;q=0.5
6Accept-Encoding: gzip,deflate
7Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
8Keep-Alive: 300
9Connection: keep-alive
10Cookie: PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120
11Pragma: no-cache
12Cache-Control: no-cache

The first line is the "Request Line," which contains some basic information about the request. And the rest are HTTP headers.

After that request, the browser receives an HTTP response, which may look like the following:

 

1HTTP/1.x 200 OK
2Transfer-Encoding: chunked
3Date: Sat, 28 Nov 2009 04:36:25 GMT
4Server: LiteSpeed
5Connection: close
6X-Powered-By: W3 Total Cache/0.8
7Pragma: public
8Expires: Sat, 28 Nov 2009 05:36:25 GMT
9Etag: "pub1259380237;gz"
10Cache-Control: max-age=3600, public
11Content-Type: text/html; charset=UTF-8
12Last-Modified: Sat, 28 Nov 2009 03:50:37 GMT
13X-Pingback: https://net.tutsplus.com/xmlrpc.php
14Content-Encoding: gzip
15Vary: Accept-Encoding, Cookie, User-Agent
16 
17<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
18<html xmlns="http://www.w3.org/1999/xhtml">
19<head>
20<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
21<title>Top 20+ MySQL Best Practices - Nettuts+</title>
22<!-- ... rest of the html ... -->

The first line is the "Status Line," followed by "HTTP Headers," up to the blank line. After that, the "content" begins (in this case, an HTML output).

When you view the source code of a web page in your browser, you will only see the HTML portion and not the HTTP headers, even though they have actually been transmitted together as you can see above.

Those HTTP requests are also sent and received for other things, such as images, CSS files, JavaScript files, etc. That's why I said earlier that your browser has sent at least 40 or more HTTP requests while loading just the page of this article.

Now, let's delve into the structure in more detail.

How to View HTTP Headers I use the following extension for Firefox to analyze HTTP headers:

 

firebug

HTTP Request Structure

 

The first line of the HTTP request is called the request line and consists of 3 parts:

The "verb" indicates what type of request this is. The most common verbs are GET, POST, and HEAD. The "path" is usually the part of the URL that comes after the domain. For example, when requesting "https://net.tutsplus.com/tutorials/other/top-20-mysql-best-practices/", the path portion is "/tutorials/other/top-20-mysql-best-practices/". The "protocol" part contains "HTTP" and the version, which is usually 1.1 in modern browsers. The rest of the request contains HTTP headers as "Name: Value" pairs on each line. They contain various information about the HTTP request and your browser. For example, the "User-Agent" line provides information about the browser version and operating system you are using. "Accept-Encoding" tells the server whether your browser can accept compressed output like gzip.

HTTP Request Structure

You may have noticed that cookie data is also transmitted within an HTTP header. And if there were a referring URL, it would be in the header as well.

Most of these headers are optional. This HTTP request could have been as small as this:

GET /tutorials/other/top-20-mysql-best-practices/ HTTP/1.1 Host: net.tutsplus.com And yet you would still have received a valid response from the web server.

Request Methods The three most common request methods are: GET, POST, and HEAD. You're probably already familiar with the first two, from writing HTML forms.

GET: Retrieve a Document This is the primary method used to retrieve HTML, images, JavaScript, CSS, etc. Most of the information loaded into your browser has been requested using this method.

For example, when you load an article from Nettuts+, the first line of the HTTP request looks like this:

1GET /tutorials/other/top-20-mysql-best-practices/ HTTP/1.1
2Host: net.tutsplus.com

And yet you would still have received a valid response from the web server.

Request Methods The three most common request methods are: GET, POST, and HEAD. You're probably already familiar with the first two, from writing HTML forms.

GET: Retrieve a Document This is the primary method used to retrieve HTML, images, JavaScript, CSS, etc. Most of the information loaded into your browser has been requested using this method.

For example, when you load an article from Nettuts+, the first line of the HTTP request looks like this:

1GET /tutorials/other/top-20-mysql-best-practices/ HTTP/1.1
2...

Once the HTML loads, the browser will start sending GET requests for images, which can be seen as follows:

1GET /wp-content/themes/tuts_theme/images/header_bg_tall.png HTTP/1.1
2...

Web forms can be configured to use the GET method. Here's an example.

1<form method="GET" action="foo.php">
2 
3First Name: <input type="text" name="first_name" /> <br />
4Last Name: <input type="text" name="last_name" /> <br />
5 
6<input type="submit" name="action" value="Submit" />
7 
8</form>

When the form is submitted, the HTTP request starts like this:

1GET /foo.php?first_name=John&last_name=Doe&action=Submit HTTP/1.1
2...

Even though you can send data to the server using GET and the query string, in many cases POST would be preferable. Sending large amounts of data using GET is not practical and has its limitations.

POST requests are more commonly sent by web forms. Let's change the previous example form to use the POST method.

1<form method="POST" action="foo.php">
2 
3First Name: <input type="text" name="first_name" /> <br />
4Last Name: <input type="text" name="last_name" /> <br />
5 
6<input type="submit" name="action" value="Submit" />
7 
8</form>

Upon submitting that form, an HTTP request is created like this:

POST /foo.php HTTP/1.1  
2Host: localhost
3User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)
4Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
5Accept-Language: en-us,en;q=0.5
6Accept-Encoding: gzip,deflate
7Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
8Keep-Alive: 300
9Connection: keep-alive
10Referer: http://localhost/test.php
11Content-Type: application/x-www-form-urlencoded
12Content-Length: 43
13 
14first_name=John&last_name=Doe&action=Submit

There are 3 important things to note here:

 

The path in the first line is simply /foo.php and there is no longer a query string. The Content-Type and Content-Length headers have been added, which provide information about the data being sent. All data is now sent after the headers, in the same format as the query string. POST method requests can also be made via AJAX, applications, cURL, etc. And all file upload forms require the use of the POST method.

HEAD: Retrieve Header Information HEAD is identical to GET, except that the server does not return the content in the HTTP response. When you send a HEAD request, it means you are only interested in the response code and HTTP headers, not the document itself.

"When you send a HEAD request, it means you are only interested in the response code and HTTP headers, not the document itself."

With this method, the browser can check if a document has been modified, for caching purposes. It can also check if the document definitely exists.

For example, if you have a lot of links on your website, you can periodically send HEAD requests to all of them to check for broken links. That will work much faster than using GET.

 

HTTP Response Structure

 

 After the browser sends an HTTP request, the server responds with an HTTP response. Excluding the content, it looks like this:

HTTP Response Structure

The first piece of data is the protocol. This is again usually HTTP/1.x or HTTP/1.1 on modern servers.

The next part is the status code followed by a short message. Code 200 means that our GET request was successful and the server will return the contents of the requested document, just after the headers.

We've all seen "404" pages. This number actually comes from the status code part of the HTTP response. If the GET request was made for a route that the server cannot find, it would respond with a 404 instead of a 200.

The rest of the response contains headers like the HTTP request. These values can contain information about the server software, when the page/file was last modified, the MIME type, etc…

Again, most of these headers are actually optional.

HTTP Status Codes 200 are used for successful requests. 300 are for redirections. 400 are used if there was some issue with the request. 500 are used if there was some issue with the server. 

200 OK

 As mentioned earlier, this status code is sent in response to a successful request.

206 Partial Content 

If an application requests only a range of the requested file, the 206 code is returned.

It is most commonly used with download managers that can pause and resume a download, or split the download into pieces.

404 Not Found

When the requested page or file is not found, a 404 response is sent by the server.

401 Unauthorized 

Password-protected web pages send this code. If you don't enter a correct login, you may see the following in your browser.

Please note that this only applies to HTTP password-protected pages that display pop-up windows like the following to log in.

403 Forbidden 

If you're not allowed to access the page, this code may be sent to your browser. This often happens when you try to open the URL of a folder that doesn't contain an index page. If the server configuration doesn't allow displaying the contents of the folder, you'll get a 403 error.

For example, on my local server, I created an images folder. Inside this folder, I put a .htaccess file with this line: "Options - Indexes". Now when I try to open http://localhost/images/ - I see this.

There are other ways in which access can be blocked, and a 403 may be sent. For example, you can block by IP address, with the help of some htaccess directives.

302 (or 307) Found & 301 

Moved Permanently These two codes are used to redirect the browser. For example, when you use a URL shortener server like bit.ly, this is exactly how they redirect people who click on their links.

Both 302 and 301 are handled very similarly by the browser, but they may have different meanings for search engine spiders. For example, if your website is down for maintenance, you can redirect elsewhere using 302. The search engine spider will continue to check your page later in the future. But if you redirect using 301, it will tell the spider that your website has been moved to that permanent location. 

500 Internal Server Error 

This code is usually seen when a web script breaks. Most CGI scripts don't display errors directly to the browser, unlike PHP. If there are some fatal errors, a 500 status code will simply be sent. And the programmer then needs to look up the server error logs to find the error messages.

 

Other very useful tools for SEO:

ads

Please disable your ad blocker!

We understand that ads can be annoying, but please bear with us. We rely on advertisements to keep our website online. Could you please consider whitelisting our website? Thank you!