<!doctype html><html lang="en-US" prefix="og: https://ogp.me/ns#"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="https://developer.mozilla.org/favicon-48x48.bc390275e955dacb2e65.png"/><link rel="apple-touch-icon" href="https://developer.mozilla.org/apple-touch-icon.528534bba673c38049c2.png"/><meta name="theme-color" content="#ffffff"/><link rel="manifest" href="https://developer.mozilla.org/manifest.f42880861b394dd4dc9b.json"/><link rel="search" type="application/opensearchdescription+xml" href="/opensearch.xml" title="MDN Web Docs"/><title>An overview of HTTP - HTTP | MDN</title><link rel="alternate" title="Ein Überblick über HTTP" href="https://developer.mozilla.org/de/docs/Web/HTTP/Overview" hrefLang="de"/><link rel="alternate" title="Generalidades del protocolo HTTP" href="https://developer.mozilla.org/es/docs/Web/HTTP/Overview" hrefLang="es"/><link rel="alternate" title="Un aperçu de HTTP" href="https://developer.mozilla.org/fr/docs/Web/HTTP/Overview" hrefLang="fr"/><link rel="alternate" title="HTTP の概要" href="https://developer.mozilla.org/ja/docs/Web/HTTP/Overview" hrefLang="ja"/><link rel="alternate" title="HTTP 개요" href="https://developer.mozilla.org/ko/docs/Web/HTTP/Overview" hrefLang="ko"/><link rel="alternate" title="Uma visão geral do HTTP" href="https://developer.mozilla.org/pt-BR/docs/Web/HTTP/Overview" hrefLang="pt"/><link rel="alternate" title="Обзор протокола HTTP" href="https://developer.mozilla.org/ru/docs/Web/HTTP/Overview" hrefLang="ru"/><link rel="alternate" title="HTTP 概述" href="https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Overview" hrefLang="zh"/><link rel="alternate" title="An overview of HTTP" href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview" hrefLang="en"/><link rel="preload" as="font" type="font/woff2" href="/static/media/Inter.var.c2fe3cb2b7c746f7966a.woff2" crossorigin=""/><link rel="alternate" type="application/rss+xml" title="MDN Blog RSS Feed" href="https://developer.mozilla.org/en-US/blog/rss.xml" hrefLang="en"/><meta name="description" content="HTTP is a protocol for fetching resources such as HTML documents. It is the foundation of any data exchange on the Web and it is a client-server protocol, which means requests are initiated by the recipient, usually the Web browser. A complete document is typically constructed from resources such as text content, layout instructions, images, videos, scripts, and more."/><meta property="og:url" content="https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview"/><meta property="og:title" content="An overview of HTTP - HTTP | MDN"/><meta property="og:type" content="website"/><meta property="og:locale" content="en_US"/><meta property="og:description" content="HTTP is a protocol for fetching resources such as HTML documents. It is the foundation of any data exchange on the Web and it is a client-server protocol, which means requests are initiated by the recipient, usually the Web browser. A complete document is typically constructed from resources such as text content, layout instructions, images, videos, scripts, and more."/><meta property="og:image" content="https://developer.mozilla.org/mdn-social-share.d893525a4fb5fb1f67a2.png"/><meta property="og:image:type" content="image/png"/><meta property="og:image:height" content="1080"/><meta property="og:image:width" content="1920"/><meta property="og:image:alt" content="The MDN Web Docs logo, featuring a blue accent color, displayed on a solid black background."/><meta property="og:site_name" content="MDN Web Docs"/><meta name="twitter:card" content="summary_large_image"/><meta name="twitter:creator" content="MozDevNet"/><link rel="canonical" href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview"/><style media="print">.article-actions-container,.document-toc-container,.language-menu,.main-menu-toggle,.on-github,.page-footer,.place,.sidebar,.top-banner,.top-navigation-main,ul.prev-next{display:none!important}.main-page-content,.main-page-content pre{padding:2px}.main-page-content pre{border-left-width:2px}</style><script src="/static/js/gtag.js" defer=""></script><script defer="" src="/static/js/main.5e889624.js"></script><link href="/static/css/main.26c64ea7.css" rel="stylesheet"/></head><body><script>if(document.body.addEventListener("load",(t=>{t.target.classList.contains("interactive")&&t.target.setAttribute("data-readystate","complete")}),{capture:!0}),window&&document.documentElement){const t={light:"#ffffff",dark:"#1b1b1b"};try{const e=window.localStorage.getItem("theme");e&&(document.documentElement.className=e,document.documentElement.style.backgroundColor=t[e]);const o=window.localStorage.getItem("nop");o&&(document.documentElement.dataset.nop=o)}catch(t){console.warn("Unable to read theme from localStorage",t)}}</script><div id="root"><ul id="nav-access" class="a11y-nav"><li><a id="skip-main" href="#content">Skip to main content</a></li><li><a id="skip-search" href="#top-nav-search-input">Skip to search</a></li><li><a id="skip-select-language" href="#languages-switcher-button">Skip to select language</a></li></ul><div class="page-wrapper category-http document-page"><div class="top-banner loading"><section class="place top container"></section></div><div class="sticky-header-container"><header class="top-navigation "><div class="container "><div class="top-navigation-wrap"><a href="/en-US/" class="logo" aria-label="MDN homepage"><svg id="mdn-docs-logo" xmlns="http://www.w3.org/2000/svg" x="0" y="0" viewBox="0 0 694.9 104.4" style="enable-background:new 0 0 694.9 104.4" xml:space="preserve" role="img"><title>MDN Web Docs</title><path d="M40.3 0 11.7 92.1H0L28.5 0h11.8zm10.4 0v92.1H40.3V0h10.4zM91 0 62.5 92.1H50.8L79.3 0H91zm10.4 0v92.1H91V0h10.4z" class="logo-m"></path><path d="M627.9 95.6h67v8.8h-67v-8.8z" class="logo-_"></path><path d="M367 42h-4l-10.7 30.8h-5.5l-10.8-26h-.4l-10.5 26h-5.2L308.7 42h-3.8v-5.6H323V42h-6.5l6.8 20.4h.4l10.3-26h4.7l11.2 26h.5l5.7-20.3h-6.2v-5.6H367V42zm34.9 20c-.4 3.2-2 5.9-4.7 8.2-2.8 2.3-6.5 3.4-11.3 3.4-5.4 0-9.7-1.6-13.1-4.7-3.3-3.2-5-7.7-5-13.7 0-5.7 1.6-10.3 4.7-14s7.4-5.5 12.9-5.5c5.1 0 9.1 1.6 11.9 4.7s4.3 6.9 4.3 11.3c0 1.5-.2 3-.5 4.7h-25.6c.3 7.7 4 11.6 10.9 11.6 2.9 0 5.1-.7 6.5-2 1.5-1.4 2.5-3 3-4.9l6 .9zM394 51.3c.2-2.4-.4-4.7-1.8-6.9s-3.8-3.3-7-3.3c-3.1 0-5.3 1-6.9 3-1.5 2-2.5 4.4-2.8 7.2H394zm51 2.4c0 5-1.3 9.5-4 13.7s-6.9 6.2-12.7 6.2c-6 0-10.3-2.2-12.7-6.7-.1.4-.2 1.4-.4 2.9s-.3 2.5-.4 2.9h-7.3c.3-1.7.6-3.5.8-5.3.3-1.8.4-3.7.4-5.5V22.3h-6v-5.6H416v27c1.1-2.2 2.7-4.1 4.7-5.7 2-1.6 4.8-2.4 8.4-2.4 4.6 0 8.4 1.6 11.4 4.7 3 3.2 4.5 7.6 4.5 13.4zm-7.7.6c0-4.2-1-7.4-3-9.5-2-2.2-4.4-3.3-7.4-3.3-3.4 0-6 1.2-8 3.7-1.9 2.4-2.9 5-3 7.7V57c0 3 1 5.6 3 7.7s4.5 3.1 7.6 3.1c3.6 0 6.3-1.3 8.1-3.9 1.8-2.7 2.7-5.9 2.7-9.6zm69.2 18.5h-13.2v-7.2c-1.2 2.2-2.8 4.1-4.9 5.6-2.1 1.6-4.8 2.4-8.3 2.4-4.8 0-8.7-1.6-11.6-4.9-2.9-3.2-4.3-7.7-4.3-13.3 0-5 1.3-9.6 4-13.7 2.6-4.1 6.9-6.2 12.8-6.2 5.7 0 9.8 2.2 12.3 6.5V22.3h-8.6v-5.6h15.8v50.6h6v5.5zM493.2 56v-4.4c-.1-3-1.2-5.5-3.2-7.3s-4.4-2.8-7.2-2.8c-3.6 0-6.3 1.3-8.2 3.9-1.9 2.6-2.8 5.8-2.8 9.6 0 4.1 1 7.3 3 9.5s4.5 3.3 7.4 3.3c3.2 0 5.8-1.3 7.8-3.8 2.1-2.6 3.1-5.3 3.2-8zm53.1-1.4c0 5.6-1.8 10.2-5.3 13.7s-8.2 5.3-13.9 5.3-10.1-1.7-13.4-5.1c-3.3-3.4-5-7.9-5-13.5 0-5.3 1.6-9.9 4.7-13.7 3.2-3.8 7.9-5.7 14.2-5.7s11 1.9 14.1 5.7c3 3.7 4.6 8.1 4.6 13.3zm-7.7-.2c0-4-1-7.2-3-9.5s-4.8-3.5-8.2-3.5c-3.6 0-6.4 1.2-8.3 3.7s-2.9 5.6-2.9 9.5c0 3.7.9 6.8 2.8 9.4 1.9 2.6 4.6 3.9 8.3 3.9 3.6 0 6.4-1.3 8.4-3.8 1.9-2.6 2.9-5.8 2.9-9.7zm45 5.8c-.4 3.2-1.9 6.3-4.4 9.1-2.5 2.9-6.4 4.3-11.8 4.3-5.2 0-9.4-1.6-12.6-4.8-3.2-3.2-4.8-7.7-4.8-13.7 0-5.5 1.6-10.1 4.7-13.9 3.2-3.8 7.6-5.7 13.2-5.7 2.3 0 4.6.3 6.7.8 2.2.5 4.2 1.5 6.2 2.9l1.5 9.5-5.9.7-1.3-6.1c-2.1-1.2-4.5-1.8-7.2-1.8-3.5 0-6.1 1.2-7.7 3.7-1.7 2.5-2.5 5.7-2.5 9.6 0 4.1.9 7.3 2.7 9.5 1.8 2.3 4.4 3.4 7.8 3.4 5.2 0 8.2-2.9 9.2-8.8l6.2 1.3zm34.7 1.9c0 3.6-1.5 6.5-4.6 8.5s-7 3-11.7 3c-5.7 0-10.6-1.2-14.6-3.6l1.2-8.8 5.7.6-.2 4.7c1.1.5 2.3.9 3.6 1.1s2.6.3 3.9.3c2.4 0 4.5-.4 6.5-1.3 1.9-.9 2.9-2.2 2.9-4.1 0-1.8-.8-3.1-2.3-3.8s-3.5-1.3-5.8-1.7-4.6-.9-6.9-1.4c-2.3-.6-4.2-1.6-5.7-2.9-1.6-1.4-2.3-3.5-2.3-6.3 0-4.1 1.5-6.9 4.6-8.5s6.4-2.4 9.9-2.4c2.6 0 5 .3 7.2.9 2.2.6 4.3 1.4 6.1 2.4l.8 8.8-5.8.7-.8-5.7c-2.3-1-4.7-1.6-7.2-1.6-2.1 0-3.7.4-5.1 1.1-1.3.8-2 2-2 3.8 0 1.7.8 2.9 2.3 3.6 1.5.7 3.4 1.2 5.7 1.6 2.2.4 4.5.8 6.7 1.4 2.2.6 4.1 1.6 5.7 3 1.4 1.6 2.2 3.7 2.2 6.6zM197.6 73.2h-17.1v-5.5h3.8V51.9c0-3.7-.7-6.3-2.1-7.9-1.4-1.6-3.3-2.3-5.7-2.3-3.2 0-5.6 1.1-7.2 3.4s-2.4 4.6-2.5 6.9v15.6h6v5.5h-17.1v-5.5h3.8V51.9c0-3.8-.7-6.4-2.1-7.9-1.4-1.5-3.3-2.3-5.6-2.3-3.2 0-5.5 1.1-7.2 3.3-1.6 2.2-2.4 4.5-2.5 6.9v15.8h6.9v5.5h-20.2v-5.5h6V42.4h-6.1v-5.6h13.4v6.4c1.2-2.1 2.7-3.8 4.7-5.2 2-1.3 4.4-2 7.3-2s5.3.7 7.5 2.1c2.2 1.4 3.7 3.5 4.5 6.4 1.1-2.5 2.7-4.5 4.9-6.1s4.8-2.4 7.9-2.4c3.5 0 6.5 1.1 8.9 3.3s3.7 5.6 3.7 10.2v18.2h6.1v5.5zm42.5 0h-13.2V66c-1.2 2.2-2.8 4.1-4.9 5.6-2.1 1.6-4.8 2.4-8.3 2.4-4.8 0-8.7-1.6-11.6-4.9-2.9-3.2-4.3-7.7-4.3-13.3 0-5 1.3-9.6 4-13.7 2.6-4.1 6.9-6.2 12.8-6.2s9.8 2.2 12.3 6.5V22.7h-8.6v-5.6h15.8v50.6h6v5.5zm-13.3-16.8V52c-.1-3-1.2-5.5-3.2-7.3s-4.4-2.8-7.2-2.8c-3.6 0-6.3 1.3-8.2 3.9-1.9 2.6-2.8 5.8-2.8 9.6 0 4.1 1 7.3 3 9.5s4.5 3.3 7.4 3.3c3.2 0 5.8-1.3 7.8-3.8 2.1-2.6 3.1-5.3 3.2-8zm61.5 16.8H269v-5.5h6V51.9c0-3.7-.7-6.3-2.2-7.9-1.4-1.6-3.4-2.3-5.7-2.3-3.1 0-5.6 1-7.4 3s-2.8 4.4-2.9 7v15.9h6v5.5h-19.3v-5.5h6V42.4h-6.2v-5.6h13.6V43c2.6-4.6 6.8-6.9 12.7-6.9 3.6 0 6.7 1.1 9.2 3.3s3.7 5.6 3.7 10.2v18.2h6v5.4h-.2z" class="logo-text"></path></svg></a><button title="Open main menu" type="button" class="button action has-icon main-menu-toggle" aria-haspopup="menu" aria-label="Open main menu" aria-expanded="false"><span class="button-wrap"><span class="icon icon-menu "></span><span class="visually-hidden">Open main menu</span></span></button></div><div class="top-navigation-main"><nav class="main-nav" aria-label="Main menu"><ul class="main-menu nojs"><li class="top-level-entry-container active"><button type="button" id="references-button" class="top-level-entry menu-toggle" aria-controls="references-menu" aria-expanded="false">References</button><a href="/en-US/docs/Web" class="top-level-entry">References</a><ul id="references-menu" class="submenu references hidden inline-submenu-lg" aria-labelledby="references-button"><li class="apis-link-container mobile-only "><a href="/en-US/docs/Web" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">Overview / Web Technology</div><p class="submenu-item-description">Web technology reference for developers</p></div></a></li><li class="html-link-container "><a href="/en-US/docs/Web/HTML" class="submenu-item "><div class="submenu-icon html"></div><div class="submenu-content-container"><div class="submenu-item-heading">HTML</div><p class="submenu-item-description">Structure of content on the web</p></div></a></li><li class="css-link-container "><a href="/en-US/docs/Web/CSS" class="submenu-item "><div class="submenu-icon css"></div><div class="submenu-content-container"><div class="submenu-item-heading">CSS</div><p class="submenu-item-description">Code used to describe document style</p></div></a></li><li class="javascript-link-container "><a href="/en-US/docs/Web/JavaScript" class="submenu-item "><div class="submenu-icon javascript"></div><div class="submenu-content-container"><div class="submenu-item-heading">JavaScript</div><p class="submenu-item-description">General-purpose scripting language</p></div></a></li><li class="http-link-container "><a href="/en-US/docs/Web/HTTP" class="submenu-item "><div class="submenu-icon http"></div><div class="submenu-content-container"><div class="submenu-item-heading">HTTP</div><p class="submenu-item-description">Protocol for transmitting web resources</p></div></a></li><li class="apis-link-container "><a href="/en-US/docs/Web/API" class="submenu-item "><div class="submenu-icon apis"></div><div class="submenu-content-container"><div class="submenu-item-heading">Web APIs</div><p class="submenu-item-description">Interfaces for building web applications</p></div></a></li><li class="apis-link-container "><a href="/en-US/docs/Mozilla/Add-ons/WebExtensions" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">Web Extensions</div><p class="submenu-item-description">Developing extensions for web browsers</p></div></a></li><li class="apis-link-container desktop-only "><a href="/en-US/docs/Web" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">Web Technology</div><p class="submenu-item-description">Web technology reference for developers</p></div></a></li></ul></li><li class="top-level-entry-container "><button type="button" id="guides-button" class="top-level-entry menu-toggle" aria-controls="guides-menu" aria-expanded="false">Guides</button><a href="/en-US/docs/Learn" class="top-level-entry">Guides</a><ul id="guides-menu" class="submenu guides hidden inline-submenu-lg" aria-labelledby="guides-button"><li class="apis-link-container mobile-only "><a href="/en-US/docs/Learn" class="submenu-item "><div class="submenu-icon learn"></div><div class="submenu-content-container"><div class="submenu-item-heading">Overview / MDN Learning Area</div><p class="submenu-item-description">Learn web development</p></div></a></li><li class="apis-link-container desktop-only "><a href="/en-US/docs/Learn" class="submenu-item "><div class="submenu-icon learn"></div><div class="submenu-content-container"><div class="submenu-item-heading">MDN Learning Area</div><p class="submenu-item-description">Learn web development</p></div></a></li><li class="html-link-container "><a href="/en-US/docs/Learn/HTML" class="submenu-item "><div class="submenu-icon html"></div><div class="submenu-content-container"><div class="submenu-item-heading">HTML</div><p class="submenu-item-description">Learn to structure web content with HTML</p></div></a></li><li class="css-link-container "><a href="/en-US/docs/Learn/CSS" class="submenu-item "><div class="submenu-icon css"></div><div class="submenu-content-container"><div class="submenu-item-heading">CSS</div><p class="submenu-item-description">Learn to style content using CSS</p></div></a></li><li class="javascript-link-container "><a href="/en-US/docs/Learn/JavaScript" class="submenu-item "><div class="submenu-icon javascript"></div><div class="submenu-content-container"><div class="submenu-item-heading">JavaScript</div><p class="submenu-item-description">Learn to run scripts in the browser</p></div></a></li><li class=" "><a href="/en-US/docs/Web/Accessibility" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">Accessibility</div><p class="submenu-item-description">Learn to make the web accessible to all</p></div></a></li></ul></li><li class="top-level-entry-container "><button type="button" id="mdn-plus-button" class="top-level-entry menu-toggle" aria-controls="mdn-plus-menu" aria-expanded="false">Plus</button><a href="/en-US/plus" class="top-level-entry">Plus</a><ul id="mdn-plus-menu" class="submenu mdn-plus hidden inline-submenu-lg" aria-labelledby="mdn-plus-button"><li class=" "><a href="/en-US/plus" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">Overview</div><p class="submenu-item-description">A customized MDN experience</p></div></a></li><li class=" "><a href="/en-US/plus/ai-help" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">AI Help</div><p class="submenu-item-description">Get real-time assistance and support</p></div></a></li><li class=" "><a href="/en-US/plus/updates" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">Updates</div><p class="submenu-item-description">All browser compatibility updates at a glance</p></div></a></li><li class=" "><a href="/en-US/plus/docs/features/overview" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">Documentation</div><p class="submenu-item-description">Learn how to use MDN Plus</p></div></a></li><li class=" "><a href="/en-US/plus/docs/faq" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">FAQ</div><p class="submenu-item-description">Frequently asked questions about MDN Plus</p></div></a></li></ul></li><li class="top-level-entry-container "><a class="top-level-entry menu-link" href="/en-US/curriculum/">Curriculum <sup class="new">New</sup></a></li><li class="top-level-entry-container "><a class="top-level-entry menu-link" href="/en-US/blog/">Blog</a></li><li class="top-level-entry-container "><button type="button" id="tools-button" class="top-level-entry menu-toggle" aria-controls="tools-menu" aria-expanded="false">Tools</button><ul id="tools-menu" class="submenu tools hidden inline-submenu-lg" aria-labelledby="tools-button"><li class=" "><a href="/en-US/play" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">Playground</div><p class="submenu-item-description">Write, test and share your code</p></div></a></li><li class=" "><a href="/en-US/observatory" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">HTTP Observatory</div><p class="submenu-item-description">Scan a website for free</p></div></a></li><li class=" "><a href="/en-US/plus/ai-help" class="submenu-item "><div class="submenu-icon"></div><div class="submenu-content-container"><div class="submenu-item-heading">AI Help</div><p class="submenu-item-description">Get real-time assistance and support</p></div></a></li></ul></li></ul></nav><div class="header-search"><form action="/en-US/search" class="search-form search-widget" id="top-nav-search-form" role="search"><label id="top-nav-search-label" for="top-nav-search-input" class="visually-hidden">Search MDN</label><input aria-activedescendant="" aria-autocomplete="list" aria-controls="top-nav-search-menu" aria-expanded="false" aria-labelledby="top-nav-search-label" autoComplete="off" id="top-nav-search-input" role="combobox" type="search" class="search-input-field" name="q" placeholder="   " required="" value=""/><button type="button" class="button action has-icon clear-search-button"><span class="button-wrap"><span class="icon icon-cancel "></span><span class="visually-hidden">Clear search input</span></span></button><button type="submit" class="button action has-icon search-button"><span class="button-wrap"><span class="icon icon-search "></span><span class="visually-hidden">Search</span></span></button><div id="top-nav-search-menu" role="listbox" aria-labelledby="top-nav-search-label"></div></form></div><div class="theme-switcher-menu"><button type="button" class="button action has-icon theme-switcher-menu small" aria-haspopup="menu"><span class="button-wrap"><span class="icon icon-theme-os-default "></span>Theme</span></button></div><ul class="auth-container"><li><a href="/users/fxa/login/authenticate/?next=%2Fen-US%2Fdocs%2FWeb%2FHTTP%2FOverview" class="login-link" rel="nofollow">Log in</a></li><li><a href="/users/fxa/login/authenticate/?next=%2Fen-US%2Fdocs%2FWeb%2FHTTP%2FOverview" target="_self" rel="nofollow" class="button primary mdn-plus-subscribe-link"><span class="button-wrap">Sign up for free</span></a></li></ul></div></div></header><div class="article-actions-container"><div class="container"><button type="button" class="button action has-icon sidebar-button" aria-label="Expand sidebar" aria-expanded="false" aria-controls="sidebar-quicklinks"><span class="button-wrap"><span class="icon icon-sidebar "></span></span></button><nav class="breadcrumbs-container" aria-label="Breadcrumb"><ol typeof="BreadcrumbList" vocab="https://schema.org/" aria-label="breadcrumbs"><li property="itemListElement" typeof="ListItem"><a href="/en-US/docs/Web" class="breadcrumb" property="item" typeof="WebPage"><span property="name">References</span></a><meta property="position" content="1"/></li><li property="itemListElement" typeof="ListItem"><a href="/en-US/docs/Web/HTTP" class="breadcrumb" property="item" typeof="WebPage"><span property="name">HTTP</span></a><meta property="position" content="2"/></li><li property="itemListElement" typeof="ListItem"><a href="/en-US/docs/Web/HTTP/Overview" class="breadcrumb-current-page" property="item" typeof="WebPage"><span property="name">An overview of HTTP</span></a><meta property="position" content="3"/></li></ol></nav><div class="article-actions"><button type="button" class="button action has-icon article-actions-toggle" aria-label="Article actions"><span class="button-wrap"><span class="icon icon-ellipses "></span><span class="article-actions-dialog-heading">Article Actions</span></span></button><ul class="article-actions-entries"><li class="article-actions-entry"><div class="languages-switcher-menu open-on-focus-within"><button id="languages-switcher-button" type="button" class="button action small has-icon languages-switcher-menu" aria-haspopup="menu"><span class="button-wrap"><span class="icon icon-language "></span>English (US)</span></button><div class="hidden"><ul class="submenu language-menu " aria-labelledby="language-menu-button"><li class=" "><form class="submenu-item locale-redirect-setting"><div class="group"><label class="switch"><input type="checkbox" name="locale-redirect"/><span class="slider"></span><span class="label">Remember language</span></label><a href="https://github.com/orgs/mdn/discussions/739" rel="external noopener noreferrer" target="_blank" title="Enable this setting to automatically switch to this language when it&#x27;s available. (Click to learn more.)"><span class="icon icon-question-mark "></span></a></div></form></li><li class=" "><a data-locale="de" href="/de/docs/Web/HTTP/Overview" class="button submenu-item"><span>Deutsch</span><span title="Diese Übersetzung ist Teil eines Experiments."><span class="icon icon-experimental "></span></span></a></li><li class=" "><a data-locale="es" href="/es/docs/Web/HTTP/Overview" class="button submenu-item"><span>Español</span></a></li><li class=" "><a data-locale="fr" href="/fr/docs/Web/HTTP/Overview" class="button submenu-item"><span>Français</span></a></li><li class=" "><a data-locale="ja" href="/ja/docs/Web/HTTP/Overview" class="button submenu-item"><span>日本語</span></a></li><li class=" "><a data-locale="ko" href="/ko/docs/Web/HTTP/Overview" class="button submenu-item"><span>한국어</span></a></li><li class=" "><a data-locale="pt-BR" href="/pt-BR/docs/Web/HTTP/Overview" class="button submenu-item"><span>Português (do Brasil)</span></a></li><li class=" "><a data-locale="ru" href="/ru/docs/Web/HTTP/Overview" class="button submenu-item"><span>Русский</span></a></li><li class=" "><a data-locale="zh-CN" href="/zh-CN/docs/Web/HTTP/Overview" class="button submenu-item"><span>中文 (简体)</span></a></li></ul></div></div></li></ul></div></div></div></div><div class="main-wrapper"><div class="sidebar-container"><aside id="sidebar-quicklinks" class="sidebar" data-macro="HTTPSidebar"><button type="button" class="button action backdrop" aria-label="Collapse sidebar"><span class="button-wrap"></span></button><nav aria-label="Related Topics" class="sidebar-inner"><header class="sidebar-actions"><section class="sidebar-filter-container"><div class="sidebar-filter "><label id="sidebar-filter-label" class="sidebar-filter-label" for="sidebar-filter-input"><span class="icon icon-filter"></span><span class="visually-hidden">Filter sidebar</span></label><input id="sidebar-filter-input" autoComplete="off" class="sidebar-filter-input-field false" type="text" placeholder="Filter" value=""/><button type="button" class="button action has-icon clear-sidebar-filter-button"><span class="button-wrap"><span class="icon icon-cancel "></span><span class="visually-hidden">Clear filter input</span></span></button></div></section></header><div class="sidebar-inner-nav"><div class="in-nav-toc"><div class="document-toc-container"><section class="document-toc"><header><h2 class="document-toc-heading">In this article</h2></header><ul class="document-toc-list"><li class="document-toc-item "><a class="document-toc-link" href="#components_of_http-based_systems">Components of HTTP-based systems</a></li><li class="document-toc-item "><a class="document-toc-link" href="#basic_aspects_of_http">Basic aspects of HTTP</a></li><li class="document-toc-item "><a class="document-toc-link" href="#what_can_be_controlled_by_http">What can be controlled by HTTP</a></li><li class="document-toc-item "><a class="document-toc-link" href="#http_flow">HTTP flow</a></li><li class="document-toc-item "><a class="document-toc-link" href="#http_messages">HTTP Messages</a></li><li class="document-toc-item "><a class="document-toc-link" href="#apis_based_on_http">APIs based on HTTP</a></li><li class="document-toc-item "><a class="document-toc-link" href="#conclusion">Conclusion</a></li></ul></section></div></div><div class="sidebar-body"> <ol> <li class="section"><a href="/en-US/docs/Web/HTTP">HTTP</a></li> <li class="section no-link">Guides</li> <li><em><a href="/en-US/docs/Web/HTTP/Overview" aria-current="page">An overview of HTTP</a></em></li> <li><a href="/en-US/docs/Web/HTTP/Session">A typical HTTP session</a></li> <li><a href="/en-US/docs/Web/HTTP/Messages">HTTP messages</a></li> <li><a href="/en-US/docs/Web/HTTP/MIME_types">MIME types (IANA media types)</a></li> <li><a href="/en-US/docs/Web/HTTP/Compression">Compression in HTTP</a></li> <li><a href="/en-US/docs/Web/HTTP/Caching">HTTP caching</a></li> <li><a href="/en-US/docs/Web/HTTP/Authentication">HTTP authentication</a></li> <li><a href="/en-US/docs/Web/HTTP/Cookies">Using HTTP cookies</a></li> <li><a href="/en-US/docs/Web/HTTP/Redirections">Redirections in HTTP</a></li> <li><a href="/en-US/docs/Web/HTTP/Conditional_requests">HTTP conditional requests</a></li> <li><a href="/en-US/docs/Web/HTTP/Range_requests">HTTP range requests</a></li> <li><a href="/en-US/docs/Web/HTTP/Content_negotiation">Content negotiation</a></li> <li><a href="/en-US/docs/Web/HTTP/Connection_management_in_HTTP_1.x">Connection management in HTTP/1.x</a></li> <li><a href="/en-US/docs/Web/HTTP/Evolution_of_HTTP">Evolution of HTTP</a></li> <li><a href="/en-US/docs/Web/HTTP/Protocol_upgrade_mechanism">Protocol upgrade mechanism</a></li> <li><a href="/en-US/docs/Web/HTTP/Proxy_servers_and_tunneling">Proxy servers and tunneling</a></li> <li><a href="/en-US/docs/Web/HTTP/Client_hints">HTTP Client hints</a></li> <li class="toggle"> <details> <summary>Security and privacy</summary> <ol> <li><a href="/en-US/docs/Web/Security/Practical_implementation_guides">Practical security implementation guides</a></li> <li><a href="/en-US/observatory">HTTP Observatory</a></li> <li><a href="/en-US/docs/Web/HTTP/Permissions_Policy">Permissions Policy</a></li> <li><a href="/en-US/docs/Web/HTTP/CSP">Content Security Policy (CSP)</a></li> <li><a href="/en-US/docs/Web/HTTP/CORS">Cross-Origin Resource Sharing (CORS)</a></li> <li><a href="/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy">Cross-Origin Resource Policy (CORP)</a></li> <li><a href="/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security">Strict-Transport-Security</a></li> </ol> </details> </li> <li class="section no-link">References</li> <li class="toggle"> <details> <summary>HTTP headers</summary> <ol><li><a href="/en-US/docs/Web/HTTP/Headers/Accept"><code>Accept</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Accept-CH"><code>Accept-CH</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Accept-Encoding"><code>Accept-Encoding</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Accept-Language"><code>Accept-Language</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Accept-Patch"><code>Accept-Patch</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Accept-Post"><code>Accept-Post</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Accept-Ranges"><code>Accept-Ranges</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials"><code>Access-Control-Allow-Credentials</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers"><code>Access-Control-Allow-Headers</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods"><code>Access-Control-Allow-Methods</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin"><code>Access-Control-Allow-Origin</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers"><code>Access-Control-Expose-Headers</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age"><code>Access-Control-Max-Age</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers"><code>Access-Control-Request-Headers</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method"><code>Access-Control-Request-Method</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Age"><code>Age</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Allow"><code>Allow</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Alt-Svc"><code>Alt-Svc</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Alt-Used"><code>Alt-Used</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Attribution-Reporting-Eligible"><code>Attribution-Reporting-Eligible</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Attribution-Reporting-Register-Source"><code>Attribution-Reporting-Register-Source</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Attribution-Reporting-Register-Trigger"><code>Attribution-Reporting-Register-Trigger</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Authorization"><code>Authorization</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Cache-Control"><code>Cache-Control</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Clear-Site-Data"><code>Clear-Site-Data</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Connection"><code>Connection</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Digest"><code>Content-Digest</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Disposition"><code>Content-Disposition</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-DPR"><code>Content-DPR</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Encoding"><code>Content-Encoding</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Language"><code>Content-Language</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Length"><code>Content-Length</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Location"><code>Content-Location</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Range"><code>Content-Range</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy"><code>Content-Security-Policy</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only"><code>Content-Security-Policy-Report-Only</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Type"><code>Content-Type</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Cookie"><code>Cookie</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Critical-CH"><code>Critical-CH</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy"><code>Cross-Origin-Embedder-Policy</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy"><code>Cross-Origin-Opener-Policy</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy"><code>Cross-Origin-Resource-Policy</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Date"><code>Date</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Device-Memory"><code>Device-Memory</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Digest"><code>Digest</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/DNT"><code>DNT</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Downlink"><code>Downlink</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/DPR"><code>DPR</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Early-Data"><code>Early-Data</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/ECT"><code>ECT</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/ETag"><code>ETag</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Expect"><code>Expect</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Expect-CT"><code>Expect-CT</code></a><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Expires"><code>Expires</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Forwarded"><code>Forwarded</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/From"><code>From</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Host"><code>Host</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/If-Match"><code>If-Match</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/If-Modified-Since"><code>If-Modified-Since</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/If-None-Match"><code>If-None-Match</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/If-Range"><code>If-Range</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/If-Unmodified-Since"><code>If-Unmodified-Since</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Keep-Alive"><code>Keep-Alive</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Last-Modified"><code>Last-Modified</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Link"><code>Link</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Location"><code>Location</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Max-Forwards"><code>Max-Forwards</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/NEL"><code>NEL</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/No-Vary-Search"><code>No-Vary-Search</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Observe-Browsing-Topics"><code>Observe-Browsing-Topics</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Origin"><code>Origin</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Origin-Agent-Cluster"><code>Origin-Agent-Cluster</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy"><code>Permissions-Policy</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Pragma"><code>Pragma</code></a><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Priority"><code>Priority</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Proxy-Authenticate"><code>Proxy-Authenticate</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Proxy-Authorization"><code>Proxy-Authorization</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Range"><code>Range</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Referer"><code>Referer</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Referrer-Policy"><code>Referrer-Policy</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Refresh"><code>Refresh</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Report-To"><code>Report-To</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Reporting-Endpoints"><code>Reporting-Endpoints</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Repr-Digest"><code>Repr-Digest</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Retry-After"><code>Retry-After</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/RTT"><code>RTT</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Save-Data"><code>Save-Data</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-Browsing-Topics"><code>Sec-Browsing-Topics</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-Prefers-Color-Scheme"><code>Sec-CH-Prefers-Color-Scheme</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-Prefers-Reduced-Motion"><code>Sec-CH-Prefers-Reduced-Motion</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-Prefers-Reduced-Transparency"><code>Sec-CH-Prefers-Reduced-Transparency</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-UA"><code>Sec-CH-UA</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Arch"><code>Sec-CH-UA-Arch</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Bitness"><code>Sec-CH-UA-Bitness</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Full-Version"><code>Sec-CH-UA-Full-Version</code></a><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Full-Version-List"><code>Sec-CH-UA-Full-Version-List</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Mobile"><code>Sec-CH-UA-Mobile</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Model"><code>Sec-CH-UA-Model</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Platform"><code>Sec-CH-UA-Platform</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Platform-Version"><code>Sec-CH-UA-Platform-Version</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Dest"><code>Sec-Fetch-Dest</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Mode"><code>Sec-Fetch-Mode</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Site"><code>Sec-Fetch-Site</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-Fetch-User"><code>Sec-Fetch-User</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-GPC"><code>Sec-GPC</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-Purpose"><code>Sec-Purpose</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Accept"><code>Sec-WebSocket-Accept</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Extensions"><code>Sec-WebSocket-Extensions</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Key"><code>Sec-WebSocket-Key</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Protocol"><code>Sec-WebSocket-Protocol</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Version"><code>Sec-WebSocket-Version</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Server"><code>Server</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Server-Timing"><code>Server-Timing</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Service-Worker-Navigation-Preload"><code>Service-Worker-Navigation-Preload</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Set-Cookie"><code>Set-Cookie</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Set-Login"><code>Set-Login</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/SourceMap"><code>SourceMap</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Speculation-Rules"><code>Speculation-Rules</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security"><code>Strict-Transport-Security</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Supports-Loading-Mode"><code>Supports-Loading-Mode</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/TE"><code>TE</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Timing-Allow-Origin"><code>Timing-Allow-Origin</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Tk"><code>Tk</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Trailer"><code>Trailer</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Transfer-Encoding"><code>Transfer-Encoding</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Upgrade"><code>Upgrade</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests"><code>Upgrade-Insecure-Requests</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/User-Agent"><code>User-Agent</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Vary"><code>Vary</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Via"><code>Via</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Viewport-Width"><code>Viewport-Width</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Want-Content-Digest"><code>Want-Content-Digest</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Want-Digest"><code>Want-Digest</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Want-Repr-Digest"><code>Want-Repr-Digest</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Warning"><code>Warning</code></a><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Width"><code>Width</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/WWW-Authenticate"><code>WWW-Authenticate</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options"><code>X-Content-Type-Options</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control"><code>X-DNS-Prefetch-Control</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/X-Forwarded-For"><code>X-Forwarded-For</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host"><code>X-Forwarded-Host</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto"><code>X-Forwarded-Proto</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/X-Frame-Options"><code>X-Frame-Options</code></a><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/X-XSS-Protection"><code>X-XSS-Protection</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr></li></ol> </details> </li> <li class="toggle"> <details> <summary>HTTP request methods</summary> <ol><li><a href="/en-US/docs/Web/HTTP/Methods/CONNECT"><code>CONNECT</code></a></li><li><a href="/en-US/docs/Web/HTTP/Methods/DELETE"><code>DELETE</code></a></li><li><a href="/en-US/docs/Web/HTTP/Methods/GET"><code>GET</code></a></li><li><a href="/en-US/docs/Web/HTTP/Methods/HEAD"><code>HEAD</code></a></li><li><a href="/en-US/docs/Web/HTTP/Methods/OPTIONS"><code>OPTIONS</code></a></li><li><a href="/en-US/docs/Web/HTTP/Methods/PATCH"><code>PATCH</code></a></li><li><a href="/en-US/docs/Web/HTTP/Methods/POST"><code>POST</code></a></li><li><a href="/en-US/docs/Web/HTTP/Methods/PUT"><code>PUT</code></a></li><li><a href="/en-US/docs/Web/HTTP/Methods/TRACE"><code>TRACE</code></a></li></ol> </details> </li> <li class="toggle"> <details> <summary>HTTP response status codes</summary> <ol><li><a href="/en-US/docs/Web/HTTP/Status/100"><code>100 Continue</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/101"><code>101 Switching Protocols</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/102"><code>102 Processing</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/103"><code>103 Early Hints</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/200"><code>200 OK</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/201"><code>201 Created</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/202"><code>202 Accepted</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/203"><code>203 Non-Authoritative Information</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/204"><code>204 No Content</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/205"><code>205 Reset Content</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/206"><code>206 Partial Content</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/207"><code>207 Multi-Status</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/208"><code>208 Already Reported</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/226"><code>226 IM Used</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/300"><code>300 Multiple Choices</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/301"><code>301 Moved Permanently</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/302"><code>302 Found</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/303"><code>303 See Other</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/304"><code>304 Not Modified</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/307"><code>307 Temporary Redirect</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/308"><code>308 Permanent Redirect</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/400"><code>400 Bad Request</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/401"><code>401 Unauthorized</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/402"><code>402 Payment Required</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/403"><code>403 Forbidden</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/404"><code>404 Not Found</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/405"><code>405 Method Not Allowed</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/406"><code>406 Not Acceptable</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/407"><code>407 Proxy Authentication Required</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/408"><code>408 Request Timeout</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/409"><code>409 Conflict</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/410"><code>410 Gone</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/411"><code>411 Length Required</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/412"><code>412 Precondition Failed</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/413"><code>413 Content Too Large</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/414"><code>414 URI Too Long</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/415"><code>415 Unsupported Media Type</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/416"><code>416 Range Not Satisfiable</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/417"><code>417 Expectation Failed</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/418"><code>418 I'm a teapot</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/421"><code>421 Misdirected Request</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/422"><code>422 Unprocessable Content</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/423"><code>423 Locked</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/424"><code>424 Failed Dependency</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/425"><code>425 Too Early</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/426"><code>426 Upgrade Required</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/428"><code>428 Precondition Required</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/429"><code>429 Too Many Requests</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/431"><code>431 Request Header Fields Too Large</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/451"><code>451 Unavailable For Legal Reasons</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/500"><code>500 Internal Server Error</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/501"><code>501 Not Implemented</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/502"><code>502 Bad Gateway</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/503"><code>503 Service Unavailable</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/504"><code>504 Gateway Timeout</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/505"><code>505 HTTP Version Not Supported</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/506"><code>506 Variant Also Negotiates</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/507"><code>507 Insufficient Storage</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/508"><code>508 Loop Detected</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/510"><code>510 Not Extended</code></a></li><li><a href="/en-US/docs/Web/HTTP/Status/511"><code>511 Network Authentication Required</code></a></li></ol> </details> </li> <li class="toggle"> <details> <summary>CSP directives</summary> <ol><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/base-uri"><code>CSP: base-uri</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/block-all-mixed-content"><code>CSP: block-all-mixed-content</code></a><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/child-src"><code>CSP: child-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/connect-src"><code>CSP: connect-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src"><code>CSP: default-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/fenced-frame-src"><code>CSP: fenced-frame-src</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src"><code>CSP: font-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action"><code>CSP: form-action</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors"><code>CSP: frame-ancestors</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src"><code>CSP: frame-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/img-src"><code>CSP: img-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/manifest-src"><code>CSP: manifest-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/media-src"><code>CSP: media-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/object-src"><code>CSP: object-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/prefetch-src"><code>CSP: prefetch-src</code></a><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to"><code>CSP: report-to</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri"><code>CSP: report-uri</code></a><abbr class="icon icon-deprecated" title="Deprecated. Not for use in new websites."> <span class="visually-hidden">Deprecated</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/require-trusted-types-for"><code>CSP: require-trusted-types-for</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox"><code>CSP: sandbox</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src"><code>CSP: script-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src-attr"><code>CSP: script-src-attr</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src-elem"><code>CSP: script-src-elem</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src"><code>CSP: style-src</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src-attr"><code>CSP: style-src-attr</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src-elem"><code>CSP: style-src-elem</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/trusted-types"><code>CSP: trusted-types</code></a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests"><code>CSP: upgrade-insecure-requests</code></a></li><li><a href="/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/worker-src"><code>CSP: worker-src</code></a></li></ol> </details> </li> <li class="toggle"> <details> <summary>CORS errors</summary> <ol><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSDisabled">Reason: CORS disabled</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSAllowOriginNotMatchingOrigin">Reason: CORS header 'Access-Control-Allow-Origin' does not match 'xyz'</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSMissingAllowOrigin">Reason: CORS header 'Access-Control-Allow-Origin' missing</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSOriginHeaderNotAdded">Reason: CORS header 'Origin' cannot be added</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSPreflightDidNotSucceed">Reason: CORS preflight channel did not succeed</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSDidNotSucceed">Reason: CORS request did not succeed</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSExternalRedirectNotAllowed">Reason: CORS request external redirect not allowed</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp">Reason: CORS request not HTTP</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSNotSupportingCredentials">Reason: Credential is not supported if the CORS header 'Access-Control-Allow-Origin' is '*'</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSMethodNotFound">Reason: Did not find method in CORS header 'Access-Control-Allow-Methods'</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSMIssingAllowCredentials">Reason: expected 'true' in CORS header 'Access-Control-Allow-Credentials'</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSInvalidAllowHeader">Reason: invalid token 'xyz' in CORS header 'Access-Control-Allow-Headers'</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSInvalidAllowMethod">Reason: invalid token 'xyz' in CORS header 'Access-Control-Allow-Methods'</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSMissingAllowHeaderFromPreflight">Reason: missing token 'xyz' in CORS header 'Access-Control-Allow-Headers' from CORS preflight channel</a></li><li><a href="/en-US/docs/Web/HTTP/CORS/Errors/CORSMultipleAllowOriginNotAllowed">Reason: Multiple CORS header 'Access-Control-Allow-Origin' not allowed</a></li></ol> </details> </li> <li class="toggle"> <details> <summary>Permissions-Policy directives</summary> <ol><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/accelerometer">Permissions-Policy: accelerometer</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/ambient-light-sensor">Permissions-Policy: ambient-light-sensor</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/attribution-reporting">Permissions-Policy: attribution-reporting</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/autoplay">Permissions-Policy: autoplay</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/bluetooth">Permissions-Policy: bluetooth</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/browsing-topics">Permissions-Policy: browsing-topics</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr><abbr class="icon icon-nonstandard" title="Non-standard. Check cross-browser support before using."> <span class="visually-hidden">Non-standard</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/camera">Permissions-Policy: camera</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/compute-pressure">Permissions-Policy: compute-pressure</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/display-capture">Permissions-Policy: display-capture</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/document-domain">Permissions-Policy: document-domain</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/encrypted-media">Permissions-Policy: encrypted-media</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/fullscreen">Permissions-Policy: fullscreen</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/gamepad">Permissions-Policy: gamepad</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/geolocation">Permissions-Policy: geolocation</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/gyroscope">Permissions-Policy: gyroscope</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/hid">Permissions-Policy: hid</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/identity-credentials-get">Permissions-Policy: identity-credentials-get</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/idle-detection">Permissions-Policy: idle-detection</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/local-fonts">Permissions-Policy: local-fonts</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/magnetometer">Permissions-Policy: magnetometer</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/microphone">Permissions-Policy: microphone</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/midi">Permissions-Policy: midi</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/otp-credentials">Permissions-Policy: otp-credentials</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/payment">Permissions-Policy: payment</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/picture-in-picture">Permissions-Policy: picture-in-picture</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/publickey-credentials-create">Permissions-Policy: publickey-credentials-create</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/publickey-credentials-get">Permissions-Policy: publickey-credentials-get</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/screen-wake-lock">Permissions-Policy: screen-wake-lock</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/serial">Permissions-Policy: serial</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/speaker-selection">Permissions-Policy: speaker-selection</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/storage-access">Permissions-Policy: storage-access</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/usb">Permissions-Policy: usb</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/web-share">Permissions-Policy: web-share</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/window-management">Permissions-Policy: window-management</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li><li><a href="/en-US/docs/Web/HTTP/Headers/Permissions-Policy/xr-spatial-tracking">Permissions-Policy: xr-spatial-tracking</a><abbr class="icon icon-experimental" title="Experimental. Expect behavior to change in the future."> <span class="visually-hidden">Experimental</span> </abbr></li></ol> </details> </li> <li><a href="/en-US/docs/Web/HTTP/Resources_and_specifications">HTTP resources and specifications</a></li> </ol> </div></div><section class="place side"></section></nav></aside><div class="toc-container"><aside class="toc"><nav><div class="document-toc-container"><section class="document-toc"><header><h2 class="document-toc-heading">In this article</h2></header><ul class="document-toc-list"><li class="document-toc-item "><a class="document-toc-link" href="#components_of_http-based_systems">Components of HTTP-based systems</a></li><li class="document-toc-item "><a class="document-toc-link" href="#basic_aspects_of_http">Basic aspects of HTTP</a></li><li class="document-toc-item "><a class="document-toc-link" href="#what_can_be_controlled_by_http">What can be controlled by HTTP</a></li><li class="document-toc-item "><a class="document-toc-link" href="#http_flow">HTTP flow</a></li><li class="document-toc-item "><a class="document-toc-link" href="#http_messages">HTTP Messages</a></li><li class="document-toc-item "><a class="document-toc-link" href="#apis_based_on_http">APIs based on HTTP</a></li><li class="document-toc-item "><a class="document-toc-link" href="#conclusion">Conclusion</a></li></ul></section></div></nav></aside><section class="place side"></section></div></div><main id="content" class="main-content "><article class="main-page-content" lang="en-US"><header><h1>An overview of HTTP</h1></header><div class="section-content"><p> <strong>HTTP</strong> is a <a href="/en-US/docs/Glossary/Protocol">protocol</a> for fetching resources such as HTML documents. It is the foundation of any data exchange on the Web and it is a client-server protocol, which means requests are initiated by the recipient, usually the Web browser. A complete document is typically constructed from resources such as text content, layout instructions, images, videos, scripts, and more. </p> <p> <img src="https://mdn.github.io/shared-assets/images/diagrams/http/overview/fetching-a-page.svg" alt="A single Web document composed from multiple resources from different servers." loading="lazy"> </p> <p> Clients and servers communicate by exchanging individual messages (as opposed to a stream of data). The messages sent by the client are called <em>requests</em> and the messages sent by the server as an answer are called <em>responses</em>. </p> <p> <img src="https://mdn.github.io/shared-assets/images/diagrams/http/overview/http-layers.svg" alt="HTTP as an application layer protocol, on top of TCP (transport layer) and IP (network layer) and below the presentation layer." loading="lazy"> </p> <p> Designed in the early 1990s, HTTP is an extensible protocol which has evolved over time. It is an application layer protocol that is sent over <a href="/en-US/docs/Glossary/TCP">TCP</a>, or over a <a href="/en-US/docs/Glossary/TLS">TLS</a>-encrypted TCP connection, though any reliable transport protocol could theoretically be used. Due to its extensibility, it is used to not only fetch hypertext documents, but also images and videos or to post content to servers, like with HTML form results. HTTP can also be used to fetch parts of documents to update Web pages on demand. </p></div><section aria-labelledby="components_of_http-based_systems"><h2 id="components_of_http-based_systems"><a href="#components_of_http-based_systems">Components of HTTP-based systems</a></h2><div class="section-content"><p> HTTP is a client-server protocol: requests are sent by one entity, the user-agent (or a proxy on behalf of it). Most of the time the user-agent is a Web browser, but it can be anything, for example, a robot that crawls the Web to populate and maintain a search engine index. </p> <p> Each individual request is sent to a server, which handles it and provides an answer called the <em>response</em>. Between the client and the server there are numerous entities, collectively called <a href="/en-US/docs/Glossary/Proxy_server">proxies</a>, which perform different operations and act as gateways or <a href="/en-US/docs/Glossary/Cache">caches</a>, for example. </p> <p> <img src="https://mdn.github.io/shared-assets/images/diagrams/http/overview/client-server-chain.svg" alt="A HTTP request from a client forwarded by several proxies to a server and a response taking the same route back to the client." loading="lazy"> </p> <p> In reality, there are more computers between a browser and the server handling the request: there are routers, modems, and more. Thanks to the layered design of the Web, these are hidden in the network and transport layers. HTTP is on top, at the application layer. Although important for diagnosing network problems, the underlying layers are mostly irrelevant to the description of HTTP. </p></div></section><section aria-labelledby="client_the_user-agent"><h3 id="client_the_user-agent"><a href="#client_the_user-agent">Client: the user-agent</a></h3><div class="section-content"><p> The <em>user-agent</em> is any tool that acts on behalf of the user. This role is primarily performed by the Web browser, but it may also be performed by programs used by engineers and Web developers to debug their applications. </p> <p> The browser is <strong>always</strong> the entity initiating the request. It is never the server (though some mechanisms have been added over the years to simulate server-initiated messages). </p> <p> To display a Web page, the browser sends an original request to fetch the HTML document that represents the page. It then parses this file, making additional requests corresponding to execution scripts, layout information (CSS) to display, and sub-resources contained within the page (usually images and videos). The Web browser then combines these resources to present the complete document, the Web page. Scripts executed by the browser can fetch more resources in later phases and the browser updates the Web page accordingly. </p> <p> A Web page is a hypertext document. This means some parts of the displayed content are links, which can be activated (usually by a click of the mouse) to fetch a new Web page, allowing the user to direct their user-agent and navigate through the Web. The browser translates these directions into HTTP requests, and further interprets the HTTP responses to present the user with a clear response. </p></div></section><section aria-labelledby="the_web_server"><h3 id="the_web_server"><a href="#the_web_server">The Web server</a></h3><div class="section-content"><p> On the opposite side of the communication channel is the server, which <em>serves</em> the document as requested by the client. A server appears as only a single machine virtually; but it may actually be a collection of servers sharing the load (load balancing), or other software (such as caches, a database server, or e-commerce servers), totally or partially generating the document on demand. </p> <p> A server is not necessarily a single machine, but several server software instances can be hosted on the same machine. With HTTP/1.1 and the <a href="/en-US/docs/Web/HTTP/Headers/Host"><code>Host</code></a> header, they may even share the same IP address. </p></div></section><section aria-labelledby="proxies"><h3 id="proxies"><a href="#proxies">Proxies</a></h3><div class="section-content"><p> Between the Web browser and the server, numerous computers and machines relay the HTTP messages. Due to the layered structure of the Web stack, most of these operate at the transport, network or physical levels, becoming transparent at the HTTP layer and potentially having a significant impact on performance. Those operating at the application layers are generally called <strong>proxies</strong>. These can be transparent, forwarding on the requests they receive without altering them in any way, or non-transparent, in which case they will change the request in some way before passing it along to the server. Proxies may perform numerous functions: </p> <ul> <li>caching (the cache can be public or private, like the browser cache)</li> <li>filtering (like an antivirus scan or parental controls)</li> <li>load balancing (to allow multiple servers to serve different requests)</li> <li>authentication (to control access to different resources)</li> <li>logging (allowing the storage of historical information)</li> </ul></div></section><section aria-labelledby="basic_aspects_of_http"><h2 id="basic_aspects_of_http"><a href="#basic_aspects_of_http">Basic aspects of HTTP</a></h2><div class="section-content"></div></section><section aria-labelledby="http_is_simple"><h3 id="http_is_simple"><a href="#http_is_simple">HTTP is simple</a></h3><div class="section-content"><p> HTTP is generally designed to be simple and human-readable, even with the added complexity introduced in HTTP/2 by encapsulating HTTP messages into frames. HTTP messages can be read and understood by humans, providing easier testing for developers, and reduced complexity for newcomers. </p></div></section><section aria-labelledby="http_is_extensible"><h3 id="http_is_extensible"><a href="#http_is_extensible">HTTP is extensible</a></h3><div class="section-content"><p> Introduced in HTTP/1.0, <a href="/en-US/docs/Web/HTTP/Headers">HTTP headers</a> make this protocol easy to extend and experiment with. New functionality can even be introduced by an agreement between a client and a server about a new header's semantics. </p></div></section><section aria-labelledby="http_is_stateless_but_not_sessionless"><h3 id="http_is_stateless_but_not_sessionless"><a href="#http_is_stateless_but_not_sessionless">HTTP is stateless, but not sessionless</a></h3><div class="section-content"><p> HTTP is stateless: there is no link between two requests being successively carried out on the same connection. This immediately has the prospect of being problematic for users attempting to interact with certain pages coherently, for example, using e-commerce shopping baskets. But while the core of HTTP itself is stateless, HTTP cookies allow the use of stateful sessions. Using header extensibility, HTTP Cookies are added to the workflow, allowing session creation on each HTTP request to share the same context, or the same state. </p></div></section><section aria-labelledby="http_and_connections"><h3 id="http_and_connections"><a href="#http_and_connections">HTTP and connections</a></h3><div class="section-content"><p> A connection is controlled at the transport layer, and therefore fundamentally out of scope for HTTP. HTTP doesn't require the underlying transport protocol to be connection-based; it only requires it to be <em>reliable</em>, or not lose messages (at minimum, presenting an error in such cases). Among the two most common transport protocols on the Internet, TCP is reliable and UDP isn't. HTTP therefore relies on the TCP standard, which is connection-based. </p> <p> Before a client and server can exchange an HTTP request/response pair, they must establish a TCP connection, a process which requires several round-trips. The default behavior of HTTP/1.0 is to open a separate TCP connection for each HTTP request/response pair. This is less efficient than sharing a single TCP connection when multiple requests are sent in close succession. </p> <p> In order to mitigate this flaw, HTTP/1.1 introduced <em>pipelining</em> (which proved difficult to implement) and <em>persistent connections</em>: the underlying TCP connection can be partially controlled using the <a href="/en-US/docs/Web/HTTP/Headers/Connection"><code>Connection</code></a> header. HTTP/2 went a step further by multiplexing messages over a single connection, helping keep the connection warm and more efficient. </p> <p> Experiments are in progress to design a better transport protocol more suited to HTTP. For example, Google is experimenting with <a href="https://en.wikipedia.org/wiki/QUIC" class="external" target="_blank">QUIC</a> which builds on UDP to provide a more reliable and efficient transport protocol. </p></div></section><section aria-labelledby="what_can_be_controlled_by_http"><h2 id="what_can_be_controlled_by_http"><a href="#what_can_be_controlled_by_http">What can be controlled by HTTP</a></h2><div class="section-content"><p> This extensible nature of HTTP has, over time, allowed for more control and functionality of the Web. Cache and authentication methods were functions handled early in HTTP history. The ability to relax the <em>origin constraint</em>, by contrast, was only added in the 2010s. </p> <p>Here is a list of common features controllable with HTTP:</p> <ul> <li> <em><a href="/en-US/docs/Web/HTTP/Caching">Caching</a></em>: How documents are cached can be controlled by HTTP. The server can instruct proxies and clients about what to cache and for how long. The client can instruct intermediate cache proxies to ignore the stored document. </li> <li> <em>Relaxing the origin constraint</em>: To prevent snooping and other privacy invasions, Web browsers enforce strict separation between websites. Only pages from the <strong>same origin</strong> can access all the information of a Web page. Though such a constraint is a burden to the server, HTTP headers can relax this strict separation on the server side, allowing a document to become a patchwork of information sourced from different domains; there could even be security-related reasons to do so. </li> <li> <em>Authentication</em>: Some pages may be protected so that only specific users can access them. Basic authentication may be provided by HTTP, either using the <a href="/en-US/docs/Web/HTTP/Headers/WWW-Authenticate"><code>WWW-Authenticate</code></a> and similar headers, or by setting a specific session using <a href="/en-US/docs/Web/HTTP/Cookies">HTTP cookies</a>. </li> <li> <em><a href="/en-US/docs/Web/HTTP/Proxy_servers_and_tunneling">Proxy and tunneling</a></em>: Servers or clients are often located on intranets and hide their true IP address from other computers. HTTP requests then go through proxies to cross this network barrier. Not all proxies are HTTP proxies. The SOCKS protocol, for example, operates at a lower level. Other protocols, like ftp, can be handled by these proxies. </li> <li> <em>Sessions</em>: Using HTTP cookies allows you to link requests with the state of the server. This creates sessions, despite basic HTTP being a state-less protocol. This is useful not only for e-commerce shopping baskets, but also for any site allowing user configuration of the output. </li> </ul></div></section><section aria-labelledby="http_flow"><h2 id="http_flow"><a href="#http_flow">HTTP flow</a></h2><div class="section-content"><p>When a client wants to communicate with a server, either the final server or an intermediate proxy, it performs the following steps:</p> <ol> <li> <p> Open a TCP connection: The TCP connection is used to send a request, or several, and receive an answer. The client may open a new connection, reuse an existing connection, or open several TCP connections to the servers. </p> </li> <li> <p> Send an HTTP message: HTTP messages (before HTTP/2) are human-readable. With HTTP/2, these simple messages are encapsulated in frames, making them impossible to read directly, but the principle remains the same. For example: </p> <div class="code-example"><div class="example-header"><span class="language-name">http</span></div><pre class="brush: http notranslate"><code>GET / HTTP/1.1 Host: developer.mozilla.org Accept-Language: fr </code></pre></div> </li> <li> <p>Read the response sent by the server, such as:</p> <div class="code-example"><div class="example-header"><span class="language-name">http</span></div><pre class="brush: http notranslate"><code>HTTP/1.1 200 OK Date: Sat, 09 Oct 2010 14:28:02 GMT Server: Apache Last-Modified: Tue, 01 Dec 2009 20:18:22 GMT ETag: "51142bc1-7449-479b075b2891b" Accept-Ranges: bytes Content-Length: 29769 Content-Type: text/html &lt;!doctype html&gt;… (here come the 29769 bytes of the requested web page) </code></pre></div> </li> <li> <p>Close or reuse the connection for further requests.</p> </li> </ol> <p> If HTTP pipelining is activated, several requests can be sent without waiting for the first response to be fully received. HTTP pipelining has proven difficult to implement in existing networks, where old pieces of software coexist with modern versions. HTTP pipelining has been superseded in HTTP/2 with more robust multiplexing requests within a frame. </p></div></section><section aria-labelledby="http_messages"><h2 id="http_messages"><a href="#http_messages">HTTP Messages</a></h2><div class="section-content"><p> HTTP messages, as defined in HTTP/1.1 and earlier, are human-readable. In HTTP/2, these messages are embedded into a binary structure, a <em>frame</em>, allowing optimizations like compression of headers and multiplexing. Even if only part of the original HTTP message is sent in this version of HTTP, the semantics of each message is unchanged and the client reconstitutes (virtually) the original HTTP/1.1 request. It is therefore useful to comprehend HTTP/2 messages in the HTTP/1.1 format. </p> <p>There are two types of HTTP messages, requests and responses, each with its own format.</p></div></section><section aria-labelledby="requests"><h3 id="requests"><a href="#requests">Requests</a></h3><div class="section-content"><p>An example HTTP request:</p> <p> <img src="https://mdn.github.io/shared-assets/images/diagrams/http/overview/http-request.svg" alt="Overview of a HTTP GET request with headers" loading="lazy"> </p> <p>Requests consist of the following elements:</p> <ul> <li> An HTTP <a href="/en-US/docs/Web/HTTP/Methods">method</a>, usually a verb like <a href="/en-US/docs/Web/HTTP/Methods/GET"><code>GET</code></a>, <a href="/en-US/docs/Web/HTTP/Methods/POST"><code>POST</code></a>, or a noun like <a href="/en-US/docs/Web/HTTP/Methods/OPTIONS"><code>OPTIONS</code></a> or <a href="/en-US/docs/Web/HTTP/Methods/HEAD"><code>HEAD</code></a> that defines the operation the client wants to perform. Typically, a client wants to fetch a resource (using <code>GET</code>) or post the value of an <a href="/en-US/docs/Learn/Forms">HTML form</a> (using <code>POST</code>), though more operations may be needed in other cases. </li> <li>The path of the resource to fetch; the URL of the resource stripped from elements that are obvious from the context, for example without the <a href="/en-US/docs/Glossary/Protocol">protocol</a> (<code>http://</code>), the <a href="/en-US/docs/Glossary/Domain">domain</a> (here, <code>developer.mozilla.org</code>), or the TCP <a href="/en-US/docs/Glossary/Port">port</a> (here, <code>80</code>).</li> <li>The version of the HTTP protocol.</li> <li>Optional <a href="/en-US/docs/Web/HTTP/Headers">headers</a> that convey additional information for the servers.</li> <li>A body, for some methods like <code>POST</code>, similar to those in responses, which contain the resource sent.</li> </ul></div></section><section aria-labelledby="responses"><h3 id="responses"><a href="#responses">Responses</a></h3><div class="section-content"><p>An example response:</p> <p> <img src="https://mdn.github.io/shared-assets/images/diagrams/http/overview/http-response.svg" alt="Overview of a '200 OK' HTTP response to a GET request including response headers." loading="lazy"> </p> <p>Responses consist of the following elements:</p> <ul> <li>The version of the HTTP protocol they follow.</li> <li>A <a href="/en-US/docs/Web/HTTP/Status">status code</a>, indicating if the request was successful or not, and why.</li> <li>A status message, a non-authoritative short description of the status code.</li> <li>HTTP <a href="/en-US/docs/Web/HTTP/Headers">headers</a>, like those for requests.</li> <li>Optionally, a body containing the fetched resource.</li> </ul></div></section><section aria-labelledby="apis_based_on_http"><h2 id="apis_based_on_http"><a href="#apis_based_on_http">APIs based on HTTP</a></h2><div class="section-content"><p>The most commonly used API based on HTTP is the <a href="/en-US/docs/Web/API/Fetch_API">Fetch API</a>, which can be used to make HTTP requests from JavaScript. The Fetch API replaces the <a href="/en-US/docs/Web/API/XMLHttpRequest"><code>XMLHttpRequest</code></a> API.</p> <p> Another API, <a href="/en-US/docs/Web/API/Server-sent_events">server-sent events</a>, is a one-way service that allows a server to send events to the client, using HTTP as a transport mechanism. Using the <a href="/en-US/docs/Web/API/EventSource"><code>EventSource</code></a> interface, the client opens a connection and establishes event handlers. The client browser automatically converts the messages that arrive on the HTTP stream into appropriate <a href="/en-US/docs/Web/API/Event"><code>Event</code></a> objects. Then it delivers them to the event handlers that have been registered for the events' <a href="/en-US/docs/Web/API/Event/type" title="type"><code>type</code></a> if known, or to the <a href="/en-US/docs/Web/API/EventSource/message_event" title="onmessage"><code>onmessage</code></a> event handler if no type-specific event handler was established. </p></div></section><section aria-labelledby="conclusion"><h2 id="conclusion"><a href="#conclusion">Conclusion</a></h2><div class="section-content"><p> HTTP is an extensible protocol that is easy to use. The client-server structure, combined with the ability to add headers, allows HTTP to advance along with the extended capabilities of the Web. </p> <p> Though HTTP/2 adds some complexity by embedding HTTP messages in frames to improve performance, the basic structure of messages has stayed the same since HTTP/1.0. Session flow remains basic, allowing it to be investigated and debugged with a <a href="https://firefox-source-docs.mozilla.org/devtools-user/network_monitor/index.html" class="external" target="_blank">HTTP network monitor</a>. </p></div></section></article><aside class="article-footer"><div class="article-footer-inner"><div class="svg-container"><svg xmlns="http://www.w3.org/2000/svg" width="162" height="162" viewBox="0 0 162 162" fill="none" role="none"><mask id="b" fill="#fff"><path d="M97.203 47.04c8.113-7.886 18.004-13.871 28.906-17.492a78 78 0 0 1 33.969-3.39c11.443 1.39 22.401 5.295 32.024 11.411s17.656 14.28 23.476 23.86c5.819 9.579 9.269 20.318 10.083 31.385a69.85 69.85 0 0 1-5.387 32.44c-4.358 10.272-11.115 19.443-19.747 26.801-8.632 7.359-18.908 12.709-30.034 15.637l-6.17-21.698c7.666-2.017 14.746-5.703 20.694-10.773 5.948-5.071 10.603-11.389 13.606-18.467a48.14 48.14 0 0 0 3.712-22.352c-.561-7.625-2.938-15.025-6.948-21.625s-9.544-12.226-16.175-16.44-14.181-6.904-22.065-7.863a53.75 53.75 0 0 0-23.405 2.336c-7.513 2.495-14.327 6.62-19.918 12.053z"></path></mask><path stroke="url(#a)" stroke-dasharray="6, 6" stroke-width="2" d="M97.203 47.04c8.113-7.886 18.004-13.871 28.906-17.492a78 78 0 0 1 33.969-3.39c11.443 1.39 22.401 5.295 32.024 11.411s17.656 14.28 23.476 23.86c5.819 9.579 9.269 20.318 10.083 31.385a69.85 69.85 0 0 1-5.387 32.44c-4.358 10.272-11.115 19.443-19.747 26.801-8.632 7.359-18.908 12.709-30.034 15.637l-6.17-21.698c7.666-2.017 14.746-5.703 20.694-10.773 5.948-5.071 10.603-11.389 13.606-18.467a48.14 48.14 0 0 0 3.712-22.352c-.561-7.625-2.938-15.025-6.948-21.625s-9.544-12.226-16.175-16.44-14.181-6.904-22.065-7.863a53.75 53.75 0 0 0-23.405 2.336c-7.513 2.495-14.327 6.62-19.918 12.053z" mask="url(#b)" style="stroke:url(#a)" transform="translate(-63.992 -25.587)"></path><ellipse cx="8.066" cy="111.597" fill="var(--background-tertiary)" rx="53.677" ry="53.699" transform="matrix(.71707 -.697 .7243 .6895 0 0)"></ellipse><g clip-path="url(#c)" transform="translate(-63.992 -25.587)"><path fill="#9abff5" d="m144.256 137.379 32.906 12.434a4.41 4.41 0 0 1 2.559 5.667l-9.326 24.679a4.41 4.41 0 0 1-5.667 2.559l-8.226-3.108-2.332 6.17c-.466 1.233-.375 1.883-1.609 1.417l-2.253-.527c-.411-.155-.95-.594-1.206-1.161l-4.734-10.484-12.545-4.741a4.41 4.41 0 0 1-2.559-5.667l9.325-24.679a4.41 4.41 0 0 1 5.667-2.559m9.961 29.617 8.227 3.108 3.264-8.638-.498-6.768-4.113-1.555.548 7.258-4.319-1.632zm-12.339-4.663 8.226 3.108 3.264-8.637-.498-6.769-4.113-1.554.548 7.257-4.319-1.632z"></path></g><g clip-path="url(#d)" transform="translate(-63.992 -25.587)"><path fill="#81b0f3" d="M135.35 60.136 86.67 41.654c-3.346-1.27-7.124.428-8.394 3.775L64.414 81.938c-1.27 3.347.428 7.125 3.774 8.395l12.17 4.62-3.465 9.128c-.693 1.826-1.432 2.457.394 3.15l3.014 1.625c.609.231 1.637.274 2.477-.104l15.53-6.983 18.56 7.047c3.346 1.27 7.124-.428 8.395-3.775l13.862-36.51c1.27-3.346-.428-7.124-3.775-8.395M95.261 83.207l-12.17-4.62 4.852-12.779 7.19-7.017 6.085 2.31-7.725 7.51 6.389 2.426zm18.255 6.93-12.17-4.62 4.852-12.778 7.189-7.017 6.085 2.31-7.725 7.51 6.39 2.426z"></path></g><defs><clipPath id="c"><path fill="#fff" d="m198.638 146.586-65.056-24.583-24.583 65.057 65.056 24.582z"></path></clipPath><clipPath id="d"><path fill="#fff" d="m66.438 14.055 96.242 36.54-36.54 96.243-96.243-36.54z"></path></clipPath><linearGradient id="a" x1="97.203" x2="199.995" y1="47.04" y2="152.793" gradientUnits="userSpaceOnUse"><stop stop-color="#086DFC"></stop><stop offset="0.246" stop-color="#2C81FA"></stop><stop offset="0.516" stop-color="#5497F8"></stop><stop offset="0.821" stop-color="#80B0F6"></stop><stop offset="1" stop-color="#9ABFF5"></stop></linearGradient></defs></svg></div><h2>Help improve MDN</h2><fieldset class="feedback"><label>Was this page helpful to you?</label><div class="button-container"><button type="button" class="button primary has-icon yes"><span class="button-wrap"><span class="icon icon-thumbs-up "></span>Yes</span></button><button type="button" class="button primary has-icon no"><span class="button-wrap"><span class="icon icon-thumbs-down "></span>No</span></button></div></fieldset><a class="contribute" href="https://github.com/mdn/content/blob/main/CONTRIBUTING.md" title="This will take you to our contribution guidelines on GitHub." target="_blank" rel="noopener noreferrer">Learn how to contribute</a>.<p class="last-modified-date">This page was last modified on<!-- --> <time dateTime="2024-11-21T19:49:47.000Z">Nov 21, 2024</time> by<!-- --> <a href="/en-US/docs/Web/HTTP/Overview/contributors.txt" rel="nofollow">MDN contributors</a>.</p><div id="on-github" class="on-github"><a href="https://github.com/mdn/content/blob/main/files/en-us/web/http/overview/index.md?plain=1" title="Folder: en-us/web/http/overview (Opens in a new tab)" target="_blank" rel="noopener noreferrer">View this page on GitHub</a> <!-- -->•<!-- --> <a href="https://github.com/mdn/content/issues/new?template=page-report.yml&amp;mdn-url=https%3A%2F%2Fdeveloper.mozilla.org%2Fen-US%2Fdocs%2FWeb%2FHTTP%2FOverview&amp;metadata=%3C%21--+Do+not+make+changes+below+this+line+--%3E%0A%3Cdetails%3E%0A%3Csummary%3EPage+report+details%3C%2Fsummary%3E%0A%0A*+Folder%3A+%60en-us%2Fweb%2Fhttp%2Foverview%60%0A*+MDN+URL%3A+https%3A%2F%2Fdeveloper.mozilla.org%2Fen-US%2Fdocs%2FWeb%2FHTTP%2FOverview%0A*+GitHub+URL%3A+https%3A%2F%2Fgithub.com%2Fmdn%2Fcontent%2Fblob%2Fmain%2Ffiles%2Fen-us%2Fweb%2Fhttp%2Foverview%2Findex.md%0A*+Last+commit%3A+https%3A%2F%2Fgithub.com%2Fmdn%2Fcontent%2Fcommit%2F93b34fcdb9cf91ff44f5dfe7f4dcd13e961962da%0A*+Document+last+modified%3A+2024-11-21T19%3A49%3A47.000Z%0A%0A%3C%2Fdetails%3E" title="This will take you to GitHub to file a new issue." target="_blank" rel="noopener noreferrer">Report a problem with this content</a></div></div></aside></main></div></div><footer id="nav-footer" class="page-footer"><div class="page-footer-grid"><div class="page-footer-logo-col"><a href="/" class="mdn-footer-logo" aria-label="MDN homepage"><svg width="48" height="17" viewBox="0 0 48 17" fill="none" xmlns="http://www.w3.org/2000/svg"><title id="mdn-footer-logo-svg">MDN logo</title><path d="M20.04 16.512H15.504V10.416C15.504 9.488 15.344 8.824 15.024 8.424C14.72 8.024 14.264 7.824 13.656 7.824C12.92 7.824 12.384 8.064 12.048 8.544C11.728 9.024 11.568 9.64 11.568 10.392V14.184H13.008V16.512H8.472V10.416C8.472 9.488 8.312 8.824 7.992 8.424C7.688 8.024 7.232 7.824 6.624 7.824C5.872 7.824 5.336 8.064 5.016 8.544C4.696 9.024 4.536 9.64 4.536 10.392V14.184H6.6V16.512H0V14.184H1.44V8.04H0.024V5.688H4.536V7.32C5.224 6.088 6.32 5.472 7.824 5.472C8.608 5.472 9.328 5.664 9.984 6.048C10.64 6.432 11.096 7.016 11.352 7.8C11.992 6.248 13.168 5.472 14.88 5.472C15.856 5.472 16.72 5.776 17.472 6.384C18.224 6.992 18.6 7.936 18.6 9.216V14.184H20.04V16.512Z" fill="currentColor"></path><path d="M33.6714 16.512H29.1354V14.496C28.8314 15.12 28.3834 15.656 27.7914 16.104C27.1994 16.536 26.4154 16.752 25.4394 16.752C24.0154 16.752 22.8954 16.264 22.0794 15.288C21.2634 14.312 20.8554 12.984 20.8554 11.304C20.8554 9.688 21.2554 8.312 22.0554 7.176C22.8554 6.04 24.0634 5.472 25.6794 5.472C26.5594 5.472 27.2794 5.648 27.8394 6C28.3994 6.352 28.8314 6.8 29.1354 7.344V2.352H26.9754V0H32.2314V14.184H33.6714V16.512ZM29.1354 11.04V10.776C29.1354 9.88 28.8954 9.184 28.4154 8.688C27.9514 8.176 27.3674 7.92 26.6634 7.92C25.9754 7.92 25.3674 8.176 24.8394 8.688C24.3274 9.2 24.0714 10.008 24.0714 11.112C24.0714 12.152 24.3114 12.944 24.7914 13.488C25.2714 14.032 25.8394 14.304 26.4954 14.304C27.3114 14.304 27.9514 13.96 28.4154 13.272C28.8954 12.584 29.1354 11.84 29.1354 11.04Z" fill="currentColor"></path><path d="M47.9589 16.512H41.9829V14.184H43.4229V10.416C43.4229 9.488 43.2629 8.824 42.9429 8.424C42.6389 8.024 42.1829 7.824 41.5749 7.824C40.8389 7.824 40.2709 8.056 39.8709 8.52C39.4709 8.968 39.2629 9.56 39.2469 10.296V14.184H40.6869V16.512H34.7109V14.184H36.1509V8.04H34.5909V5.688H39.2469V7.344C39.9669 6.096 41.1269 5.472 42.7269 5.472C43.7509 5.472 44.6389 5.776 45.3909 6.384C46.1429 6.992 46.5189 7.936 46.5189 9.216V14.184H47.9589V16.512Z" fill="currentColor"></path></svg></a><p>Your blueprint for a better internet.</p><ul class="social-icons"><li><a href="https://mozilla.social/@mdn" target="_blank" rel="me noopener noreferrer"><span class="icon icon-mastodon"></span><span class="visually-hidden">MDN on Mastodon</span></a></li><li><a href="https://twitter.com/mozdevnet" target="_blank" rel="noopener noreferrer"><span class="icon icon-twitter-x"></span><span class="visually-hidden">MDN on X (formerly Twitter)</span></a></li><li><a href="https://github.com/mdn/" target="_blank" rel="noopener noreferrer"><span class="icon icon-github-mark-small"></span><span class="visually-hidden">MDN on GitHub</span></a></li><li><a href="/en-US/blog/rss.xml" target="_blank"><span class="icon icon-feed"></span><span class="visually-hidden">MDN Blog RSS Feed</span></a></li></ul></div><div class="page-footer-nav-col-1"><h2 class="footer-nav-heading">MDN</h2><ul class="footer-nav-list"><li class="footer-nav-item"><a href="/en-US/about">About</a></li><li class="footer-nav-item"><a href="/en-US/blog/">Blog</a></li><li class="footer-nav-item"><a href="https://www.mozilla.org/en-US/careers/listings/?team=ProdOps" target="_blank" rel="noopener noreferrer">Careers</a></li><li class="footer-nav-item"><a href="/en-US/advertising">Advertise with us</a></li></ul></div><div class="page-footer-nav-col-2"><h2 class="footer-nav-heading">Support</h2><ul class="footer-nav-list"><li class="footer-nav-item"><a class="footer-nav-link" href="https://support.mozilla.org/products/mdn-plus">Product help</a></li><li class="footer-nav-item"><a class="footer-nav-link" href="/en-US/docs/MDN/Community/Issues">Report an issue</a></li></ul></div><div class="page-footer-nav-col-3"><h2 class="footer-nav-heading">Our communities</h2><ul class="footer-nav-list"><li class="footer-nav-item"><a class="footer-nav-link" href="/en-US/community">MDN Community</a></li><li class="footer-nav-item"><a class="footer-nav-link" href="https://discourse.mozilla.org/c/mdn/236" target="_blank" rel="noopener noreferrer">MDN Forum</a></li><li class="footer-nav-item"><a class="footer-nav-link" href="/discord" target="_blank" rel="noopener noreferrer">MDN Chat</a></li></ul></div><div class="page-footer-nav-col-4"><h2 class="footer-nav-heading">Developers</h2><ul class="footer-nav-list"><li class="footer-nav-item"><a class="footer-nav-link" href="/en-US/docs/Web">Web Technologies</a></li><li class="footer-nav-item"><a class="footer-nav-link" href="/en-US/docs/Learn">Learn Web Development</a></li><li class="footer-nav-item"><a class="footer-nav-link" href="/en-US/plus">MDN Plus</a></li><li class="footer-nav-item"><a href="https://hacks.mozilla.org/" target="_blank" rel="noopener noreferrer">Hacks Blog</a></li></ul></div><div class="page-footer-moz"><a href="https://www.mozilla.org/" class="footer-moz-logo-link" target="_blank" rel="noopener noreferrer"><svg width="112" height="32" fill="none" xmlns="http://www.w3.org/2000/svg"><title id="mozilla-footer-logo-svg">Mozilla logo</title><path d="M41.753 14.218c-2.048 0-3.324 1.522-3.324 4.157 0 2.423 1.119 4.286 3.29 4.286 2.082 0 3.447-1.678 3.447-4.347 0-2.826-1.522-4.096-3.413-4.096Zm54.89 7.044c0 .901.437 1.618 1.645 1.618 1.427 0 2.949-1.024 3.044-3.352-.649-.095-1.365-.185-2.02-.185-1.426-.005-2.668.397-2.668 1.92Z" fill="currentColor"></path><path d="M0 0v32h111.908V0H0Zm32.56 25.426h-5.87v-7.884c0-2.423-.806-3.352-2.39-3.352-1.924 0-2.702 1.365-2.702 3.324v4.868h1.864v3.044h-5.864v-7.884c0-2.423-.806-3.352-2.39-3.352-1.924 0-2.702 1.365-2.702 3.324v4.868h2.669v3.044H6.642v-3.044h1.863v-7.918H6.642V11.42h5.864v2.11c.839-1.489 2.3-2.39 4.252-2.39 2.02 0 3.878.963 4.566 3.01.778-1.862 2.361-3.01 4.566-3.01 2.512 0 4.812 1.522 4.812 4.84v6.402h1.863v3.044h-.005Zm9.036.307c-4.314 0-7.296-2.635-7.296-7.106 0-4.096 2.484-7.481 7.514-7.481s7.481 3.38 7.481 7.29c0 4.472-3.228 7.297-7.699 7.297Zm22.578-.307H51.942l-.403-2.11 7.7-8.846h-4.376l-.621 2.17-2.888-.313.498-4.907h12.294l.313 2.11-7.767 8.852h4.533l.654-2.172 3.167.308-.872 4.908Zm7.99 0h-4.191v-5.03h4.19v5.03Zm0-8.976h-4.191v-5.03h4.19v5.03Zm2.618 8.976 6.054-21.358h3.945l-6.054 21.358h-3.945Zm8.136 0 6.048-21.358h3.945l-6.054 21.358h-3.939Zm21.486.307c-1.863 0-2.887-1.085-3.072-2.792-.805 1.427-2.232 2.792-4.498 2.792-2.02 0-4.314-1.085-4.314-4.006 0-3.447 3.323-4.253 6.518-4.253.778 0 1.584.034 2.3.124v-.465c0-1.427-.034-3.133-2.3-3.133-.84 0-1.488.061-2.143.402l-.453 1.578-3.195-.34.549-3.224c2.45-.996 3.692-1.27 5.992-1.27 3.01 0 5.556 1.55 5.556 4.75v6.083c0 .805.314 1.085.963 1.085.184 0 .375-.034.587-.095l.034 2.11a5.432 5.432 0 0 1-2.524.654Z" fill="currentColor"></path></svg></a><ul class="footer-moz-list"><li class="footer-moz-item"><a href="https://www.mozilla.org/privacy/websites/" class="footer-moz-link" target="_blank" rel="noopener noreferrer">Website Privacy Notice</a></li><li class="footer-moz-item"><a href="https://www.mozilla.org/privacy/websites/#cookies" class="footer-moz-link" target="_blank" rel="noopener noreferrer">Cookies</a></li><li class="footer-moz-item"><a href="https://www.mozilla.org/about/legal/terms/mozilla" class="footer-moz-link" target="_blank" rel="noopener noreferrer">Legal</a></li><li class="footer-moz-item"><a href="https://www.mozilla.org/about/governance/policies/participation/" class="footer-moz-link" target="_blank" rel="noopener noreferrer">Community Participation Guidelines</a></li></ul></div><div class="page-footer-legal"><p id="license" class="page-footer-legal-text">Visit<!-- --> <a href="https://www.mozilla.org" target="_blank" rel="noopener noreferrer">Mozilla Corporation’s</a> <!-- -->not-for-profit parent, the<!-- --> <a target="_blank" rel="noopener noreferrer" href="https://foundation.mozilla.org/">Mozilla Foundation</a>.<br/>Portions of this content are ©1998–<!-- -->2024<!-- --> by individual mozilla.org contributors. Content available under<!-- --> <a href="/en-US/docs/MDN/Writing_guidelines/Attrib_copyright_license">a Creative Commons license</a>.</p></div></div></footer></div><script type="application/json" id="hydration">{"url":"/en-US/docs/Web/HTTP/Overview","doc":{"isMarkdown":true,"isTranslated":false,"isActive":true,"flaws":{},"title":"An overview of HTTP","mdn_url":"/en-US/docs/Web/HTTP/Overview","locale":"en-US","native":"English (US)","sidebarHTML":"\n <ol>\n <li class=\"section\"><a href=\"/en-US/docs/Web/HTTP\">HTTP</a></li>\n <li class=\"section no-link\">Guides</li>\n <li><em><a href=\"/en-US/docs/Web/HTTP/Overview\" aria-current=\"page\">An overview of HTTP</a></em></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Session\">A typical HTTP session</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Messages\">HTTP messages</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/MIME_types\">MIME types (IANA media types)</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Compression\">Compression in HTTP</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Caching\">HTTP caching</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Authentication\">HTTP authentication</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Cookies\">Using HTTP cookies</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Redirections\">Redirections in HTTP</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Conditional_requests\">HTTP conditional requests</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Range_requests\">HTTP range requests</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Content_negotiation\">Content negotiation</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Connection_management_in_HTTP_1.x\">Connection management in HTTP/1.x</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Evolution_of_HTTP\">Evolution of HTTP</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Protocol_upgrade_mechanism\">Protocol upgrade mechanism</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Proxy_servers_and_tunneling\">Proxy servers and tunneling</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Client_hints\">HTTP Client hints</a></li>\n <li class=\"toggle\">\n <details>\n <summary>Security and privacy</summary>\n <ol>\n <li><a href=\"/en-US/docs/Web/Security/Practical_implementation_guides\">Practical security implementation guides</a></li>\n <li><a href=\"/en-US/observatory\">HTTP Observatory</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Permissions_Policy\">Permissions Policy</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/CSP\">Content Security Policy (CSP)</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/CORS\">Cross-Origin Resource Sharing (CORS)</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy\">Cross-Origin Resource Policy (CORP)</a></li>\n <li><a href=\"/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security\">Strict-Transport-Security</a></li>\n </ol>\n </details>\n </li>\n <li class=\"section no-link\">References</li>\n <li class=\"toggle\">\n <details>\n <summary>HTTP headers</summary>\n <ol><li><a href=\"/en-US/docs/Web/HTTP/Headers/Accept\"><code>Accept</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Accept-CH\"><code>Accept-CH</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Accept-Encoding\"><code>Accept-Encoding</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Accept-Language\"><code>Accept-Language</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Accept-Patch\"><code>Accept-Patch</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Accept-Post\"><code>Accept-Post</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Accept-Ranges\"><code>Accept-Ranges</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials\"><code>Access-Control-Allow-Credentials</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers\"><code>Access-Control-Allow-Headers</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods\"><code>Access-Control-Allow-Methods</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin\"><code>Access-Control-Allow-Origin</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers\"><code>Access-Control-Expose-Headers</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age\"><code>Access-Control-Max-Age</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers\"><code>Access-Control-Request-Headers</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method\"><code>Access-Control-Request-Method</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Age\"><code>Age</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Allow\"><code>Allow</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Alt-Svc\"><code>Alt-Svc</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Alt-Used\"><code>Alt-Used</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Attribution-Reporting-Eligible\"><code>Attribution-Reporting-Eligible</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Attribution-Reporting-Register-Source\"><code>Attribution-Reporting-Register-Source</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Attribution-Reporting-Register-Trigger\"><code>Attribution-Reporting-Register-Trigger</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Authorization\"><code>Authorization</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Cache-Control\"><code>Cache-Control</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Clear-Site-Data\"><code>Clear-Site-Data</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Connection\"><code>Connection</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Digest\"><code>Content-Digest</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Disposition\"><code>Content-Disposition</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-DPR\"><code>Content-DPR</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Encoding\"><code>Content-Encoding</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Language\"><code>Content-Language</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Length\"><code>Content-Length</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Location\"><code>Content-Location</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Range\"><code>Content-Range</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy\"><code>Content-Security-Policy</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only\"><code>Content-Security-Policy-Report-Only</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Type\"><code>Content-Type</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Cookie\"><code>Cookie</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Critical-CH\"><code>Critical-CH</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy\"><code>Cross-Origin-Embedder-Policy</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy\"><code>Cross-Origin-Opener-Policy</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy\"><code>Cross-Origin-Resource-Policy</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Date\"><code>Date</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Device-Memory\"><code>Device-Memory</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Digest\"><code>Digest</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/DNT\"><code>DNT</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Downlink\"><code>Downlink</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/DPR\"><code>DPR</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Early-Data\"><code>Early-Data</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/ECT\"><code>ECT</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/ETag\"><code>ETag</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Expect\"><code>Expect</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Expect-CT\"><code>Expect-CT</code></a><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Expires\"><code>Expires</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Forwarded\"><code>Forwarded</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/From\"><code>From</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Host\"><code>Host</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/If-Match\"><code>If-Match</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/If-Modified-Since\"><code>If-Modified-Since</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/If-None-Match\"><code>If-None-Match</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/If-Range\"><code>If-Range</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/If-Unmodified-Since\"><code>If-Unmodified-Since</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Keep-Alive\"><code>Keep-Alive</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Last-Modified\"><code>Last-Modified</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Link\"><code>Link</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Location\"><code>Location</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Max-Forwards\"><code>Max-Forwards</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/NEL\"><code>NEL</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/No-Vary-Search\"><code>No-Vary-Search</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Observe-Browsing-Topics\"><code>Observe-Browsing-Topics</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Origin\"><code>Origin</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Origin-Agent-Cluster\"><code>Origin-Agent-Cluster</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy\"><code>Permissions-Policy</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Pragma\"><code>Pragma</code></a><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Priority\"><code>Priority</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Proxy-Authenticate\"><code>Proxy-Authenticate</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Proxy-Authorization\"><code>Proxy-Authorization</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Range\"><code>Range</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Referer\"><code>Referer</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Referrer-Policy\"><code>Referrer-Policy</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Refresh\"><code>Refresh</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Report-To\"><code>Report-To</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Reporting-Endpoints\"><code>Reporting-Endpoints</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Repr-Digest\"><code>Repr-Digest</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Retry-After\"><code>Retry-After</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/RTT\"><code>RTT</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Save-Data\"><code>Save-Data</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-Browsing-Topics\"><code>Sec-Browsing-Topics</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-Prefers-Color-Scheme\"><code>Sec-CH-Prefers-Color-Scheme</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-Prefers-Reduced-Motion\"><code>Sec-CH-Prefers-Reduced-Motion</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-Prefers-Reduced-Transparency\"><code>Sec-CH-Prefers-Reduced-Transparency</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-UA\"><code>Sec-CH-UA</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Arch\"><code>Sec-CH-UA-Arch</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Bitness\"><code>Sec-CH-UA-Bitness</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Full-Version\"><code>Sec-CH-UA-Full-Version</code></a><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Full-Version-List\"><code>Sec-CH-UA-Full-Version-List</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Mobile\"><code>Sec-CH-UA-Mobile</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Model\"><code>Sec-CH-UA-Model</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Platform\"><code>Sec-CH-UA-Platform</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Platform-Version\"><code>Sec-CH-UA-Platform-Version</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Dest\"><code>Sec-Fetch-Dest</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Mode\"><code>Sec-Fetch-Mode</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Site\"><code>Sec-Fetch-Site</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-Fetch-User\"><code>Sec-Fetch-User</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-GPC\"><code>Sec-GPC</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-Purpose\"><code>Sec-Purpose</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Accept\"><code>Sec-WebSocket-Accept</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Extensions\"><code>Sec-WebSocket-Extensions</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Key\"><code>Sec-WebSocket-Key</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Protocol\"><code>Sec-WebSocket-Protocol</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Version\"><code>Sec-WebSocket-Version</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Server\"><code>Server</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Server-Timing\"><code>Server-Timing</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Service-Worker-Navigation-Preload\"><code>Service-Worker-Navigation-Preload</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Set-Cookie\"><code>Set-Cookie</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Set-Login\"><code>Set-Login</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/SourceMap\"><code>SourceMap</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Speculation-Rules\"><code>Speculation-Rules</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security\"><code>Strict-Transport-Security</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Supports-Loading-Mode\"><code>Supports-Loading-Mode</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/TE\"><code>TE</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Timing-Allow-Origin\"><code>Timing-Allow-Origin</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Tk\"><code>Tk</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Trailer\"><code>Trailer</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Transfer-Encoding\"><code>Transfer-Encoding</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Upgrade\"><code>Upgrade</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests\"><code>Upgrade-Insecure-Requests</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/User-Agent\"><code>User-Agent</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Vary\"><code>Vary</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Via\"><code>Via</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Viewport-Width\"><code>Viewport-Width</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Want-Content-Digest\"><code>Want-Content-Digest</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Want-Digest\"><code>Want-Digest</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Want-Repr-Digest\"><code>Want-Repr-Digest</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Warning\"><code>Warning</code></a><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Width\"><code>Width</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/WWW-Authenticate\"><code>WWW-Authenticate</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options\"><code>X-Content-Type-Options</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control\"><code>X-DNS-Prefetch-Control</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/X-Forwarded-For\"><code>X-Forwarded-For</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host\"><code>X-Forwarded-Host</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto\"><code>X-Forwarded-Proto</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/X-Frame-Options\"><code>X-Frame-Options</code></a><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/X-XSS-Protection\"><code>X-XSS-Protection</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr></li></ol>\n </details>\n </li>\n <li class=\"toggle\">\n <details>\n <summary>HTTP request methods</summary>\n <ol><li><a href=\"/en-US/docs/Web/HTTP/Methods/CONNECT\"><code>CONNECT</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Methods/DELETE\"><code>DELETE</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Methods/GET\"><code>GET</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Methods/HEAD\"><code>HEAD</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Methods/OPTIONS\"><code>OPTIONS</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Methods/PATCH\"><code>PATCH</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Methods/POST\"><code>POST</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Methods/PUT\"><code>PUT</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Methods/TRACE\"><code>TRACE</code></a></li></ol>\n </details>\n </li>\n <li class=\"toggle\">\n <details>\n <summary>HTTP response status codes</summary>\n <ol><li><a href=\"/en-US/docs/Web/HTTP/Status/100\"><code>100 Continue</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/101\"><code>101 Switching Protocols</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/102\"><code>102 Processing</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/103\"><code>103 Early Hints</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/200\"><code>200 OK</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/201\"><code>201 Created</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/202\"><code>202 Accepted</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/203\"><code>203 Non-Authoritative Information</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/204\"><code>204 No Content</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/205\"><code>205 Reset Content</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/206\"><code>206 Partial Content</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/207\"><code>207 Multi-Status</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/208\"><code>208 Already Reported</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/226\"><code>226 IM Used</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/300\"><code>300 Multiple Choices</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/301\"><code>301 Moved Permanently</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/302\"><code>302 Found</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/303\"><code>303 See Other</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/304\"><code>304 Not Modified</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/307\"><code>307 Temporary Redirect</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/308\"><code>308 Permanent Redirect</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/400\"><code>400 Bad Request</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/401\"><code>401 Unauthorized</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/402\"><code>402 Payment Required</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/403\"><code>403 Forbidden</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/404\"><code>404 Not Found</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/405\"><code>405 Method Not Allowed</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/406\"><code>406 Not Acceptable</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/407\"><code>407 Proxy Authentication Required</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/408\"><code>408 Request Timeout</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/409\"><code>409 Conflict</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/410\"><code>410 Gone</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/411\"><code>411 Length Required</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/412\"><code>412 Precondition Failed</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/413\"><code>413 Content Too Large</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/414\"><code>414 URI Too Long</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/415\"><code>415 Unsupported Media Type</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/416\"><code>416 Range Not Satisfiable</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/417\"><code>417 Expectation Failed</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/418\"><code>418 I'm a teapot</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/421\"><code>421 Misdirected Request</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/422\"><code>422 Unprocessable Content</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/423\"><code>423 Locked</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/424\"><code>424 Failed Dependency</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/425\"><code>425 Too Early</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/426\"><code>426 Upgrade Required</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/428\"><code>428 Precondition Required</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/429\"><code>429 Too Many Requests</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/431\"><code>431 Request Header Fields Too Large</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/451\"><code>451 Unavailable For Legal Reasons</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/500\"><code>500 Internal Server Error</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/501\"><code>501 Not Implemented</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/502\"><code>502 Bad Gateway</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/503\"><code>503 Service Unavailable</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/504\"><code>504 Gateway Timeout</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/505\"><code>505 HTTP Version Not Supported</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/506\"><code>506 Variant Also Negotiates</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/507\"><code>507 Insufficient Storage</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/508\"><code>508 Loop Detected</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/510\"><code>510 Not Extended</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Status/511\"><code>511 Network Authentication Required</code></a></li></ol>\n </details>\n </li>\n <li class=\"toggle\">\n <details>\n <summary>CSP directives</summary>\n <ol><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/base-uri\"><code>CSP: base-uri</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/block-all-mixed-content\"><code>CSP: block-all-mixed-content</code></a><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/child-src\"><code>CSP: child-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/connect-src\"><code>CSP: connect-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src\"><code>CSP: default-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/fenced-frame-src\"><code>CSP: fenced-frame-src</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src\"><code>CSP: font-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action\"><code>CSP: form-action</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors\"><code>CSP: frame-ancestors</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src\"><code>CSP: frame-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/img-src\"><code>CSP: img-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/manifest-src\"><code>CSP: manifest-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/media-src\"><code>CSP: media-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/object-src\"><code>CSP: object-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/prefetch-src\"><code>CSP: prefetch-src</code></a><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to\"><code>CSP: report-to</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri\"><code>CSP: report-uri</code></a><abbr class=\"icon icon-deprecated\" title=\"Deprecated. Not for use in new websites.\">\n <span class=\"visually-hidden\">Deprecated</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/require-trusted-types-for\"><code>CSP: require-trusted-types-for</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox\"><code>CSP: sandbox</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src\"><code>CSP: script-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src-attr\"><code>CSP: script-src-attr</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src-elem\"><code>CSP: script-src-elem</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src\"><code>CSP: style-src</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src-attr\"><code>CSP: style-src-attr</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src-elem\"><code>CSP: style-src-elem</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/trusted-types\"><code>CSP: trusted-types</code></a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests\"><code>CSP: upgrade-insecure-requests</code></a></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/worker-src\"><code>CSP: worker-src</code></a></li></ol>\n </details>\n </li>\n <li class=\"toggle\">\n <details>\n <summary>CORS errors</summary>\n <ol><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSDisabled\">Reason: CORS disabled</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSAllowOriginNotMatchingOrigin\">Reason: CORS header 'Access-Control-Allow-Origin' does not match 'xyz'</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSMissingAllowOrigin\">Reason: CORS header 'Access-Control-Allow-Origin' missing</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSOriginHeaderNotAdded\">Reason: CORS header 'Origin' cannot be added</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSPreflightDidNotSucceed\">Reason: CORS preflight channel did not succeed</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSDidNotSucceed\">Reason: CORS request did not succeed</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSExternalRedirectNotAllowed\">Reason: CORS request external redirect not allowed</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp\">Reason: CORS request not HTTP</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSNotSupportingCredentials\">Reason: Credential is not supported if the CORS header 'Access-Control-Allow-Origin' is '*'</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSMethodNotFound\">Reason: Did not find method in CORS header 'Access-Control-Allow-Methods'</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSMIssingAllowCredentials\">Reason: expected 'true' in CORS header 'Access-Control-Allow-Credentials'</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSInvalidAllowHeader\">Reason: invalid token 'xyz' in CORS header 'Access-Control-Allow-Headers'</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSInvalidAllowMethod\">Reason: invalid token 'xyz' in CORS header 'Access-Control-Allow-Methods'</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSMissingAllowHeaderFromPreflight\">Reason: missing token 'xyz' in CORS header 'Access-Control-Allow-Headers' from CORS preflight channel</a></li><li><a href=\"/en-US/docs/Web/HTTP/CORS/Errors/CORSMultipleAllowOriginNotAllowed\">Reason: Multiple CORS header 'Access-Control-Allow-Origin' not allowed</a></li></ol>\n </details>\n </li>\n <li class=\"toggle\">\n <details>\n <summary>Permissions-Policy directives</summary>\n <ol><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/accelerometer\">Permissions-Policy: accelerometer</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/ambient-light-sensor\">Permissions-Policy: ambient-light-sensor</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/attribution-reporting\">Permissions-Policy: attribution-reporting</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/autoplay\">Permissions-Policy: autoplay</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/bluetooth\">Permissions-Policy: bluetooth</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/browsing-topics\">Permissions-Policy: browsing-topics</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr><abbr class=\"icon icon-nonstandard\" title=\"Non-standard. Check cross-browser support before using.\">\n <span class=\"visually-hidden\">Non-standard</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/camera\">Permissions-Policy: camera</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/compute-pressure\">Permissions-Policy: compute-pressure</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/display-capture\">Permissions-Policy: display-capture</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/document-domain\">Permissions-Policy: document-domain</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/encrypted-media\">Permissions-Policy: encrypted-media</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/fullscreen\">Permissions-Policy: fullscreen</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/gamepad\">Permissions-Policy: gamepad</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/geolocation\">Permissions-Policy: geolocation</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/gyroscope\">Permissions-Policy: gyroscope</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/hid\">Permissions-Policy: hid</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/identity-credentials-get\">Permissions-Policy: identity-credentials-get</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/idle-detection\">Permissions-Policy: idle-detection</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/local-fonts\">Permissions-Policy: local-fonts</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/magnetometer\">Permissions-Policy: magnetometer</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/microphone\">Permissions-Policy: microphone</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/midi\">Permissions-Policy: midi</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/otp-credentials\">Permissions-Policy: otp-credentials</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/payment\">Permissions-Policy: payment</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/picture-in-picture\">Permissions-Policy: picture-in-picture</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/publickey-credentials-create\">Permissions-Policy: publickey-credentials-create</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/publickey-credentials-get\">Permissions-Policy: publickey-credentials-get</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/screen-wake-lock\">Permissions-Policy: screen-wake-lock</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/serial\">Permissions-Policy: serial</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/speaker-selection\">Permissions-Policy: speaker-selection</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/storage-access\">Permissions-Policy: storage-access</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/usb\">Permissions-Policy: usb</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/web-share\">Permissions-Policy: web-share</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/window-management\">Permissions-Policy: window-management</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li><li><a href=\"/en-US/docs/Web/HTTP/Headers/Permissions-Policy/xr-spatial-tracking\">Permissions-Policy: xr-spatial-tracking</a><abbr class=\"icon icon-experimental\" title=\"Experimental. Expect behavior to change in the future.\">\n <span class=\"visually-hidden\">Experimental</span>\n</abbr></li></ol>\n </details>\n </li>\n <li><a href=\"/en-US/docs/Web/HTTP/Resources_and_specifications\">HTTP resources and specifications</a></li>\n </ol>\n","sidebarMacro":"HTTPSidebar","body":[{"type":"prose","value":{"id":null,"title":null,"isH3":false,"content":"<p>\n <strong>HTTP</strong> is a <a href=\"/en-US/docs/Glossary/Protocol\">protocol</a> for fetching resources such as HTML documents.\n It is the foundation of any data exchange on the Web and it is a client-server protocol, which means requests are initiated by the recipient, usually the Web browser.\n A complete document is typically constructed from resources such as text content, layout instructions, images, videos, scripts, and more.\n</p>\n<p>\n <img src=\"https://mdn.github.io/shared-assets/images/diagrams/http/overview/fetching-a-page.svg\" alt=\"A single Web document composed from multiple resources from different servers.\" loading=\"lazy\">\n</p>\n<p>\n Clients and servers communicate by exchanging individual messages (as opposed to a stream of data).\n The messages sent by the client are called <em>requests</em> and the messages sent by the server as an answer are called <em>responses</em>.\n</p>\n<p>\n <img src=\"https://mdn.github.io/shared-assets/images/diagrams/http/overview/http-layers.svg\" alt=\"HTTP as an application layer protocol, on top of TCP (transport layer) and IP (network layer) and below the presentation layer.\" loading=\"lazy\">\n</p>\n<p>\n Designed in the early 1990s, HTTP is an extensible protocol which has evolved over time.\n It is an application layer protocol that is sent over <a href=\"/en-US/docs/Glossary/TCP\">TCP</a>, or over a <a href=\"/en-US/docs/Glossary/TLS\">TLS</a>-encrypted TCP connection, though any reliable transport protocol could theoretically be used.\n Due to its extensibility, it is used to not only fetch hypertext documents, but also images and videos or to post content to servers, like with HTML form results.\n HTTP can also be used to fetch parts of documents to update Web pages on demand.\n</p>"}},{"type":"prose","value":{"id":"components_of_http-based_systems","title":"Components of HTTP-based systems","isH3":false,"content":"<p>\n HTTP is a client-server protocol: requests are sent by one entity, the user-agent (or a proxy on behalf of it).\n Most of the time the user-agent is a Web browser, but it can be anything, for example, a robot that crawls the Web to populate and maintain a search engine index.\n</p>\n<p>\n Each individual request is sent to a server, which handles it and provides an answer called the <em>response</em>.\n Between the client and the server there are numerous entities, collectively called <a href=\"/en-US/docs/Glossary/Proxy_server\">proxies</a>, which perform different operations and act as gateways or <a href=\"/en-US/docs/Glossary/Cache\">caches</a>, for example.\n</p>\n<p>\n <img src=\"https://mdn.github.io/shared-assets/images/diagrams/http/overview/client-server-chain.svg\" alt=\"A HTTP request from a client forwarded by several proxies to a server and a response taking the same route back to the client.\" loading=\"lazy\">\n</p>\n<p>\n In reality, there are more computers between a browser and the server handling the request: there are routers, modems, and more.\n Thanks to the layered design of the Web, these are hidden in the network and transport layers.\n HTTP is on top, at the application layer.\n Although important for diagnosing network problems, the underlying layers are mostly irrelevant to the description of HTTP.\n</p>"}},{"type":"prose","value":{"id":"client_the_user-agent","title":"Client: the user-agent","isH3":true,"content":"<p>\n The <em>user-agent</em> is any tool that acts on behalf of the user.\n This role is primarily performed by the Web browser, but it may also be performed by programs used by engineers and Web developers to debug their applications.\n</p>\n<p>\n The browser is <strong>always</strong> the entity initiating the request.\n It is never the server (though some mechanisms have been added over the years to simulate server-initiated messages).\n</p>\n<p>\n To display a Web page, the browser sends an original request to fetch the HTML document that represents the page.\n It then parses this file, making additional requests corresponding to execution scripts, layout information (CSS) to display, and sub-resources contained within the page (usually images and videos).\n The Web browser then combines these resources to present the complete document, the Web page.\n Scripts executed by the browser can fetch more resources in later phases and the browser updates the Web page accordingly.\n</p>\n<p>\n A Web page is a hypertext document.\n This means some parts of the displayed content are links, which can be activated (usually by a click of the mouse) to fetch a new Web page, allowing the user to direct their user-agent and navigate through the Web.\n The browser translates these directions into HTTP requests, and further interprets the HTTP responses to present the user with a clear response.\n</p>"}},{"type":"prose","value":{"id":"the_web_server","title":"The Web server","isH3":true,"content":"<p>\n On the opposite side of the communication channel is the server, which <em>serves</em> the document as requested by the client.\n A server appears as only a single machine virtually; but it may actually be a collection of servers sharing the load (load balancing), or other software (such as caches, a database server, or e-commerce servers), totally or partially generating the document on demand.\n</p>\n<p>\n A server is not necessarily a single machine, but several server software instances can be hosted on the same machine.\n With HTTP/1.1 and the <a href=\"/en-US/docs/Web/HTTP/Headers/Host\"><code>Host</code></a> header, they may even share the same IP address.\n</p>"}},{"type":"prose","value":{"id":"proxies","title":"Proxies","isH3":true,"content":"<p>\n Between the Web browser and the server, numerous computers and machines relay the HTTP messages.\n Due to the layered structure of the Web stack, most of these operate at the transport, network or physical levels, becoming transparent at the HTTP layer and potentially having a significant impact on performance.\n Those operating at the application layers are generally called <strong>proxies</strong>.\n These can be transparent, forwarding on the requests they receive without altering them in any way, or non-transparent, in which case they will change the request in some way before passing it along to the server.\n Proxies may perform numerous functions:\n</p>\n<ul>\n <li>caching (the cache can be public or private, like the browser cache)</li>\n <li>filtering (like an antivirus scan or parental controls)</li>\n <li>load balancing (to allow multiple servers to serve different requests)</li>\n <li>authentication (to control access to different resources)</li>\n <li>logging (allowing the storage of historical information)</li>\n</ul>"}},{"type":"prose","value":{"id":"basic_aspects_of_http","title":"Basic aspects of HTTP","isH3":false,"content":""}},{"type":"prose","value":{"id":"http_is_simple","title":"HTTP is simple","isH3":true,"content":"<p>\n HTTP is generally designed to be simple and human-readable, even with the added complexity introduced in HTTP/2 by encapsulating HTTP messages into frames.\n HTTP messages can be read and understood by humans, providing easier testing for developers, and reduced complexity for newcomers.\n</p>"}},{"type":"prose","value":{"id":"http_is_extensible","title":"HTTP is extensible","isH3":true,"content":"<p>\n Introduced in HTTP/1.0, <a href=\"/en-US/docs/Web/HTTP/Headers\">HTTP headers</a> make this protocol easy to extend and experiment with.\n New functionality can even be introduced by an agreement between a client and a server about a new header's semantics.\n</p>"}},{"type":"prose","value":{"id":"http_is_stateless_but_not_sessionless","title":"HTTP is stateless, but not sessionless","isH3":true,"content":"<p>\n HTTP is stateless: there is no link between two requests being successively carried out on the same connection.\n This immediately has the prospect of being problematic for users attempting to interact with certain pages coherently, for example, using e-commerce shopping baskets.\n But while the core of HTTP itself is stateless, HTTP cookies allow the use of stateful sessions.\n Using header extensibility, HTTP Cookies are added to the workflow, allowing session creation on each HTTP request to share the same context, or the same state.\n</p>"}},{"type":"prose","value":{"id":"http_and_connections","title":"HTTP and connections","isH3":true,"content":"<p>\n A connection is controlled at the transport layer, and therefore fundamentally out of scope for HTTP.\n HTTP doesn't require the underlying transport protocol to be connection-based; it only requires it to be <em>reliable</em>, or not lose messages (at minimum, presenting an error in such cases).\n Among the two most common transport protocols on the Internet, TCP is reliable and UDP isn't.\n HTTP therefore relies on the TCP standard, which is connection-based.\n</p>\n<p>\n Before a client and server can exchange an HTTP request/response pair, they must establish a TCP connection, a process which requires several round-trips.\n The default behavior of HTTP/1.0 is to open a separate TCP connection for each HTTP request/response pair.\n This is less efficient than sharing a single TCP connection when multiple requests are sent in close succession.\n</p>\n<p>\n In order to mitigate this flaw, HTTP/1.1 introduced <em>pipelining</em> (which proved difficult to implement) and <em>persistent connections</em>: the underlying TCP connection can be partially controlled using the <a href=\"/en-US/docs/Web/HTTP/Headers/Connection\"><code>Connection</code></a> header.\n HTTP/2 went a step further by multiplexing messages over a single connection, helping keep the connection warm and more efficient.\n</p>\n<p>\n Experiments are in progress to design a better transport protocol more suited to HTTP.\n For example, Google is experimenting with <a href=\"https://en.wikipedia.org/wiki/QUIC\" class=\"external\" target=\"_blank\">QUIC</a> which builds on UDP to provide a more reliable and efficient transport protocol.\n</p>"}},{"type":"prose","value":{"id":"what_can_be_controlled_by_http","title":"What can be controlled by HTTP","isH3":false,"content":"<p>\n This extensible nature of HTTP has, over time, allowed for more control and functionality of the Web.\n Cache and authentication methods were functions handled early in HTTP history.\n The ability to relax the <em>origin constraint</em>, by contrast, was only added in the 2010s.\n</p>\n<p>Here is a list of common features controllable with HTTP:</p>\n<ul>\n <li>\n <em><a href=\"/en-US/docs/Web/HTTP/Caching\">Caching</a></em>:\n How documents are cached can be controlled by HTTP.\n The server can instruct proxies and clients about what to cache and for how long.\n The client can instruct intermediate cache proxies to ignore the stored document.\n </li>\n <li>\n <em>Relaxing the origin constraint</em>:\n To prevent snooping and other privacy invasions, Web browsers enforce strict separation between websites.\n Only pages from the <strong>same origin</strong> can access all the information of a Web page.\n Though such a constraint is a burden to the server, HTTP headers can relax this strict separation on the server side, allowing a document to become a patchwork of information sourced from different domains; there could even be security-related reasons to do so.\n </li>\n <li>\n <em>Authentication</em>:\n Some pages may be protected so that only specific users can access them.\n Basic authentication may be provided by HTTP, either using the <a href=\"/en-US/docs/Web/HTTP/Headers/WWW-Authenticate\"><code>WWW-Authenticate</code></a> and similar headers, or by setting a specific session using <a href=\"/en-US/docs/Web/HTTP/Cookies\">HTTP cookies</a>.\n </li>\n <li>\n <em><a href=\"/en-US/docs/Web/HTTP/Proxy_servers_and_tunneling\">Proxy and tunneling</a></em>:\n Servers or clients are often located on intranets and hide their true IP address from other computers.\n HTTP requests then go through proxies to cross this network barrier.\n Not all proxies are HTTP proxies.\n The SOCKS protocol, for example, operates at a lower level.\n Other protocols, like ftp, can be handled by these proxies.\n </li>\n <li>\n <em>Sessions</em>:\n Using HTTP cookies allows you to link requests with the state of the server.\n This creates sessions, despite basic HTTP being a state-less protocol.\n This is useful not only for e-commerce shopping baskets, but also for any site allowing user configuration of the output.\n </li>\n</ul>"}},{"type":"prose","value":{"id":"http_flow","title":"HTTP flow","isH3":false,"content":"<p>When a client wants to communicate with a server, either the final server or an intermediate proxy, it performs the following steps:</p>\n<ol>\n <li>\n <p>\n Open a TCP connection: The TCP connection is used to send a request, or several, and receive an answer.\n The client may open a new connection, reuse an existing connection, or open several TCP connections to the servers.\n </p>\n </li>\n <li>\n <p>\n Send an HTTP message: HTTP messages (before HTTP/2) are human-readable.\n With HTTP/2, these simple messages are encapsulated in frames, making them impossible to read directly, but the principle remains the same.\n For example:\n </p>\n <div class=\"code-example\"><div class=\"example-header\"><span class=\"language-name\">http</span></div><pre class=\"brush: http notranslate\"><code>GET / HTTP/1.1\nHost: developer.mozilla.org\nAccept-Language: fr\n</code></pre></div>\n </li>\n <li>\n <p>Read the response sent by the server, such as:</p>\n <div class=\"code-example\"><div class=\"example-header\"><span class=\"language-name\">http</span></div><pre class=\"brush: http notranslate\"><code>HTTP/1.1 200 OK\nDate: Sat, 09 Oct 2010 14:28:02 GMT\nServer: Apache\nLast-Modified: Tue, 01 Dec 2009 20:18:22 GMT\nETag: \"51142bc1-7449-479b075b2891b\"\nAccept-Ranges: bytes\nContent-Length: 29769\nContent-Type: text/html\n\n&lt;!doctype html&gt;… (here come the 29769 bytes of the requested web page)\n</code></pre></div>\n </li>\n <li>\n <p>Close or reuse the connection for further requests.</p>\n </li>\n</ol>\n<p>\n If HTTP pipelining is activated, several requests can be sent without waiting for the first response to be fully received.\n HTTP pipelining has proven difficult to implement in existing networks, where old pieces of software coexist with modern versions.\n HTTP pipelining has been superseded in HTTP/2 with more robust multiplexing requests within a frame.\n</p>"}},{"type":"prose","value":{"id":"http_messages","title":"HTTP Messages","isH3":false,"content":"<p>\n HTTP messages, as defined in HTTP/1.1 and earlier, are human-readable.\n In HTTP/2, these messages are embedded into a binary structure, a <em>frame</em>, allowing optimizations like compression of headers and multiplexing.\n Even if only part of the original HTTP message is sent in this version of HTTP, the semantics of each message is unchanged and the client reconstitutes (virtually) the original HTTP/1.1 request.\n It is therefore useful to comprehend HTTP/2 messages in the HTTP/1.1 format.\n</p>\n<p>There are two types of HTTP messages, requests and responses, each with its own format.</p>"}},{"type":"prose","value":{"id":"requests","title":"Requests","isH3":true,"content":"<p>An example HTTP request:</p>\n<p>\n <img src=\"https://mdn.github.io/shared-assets/images/diagrams/http/overview/http-request.svg\" alt=\"Overview of a HTTP GET request with headers\" loading=\"lazy\">\n</p>\n<p>Requests consist of the following elements:</p>\n<ul>\n <li>\n An HTTP <a href=\"/en-US/docs/Web/HTTP/Methods\">method</a>, usually a verb like <a href=\"/en-US/docs/Web/HTTP/Methods/GET\"><code>GET</code></a>, <a href=\"/en-US/docs/Web/HTTP/Methods/POST\"><code>POST</code></a>, or a noun like <a href=\"/en-US/docs/Web/HTTP/Methods/OPTIONS\"><code>OPTIONS</code></a> or <a href=\"/en-US/docs/Web/HTTP/Methods/HEAD\"><code>HEAD</code></a> that defines the operation the client wants to perform.\n Typically, a client wants to fetch a resource (using <code>GET</code>) or post the value of an <a href=\"/en-US/docs/Learn/Forms\">HTML form</a> (using <code>POST</code>), though more operations may be needed in other cases.\n </li>\n <li>The path of the resource to fetch; the URL of the resource stripped from elements that are obvious from the context, for example without the <a href=\"/en-US/docs/Glossary/Protocol\">protocol</a> (<code>http://</code>), the <a href=\"/en-US/docs/Glossary/Domain\">domain</a> (here, <code>developer.mozilla.org</code>), or the TCP <a href=\"/en-US/docs/Glossary/Port\">port</a> (here, <code>80</code>).</li>\n <li>The version of the HTTP protocol.</li>\n <li>Optional <a href=\"/en-US/docs/Web/HTTP/Headers\">headers</a> that convey additional information for the servers.</li>\n <li>A body, for some methods like <code>POST</code>, similar to those in responses, which contain the resource sent.</li>\n</ul>"}},{"type":"prose","value":{"id":"responses","title":"Responses","isH3":true,"content":"<p>An example response:</p>\n<p>\n <img src=\"https://mdn.github.io/shared-assets/images/diagrams/http/overview/http-response.svg\" alt=\"Overview of a '200 OK' HTTP response to a GET request including response headers.\" loading=\"lazy\">\n</p>\n<p>Responses consist of the following elements:</p>\n<ul>\n <li>The version of the HTTP protocol they follow.</li>\n <li>A <a href=\"/en-US/docs/Web/HTTP/Status\">status code</a>, indicating if the request was successful or not, and why.</li>\n <li>A status message, a non-authoritative short description of the status code.</li>\n <li>HTTP <a href=\"/en-US/docs/Web/HTTP/Headers\">headers</a>, like those for requests.</li>\n <li>Optionally, a body containing the fetched resource.</li>\n</ul>"}},{"type":"prose","value":{"id":"apis_based_on_http","title":"APIs based on HTTP","isH3":false,"content":"<p>The most commonly used API based on HTTP is the <a href=\"/en-US/docs/Web/API/Fetch_API\">Fetch API</a>, which can be used to make HTTP requests from JavaScript. The Fetch API replaces the <a href=\"/en-US/docs/Web/API/XMLHttpRequest\"><code>XMLHttpRequest</code></a> API.</p>\n<p>\n Another API, <a href=\"/en-US/docs/Web/API/Server-sent_events\">server-sent events</a>, is a one-way service that allows a server to send events to the client, using HTTP as a transport mechanism.\n Using the <a href=\"/en-US/docs/Web/API/EventSource\"><code>EventSource</code></a> interface, the client opens a connection and establishes event handlers.\n The client browser automatically converts the messages that arrive on the HTTP stream into appropriate <a href=\"/en-US/docs/Web/API/Event\"><code>Event</code></a> objects. Then it delivers them to the event handlers that have been registered for the events' <a href=\"/en-US/docs/Web/API/Event/type\" title=\"type\"><code>type</code></a> if known, or to the <a href=\"/en-US/docs/Web/API/EventSource/message_event\" title=\"onmessage\"><code>onmessage</code></a> event handler if no type-specific event handler was established.\n</p>"}},{"type":"prose","value":{"id":"conclusion","title":"Conclusion","isH3":false,"content":"<p>\n HTTP is an extensible protocol that is easy to use.\n The client-server structure, combined with the ability to add headers, allows HTTP to advance along with the extended capabilities of the Web.\n</p>\n<p>\n Though HTTP/2 adds some complexity by embedding HTTP messages in frames to improve performance, the basic structure of messages has stayed the same since HTTP/1.0.\n Session flow remains basic, allowing it to be investigated and debugged with a <a href=\"https://firefox-source-docs.mozilla.org/devtools-user/network_monitor/index.html\" class=\"external\" target=\"_blank\">HTTP network monitor</a>.\n</p>"}}],"toc":[{"text":"Components of HTTP-based systems","id":"components_of_http-based_systems"},{"text":"Basic aspects of HTTP","id":"basic_aspects_of_http"},{"text":"What can be controlled by HTTP","id":"what_can_be_controlled_by_http"},{"text":"HTTP flow","id":"http_flow"},{"text":"HTTP Messages","id":"http_messages"},{"text":"APIs based on HTTP","id":"apis_based_on_http"},{"text":"Conclusion","id":"conclusion"}],"summary":"HTTP is a protocol for fetching resources such as HTML documents.\n It is the foundation of any data exchange on the Web and it is a client-server protocol, which means requests are initiated by the recipient, usually the Web browser.\n A complete document is typically constructed from resources such as text content, layout instructions, images, videos, scripts, and more.","popularity":0.1683,"modified":"2024-11-21T19:49:47.000Z","other_translations":[{"locale":"de","title":"Ein Überblick über HTTP","native":"Deutsch"},{"locale":"es","title":"Generalidades del protocolo HTTP","native":"Español"},{"locale":"fr","title":"Un aperçu de HTTP","native":"Français"},{"locale":"ja","title":"HTTP の概要","native":"日本語"},{"locale":"ko","title":"HTTP 개요","native":"한국어"},{"locale":"pt-BR","title":"Uma visão geral do HTTP","native":"Português (do Brasil)"},{"locale":"ru","title":"Обзор протокола HTTP","native":"Русский"},{"locale":"zh-CN","title":"HTTP 概述","native":"中文 (简体)"}],"pageType":"guide","source":{"folder":"en-us/web/http/overview","github_url":"https://github.com/mdn/content/blob/main/files/en-us/web/http/overview/index.md","last_commit_url":"https://github.com/mdn/content/commit/93b34fcdb9cf91ff44f5dfe7f4dcd13e961962da","filename":"index.md"},"short_title":"An overview of HTTP","parents":[{"uri":"/en-US/docs/Web","title":"References"},{"uri":"/en-US/docs/Web/HTTP","title":"HTTP"},{"uri":"/en-US/docs/Web/HTTP/Overview","title":"An overview of HTTP"}],"pageTitle":"An overview of HTTP - HTTP | MDN","noIndexing":false}}</script></body></html>