Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Do I need a content-type header for HTTP GET requests?

Tags:

content-type

http

get

People also ask

Is Content-Type required for GET request?

Nope, Content-Type is not a required field. It's not mandatory per the HTTP 1.1 specification. Any HTTP/1.1 message containing an entity-body SHOULD include a Content-Type header field defining the media type of that body.

Does HTTP GET have a header?

Yes, you can send any HTTP headers with your GET request. For example, you can send user authentication data in the Authorization header, send browser cookies in the Cookie header, or even send some additional details about your request in custom headers like X-Powered-By or X-User-IP.

Is Content-Type header required?

In short, no, it's not required. But it's recommended. Most browser that I know of will treat <link> , <script> , and <img> properly if they are not sent with headers, but there's no real good reason not to send the headers.

What are headers in GET request?

Request headers contain more information about the resource to be fetched, or about the client requesting the resource. Response headers hold additional information about the response, like its location or about the server providing it.

According to the RFC 7231 section 3.1.5.5:

A sender that generates a message containing a payload body SHOULD generate a Content-Type header field in that message unless the intended media type of the enclosed representation is unknown to the sender. If a Content-Type header field is not present, the recipient MAY either assume a media type of "application/octet-stream" ([RFC2046], Section 4.5.1) or examine the data to determine its type.

It means that the Content-Type HTTP header should be set only for PUT and POST requests.


Get requests should not have content-type because they do not have request entity (that is, a body)


GET requests can have "Accept" headers, which say which types of content the client understands. The server can then use that to decide which content type to send back.

They're optional though.

http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.1


The accepted answer is wrong. The quote is correct, the assertion that PUT and POST must have it is incorrect. There is no requirement that PUT or POST actually have additional content. Nor is there a prohibition against GET actually having content.

The RFCs say exactly what they mean .. IFF your side (client OR origin server) will be sending additional content, beyond the HTTP headers, it SHOULD specify a Content-Type header. But note it is allowable to omit the Content-Type and still include content (say, by using a Content-Length header).


Short answer: Most likely, no you do not need a content-type header for HTTP GET requests. But the specs does not seem to rule out a content-type header for HTTP GET, either.

Supporting materials:

  1. "Content-Type" is part of the representation (i.e. payload) metadata. Quoted from RFC 7231 section 3.1:

    3.1. Representation Metadata

    Representation header fields provide metadata about the representation. When a message includes a payload body, the representation header fields describe how to interpret the representation data enclosed in the payload body. ...

    The following header fields convey representation metadata:

    +-------------------+-----------------+
| Header Field Name | Defined in...   |
+-------------------+-----------------+
| Content-Type      | Section 3.1.1.5 |
| ...               | ...             |

    Quoted from RFC 7231 section 3.1.1.5(by the way, the current chosen answer had a typo in the section number):

    The "Content-Type" header field indicates the media type of the associated representation

  2. In that sense, a Content-Type header is not really about an HTTP GET request (or a POST or PUT request, for that matter). It is about the payload inside such a whatever request. So, if there will be no payload, there needs no Content-Type. In practice, some implementation went ahead and made that understandable assumption. Quoted from Adam's comment:

    "While ... the spec doesn't say you can't have Content-Type on a GET, .Net seems to enforce it in it's HttpClient. See this SO q&a."

  3. However, strictly speaking, the specs itself does not rule out the possibility of HTTP GET contains a payload. Quoted from RFC 7231 section 4.3.1:

    4.3.1 GET

    ...

    A payload within a GET request message has no defined semantics; sending a payload body on a GET request might cause some existing implementations to reject the request.

    So, if your HTTP GET happens to include a payload for whatever reason, a Content-Type header is probably reasonable, too.

Related questions

Http Basic Authentication in Java using HttpClient?
get client time zone from browser [duplicate]
How to get access to HTTP header information in Spring MVC REST controller?
Setting HTTP headers
Why is Cache-Control attribute sent in request header (client to server)?
What is HTTP "Host" header?
Angular2 http.get() ,map(), subscribe() and observable pattern - basic understanding
Doing HTTP requests FROM Laravel to an external API
How do I choose a HTTP status code in REST API for "Not Ready Yet, Try Again Later"? [closed]
HTTP header line break style
Correct way to delete cookies server-side
.NET: Simplest way to send POST with data and read response
Angular 4 HttpClient Query Parameters
REST API Best practices: args in query string vs in request body
What's to stop malicious code from spoofing the "Origin" header to exploit CORS?
How does "304 Not Modified" work exactly?
URL matrix parameters vs. query parameters
Difference between Pragma and Cache-Control headers?
What's the difference between HTTP 301 and 308 status codes?
Axios Delete request with body and headers?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!