Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Are there any guidelines to what should NOT go into HTTP headers?

Tags:

I'm working on an API that sends HTML forms to external AJAX apps.

Would it be abusing the HTTP headers if I include information such as stylesheets and scripts to use in the headers? I'd like to keep the HTML as clean as possible.

like image 846
Jrgns Avatar asked Feb 25 '10 09:02

Jrgns


People also ask

What should be included in HTTP header?

HTTP headers let the client and the server pass additional information with an HTTP request or response. An HTTP header consists of its case-insensitive name followed by a colon ( : ), then by its value. Whitespace before the value is ignored.

Can HTTP headers alone restrict or allow access to resources from specified origins?

This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers. The CORS mechanism supports secure cross-origin requests and data transfers between browsers and servers.

Which of the following is NOT response header field?

Correct Option: B. For passing additional information about the response that can't be placed in Status-Line, we use response-header fields. Some of the fields are Age, Accept-Ranges, Location, ETag, WWW-Authenticate, Vary, Server, Retry-After.

What are mandatory headers?

A mandatory header is a header that must appear in a request for the request to be considered legal by the system. If a request does not contain the mandatory header and the Mandatory HTTP header is missing violation is set to alarm or block, the system logs or blocks the request.


1 Answers

In my point of view: Yes it would.

You better have to keep your transmission protocol (HTTP which is precisely specified in some RFC) as clean as possible than the message transmitted (HTML).

If you are working on creating an API, maybe you should create specifics XML messages that would contain 3 encapsulating parts: one for your stylesheets, one for your scripts and one for your HTML.

That's just an idea, I don't know what your are doing exactly.

like image 125
Kaltezar Avatar answered Sep 28 '22 17:09

Kaltezar