Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [http-headers]

HTTP header fields are components of the message header of requests and responses in the Hypertext Transfer Protocol (HTTP). They define the operating parameters of an HTTP transaction.

HTTP header fields are components of the message header of requests and responses in the Hypertext Transfer Protocol (HTTP). They define the operating parameters of an HTTP transaction.

Refer to RFC 2616

614 questions
112
votes
8 answers

Setting the "Expires" HTTP header for static content served from Nginx?

I'm using nginx to server my static content, is there a way that I can set the expires headers for every file that meets a specific rule? For example can I set the expires header for all files that have an extension of '.css'?
Unkwntech
  • 1,762
  • 3
  • 19
  • 24
91
votes
4 answers

Difference between `curl -I` and `curl -X HEAD`

I was watching the funny server type from http://www.reddit.com with curl -I http://www.reddit.com when I guessed that curl -X HEAD http://www.reddit.com would do the same. But, in fact, it doesn't. I'm curious about why. This is what I observe…
chmeee
  • 7,270
  • 3
  • 29
  • 43
83
votes
3 answers

Human readable format for http headers with tcpdump

I would like to view the HTTP headers sent from Apache (listening on port 80) to Tomcat (on port 4080) in a Linux machine. According to Wikipedia, Header fields are colon-separated name-value pairs in clear-text string format. I've tried some…
Adam Matan
  • 12,504
  • 19
  • 54
  • 73
73
votes
4 answers

nginx real_ip_header and X-Forwarded-For seems wrong

The wikipedia description of the HTTP header X-Forwarded-For is: X-Forwarded-For: client1, proxy1, proxy2, ... The nginx documentation for the directive real_ip_header reads, in part: This directive sets the name of the header used for…
Kirk Woll
  • 833
  • 1
  • 7
  • 7
50
votes
7 answers

How to remove IIS/ASP.NET Response Headers

I have a couple IIS/6.0 servers that security is asking me to remove a couple of response headers that are sent to client browsers on requests. They are concerned about divulging platform information through response headers. I have removed all the…
Astra
  • 673
  • 1
  • 7
  • 9
41
votes
6 answers

Shell command to see the HTTP headers

Is there a shell command to see the headers of a HTTP request? For example, I would like to know what the headers retrieved from www.example.com/test.php are How can I do this?
Damiano
  • 411
  • 1
  • 4
  • 3
40
votes
2 answers

How do I get Apache2 to parse (without error) Header directives in a .htaccess?

I am getting pages loading with a 500 internal server error, due I believe to a directive that Apache has not been configured to allow. I have AllowOverride set to all, and a .htaccess file, including:
Christos Hayward
  • 1,152
  • 3
  • 15
  • 35
34
votes
2 answers

What is the mandatory information a HTTP Request Header must contain?

What is the mandatory information a HTTP Request Header must contain ?
stevek-pro
  • 474
  • 1
  • 4
  • 7
29
votes
5 answers

How to dump entire HTTP requests with apache

Is it possible to dump entire HTTP requests by apache? I need to track all HTTP headers of incomming requests. How to do that?
Alex
  • 2,287
  • 5
  • 32
  • 41
29
votes
2 answers

Nginx add_header for a 50* page

I'm currently trying to get nginx to add a header to the response when it is sending some kind of 50* error. I already have an add_header directive on the http block, and that gets respected for all requests except it seems errors. I also tried the…
Mediocre Gopher
  • 803
  • 1
  • 12
  • 24
29
votes
4 answers

How can I make nginx support @font-face formats and allow access-control-allow-origin?

I've added these rules to mime.types: application/x-font-ttf ttf; font/opentype otf; application/vnd.ms-fontobject eot; font/x-woff woff; Now the Content-Type header is being…
meder omuraliev
  • 1,701
  • 3
  • 20
  • 30
26
votes
2 answers

Can X-FORWARDED-FOR contain multiple IPs

Can X-FORWARDED-FOR contain multiple IP addresses? If so, why? An illustrative example would be great.
Hassan Baig
  • 2,033
  • 11
  • 27
  • 47
24
votes
1 answer

add_header directives in location overwriting add_header directives in server

Using nginx 1.2.1 I am able to use add_header under some circumstances. Here is a working example: server { listen 80; server_name localhost; root /var/www; add_header Name1 Value1; <=== HERE add_header Name2 Value2; …
Max
  • 3,373
  • 15
  • 51
  • 71
22
votes
1 answer

What's the use of X-Powered-By, Server and other similar HTTP headers?

What's the use of Server, X-Powered-By and other similar headers? Looks like the consensus is they should be removed so that automatic vulnerability scanners doen't immediately know which version of which software they're dealing with and so…
sharptooth
  • 2,727
  • 4
  • 32
  • 38
21
votes
3 answers

Apache proxy_http redirect to ip and set hostname

hopefully you guys can help me with a proxy problem I have. What I already have I have set up an apache http reverse proxy, to proxy requests from *.proxy.domain to *.intern.domain. The apache is the only way to reach my internal webapplications…
mohrphium
  • 615
  • 2
  • 9
  • 16
1
2 3
40 41