Menu
Is the field:
Content-Type
mandatory when I perform an HTTP request?
777
You can send only the following content types in a POST request to Media Server: application/x-www-form-urlencoded. multipart/form-data.
1.5 explains that if Content-Type is not set, the server may assume the data is application/octet-stream or interpret the request any way it wants. But: Clients that do so risk drawing incorrect conclusions, which might expose additional security risks (e.g., "privilege escalation").
A Content-Type header is optional. The MIME specification defines a part without a Content-Type header as text/plain; charset=us-ascii. RFC 2045 defines the Content-Type header in section 5 (p. 10).
The Content-Type representation header is used to indicate the original media type of the resource (prior to any content encoding applied for sending). In responses, a Content-Type header provides the client with the actual content type of the returned content.
No, it's not mandatory. Per the HTTP 1.1 specification:
Any HTTP/1.1 message containing an entity-body SHOULD include a Content-Type header field defining the media type of that body. If and only if the media type is not given by a Content-Type field, the recipient MAY attempt to guess the media type via inspection of its content and/or the name extension(s) of the URI used to identify the resource. If the media type remains unknown, the recipient SHOULD treat it as type "application/octet-stream".
That said, it's obviously going to be hard for the server to accurately interpret the data you're sending if you omit the Content-Type header, so it's not recommended to do so.
183
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
