- Published on
What is an HTTP Header?
- Authors
- Name
- Skip2 Networks
- Title
- Content Manager
HTTP Header
What is an HTTP Header?
HTTP headers are key-value pairs sent between web browsers and servers as part of HTTP requests and responses, providing essential metadata about the communication taking place. These headers contain crucial information such as content type, encoding methods, caching instructions, authentication credentials, and browser capabilities that help servers understand how to process requests and inform browsers how to handle responses. Think of HTTP headers as the envelope information on a letter – while the actual webpage content represents the letter itself, headers provide the delivery instructions, return address, and handling specifications that ensure proper communication between client and server.
Headers play a fundamental role in web performance, security, and functionality, making them particularly important for CDN operations and content delivery optimization. Caching headers like Cache-Control and ETag determine how long content can be stored at various points in the delivery chain, directly impacting load times and bandwidth usage. Security headers such as Content-Security-Policy and Strict-Transport-Security protect against various attacks, while performance-related headers like Accept-Encoding enable compression that reduces file sizes. CDNs leverage these headers extensively to make intelligent decisions about content caching, compression, and delivery optimization based on client capabilities and content characteristics.
HTTP Header Example
When a user visits an e-commerce product page, their browser sends a request with headers indicating it accepts compressed content (Accept-Encoding: gzip, br) and prefers images in WebP format (Accept: image/webp). The CDN receives this request and responds with optimized headers including Cache-Control: max-age=86400 to cache the page for 24 hours, Content-Encoding: br to indicate Brotli compression was applied, and Content-Type: text/html; charset=UTF-8 to specify the content format. These headers enable the browser to properly decompress, display, and cache the content while allowing the CDN to serve subsequent requests directly from cache.
Common HTTP Header Categories
| Category | Headers | Purpose |
|---|---|---|
| Caching | Cache-Control, ETag, Expires | Control content caching behavior |
| Security | CSP, HSTS, X-Frame-Options | Protect against security threats |
| Content | Content-Type, Content-Length | Describe response body characteristics |
| Compression | Accept-Encoding, Content-Encoding | Enable file size optimization |
| Authentication | Authorization, WWW-Authenticate | Handle user credentials |
Request Headers (Browser to Server)
- User-Agent - Identifies browser type and capabilities
- Accept - Specifies preferred content types and formats
- Accept-Language - Indicates preferred languages for content
- Referer - Shows which page linked to the current request
- Cookie - Sends stored session and tracking information
Response Headers (Server to Browser)
- Set-Cookie - Instructs browser to store session data
- Location - Provides redirect destination for 3xx responses
- Server - Identifies web server software and version
- X-Powered-By - Indicates underlying technology stack
- Access-Control-Allow-Origin - Enables cross-origin resource sharing
CDN Header Optimization
- Cache Hit/Miss Indicators - Headers showing CDN cache status
- Edge Location Information - Identifies which server handled the request
- Compression Optimization - Automatic format selection based on client support
- Security Enhancement - Additional protective headers injected at the edge