HTTPheader

An HTTP header is a component of an HTTP message that carries metadata about the request or response. Headers convey information such as content type, length, encoding, caching policies, authentication credentials, and client capabilities. HTTP messages consist of a start line (request line or status line), a header section, and an optional body. The header section contains one or more header fields, each in the form Field-Name: value. Field names are case-insensitive and headers are terminated by a blank line.

Header fields can be categorized as general headers, request headers, response headers, and entity headers. Some

Common headers include Host, User-Agent, Accept, Accept-Language, Content-Type, Content-Length, Content-Encoding, Authorization, Cache-Control, Expires, Referer, and Set-Cookie.

In HTTP/1.1 the header section is transmitted as plain text with CRLF separators. HTTP/2 and later introduce

Best practices include avoiding duplicate or conflicting headers, normalizing header names, and not placing sensitive data