Now, let's talk about headers. Headers are a core part of HTTP requests and responses.
They describe how the client and the server talk to each other and also provide information about the transaction. We have client-side headers, which are sent by the browser. Some examples are as follows:
- User-agent: This informs the server what type of OS, browser, and plugins the users have.
- Accept-encoding: This defines which encoding the browser supports, which is usually GZip or Deflate. This will compress the content and reduce the bandwidth time for every transaction.
- Referer: This contains the referer URL, basically from which page you clicked that link.
- Cookie: If our browser has cookies for its site, it will add them in the Cookie header. We also have server-side headers, which are set by the web server.
- Cache-Control: This defines the directives, which must be obeyed by all caching mechanisms along the chain.
- Location: This is used for re-directions. Whenever there is a 301 or 302 response, the server must send this header.
- Set-Cookie: This is a header used to set a cookie in the user's browser.
- WWW-Authenticate: This header is used by the server to request authentication. When the browser sees this header, it will open a login window asking for the username and password.
This is an example of what a response header looks like when making a GET request to https://www.packtpub.com/:
We have mentioned some of them here such as cache-control, content-encoding, and content-type. I suggest you get familiar with all of them. Every time you find a new header, read about it to learn its functionality.