Headers in HTTP Response

Cache Control

The Cache-Control HTTP header controls the browser caching behaviour. When someone visits a website, their browser will save certain resources, such as images and website data, in a store called the cache. When that user revisits the same website, cache-control sets the rules which determine whether that user will have those resources loaded from their local cache, or whether the browser will have to send a request to the server for fresh resources.


Cache-Control: max-age=3600, public


Caching can also be prevented by using the no-cache directive.


Cache-Control: no-cache


Content Type

The Content-Type header is used to indicate the media type of the responded payload. For example, if the HTTP response contains an HTML file, the Content-Type header will have the following value.


Content-Type: text/html; charset=UTF-8


Browser uses the Content-Type header to decide how to interpret the payload data.


Content Disposition

The Content-Disposition header is important for controlling how browser handles file downloads initiated by a web-server. It provides information about the file being downloaded, influencing whether the browser displays it inline or offers it as a download.


Content-Disposition: attachment; filename="download.zip"


A value of inline for Content-Disposition will instruct the browser to display the file inside the browser instead of downloading it.


Content-Length

The HTTP Content-Length header indicates the size, in bytes, of the message body sent to the recipient.


Content-Length: 89123


This is especially useful for file downloads. That's how the browser can determine the progress of the download.


Location

The Location header is used during re-directions. When the server responds with a 301 or 302 status, the browser will consult the Location header to decide the re-direction.


Location: /index.html


Set-Cookie

When a web-server wants to store certain data on the browser, it sends an HTTP request with Set-Cookie header included. This small amount of data is called cookie and is kept in browser's storage. All the subsequent requests to the web-server will then contain these cookies in header.


Set-Cookie: sessionId=38afes7a8


If the expiration date is not specified, the cookie is deleted when the browser window is closed.