HTTP response header information

HTTP request headers provide information about the request, response, or other sending entity.

In this chapter we will introduce the HTTP response header information in detail.

#DateYou can use setDateHeader to set this. header to avoid the hassle of converting time formats ##Expires##Last-ModifiedThe client can provide a date through the If-Modified-Since request header, and the request will be treated as a conditional GET, only if the modification time is later than specified. The time document will be returned, otherwise a 304 (Not Modified) status will be returned. Last-Modified can also be set by the setDateHeader method to indicate browsing. After how long the browser should refresh the document, in seconds, in addition to refreshing the current document, you can also let the browser read the specified file through setHeader("Refresh", "5; URL=http://host/path"). Page. Note that this function is usually implemented by setting in the HEAD area of ​​the HTML page. This is because, Automatic refresh or redirection is very important for HTML writers who cannot use CGI or Servlets. However, for Servlets, it is more convenient to set the Refresh header directly.Note that the meaning of Refresh is "refresh this page or access the specified page after N seconds", not "refresh this page or access the specified page every N seconds". Therefore, continuous refresh requires sending a Refresh header each time, and sending a 204 status code can prevent the browser from continuing to refresh, whether using the Refresh header or .

Note that the Refresh header is not part of the official HTTP 1.1 specification, but an extension, but both Netscape and IE support it.

Response header	Description
Allow	What request methods does the server support (such as GET, POST wait).
Content-Encoding	The encoding (Encode) method of the document. Only after decoding can the content type specified by the Content-Type header be obtained. Using gzip to compress documents can significantly reduce the download time of HTML documents. Java's GZIPOutputStream can easily perform gzip compression, but only Netscape on Unix and IE 4 and IE 5 on Windows support it. Therefore, the Servlet should check whether the browser supports gzip by looking at the Accept-Encoding header (i.e. request.getHeader("Accept-Encoding")), return a gzip-compressed HTML page for browsers that support gzip, and return a normal HTML page for other browsers. page.
Content-Length	indicates the content length. This data is only required if the browser uses persistent HTTP connections. If you want to take advantage of persistent connections, you can write the output document to ByteArrayOutputStream, check its size when completed, then put the value into the Content-Length header, and finally send the content via byteArrayStream.writeTo(response.getOutputStream().
Content-Type	indicates what MIME type the following document belongs to. The Servlet defaults to text/plain, but it usually needs to be explicitly specified as text/html. To set the Content-Type, HttpServletResponse provides a dedicated method setContentType.
At what point should a document be considered expired so that it is no longer cached?
##Location	indicates that the customer should arrive. Where to retrieve the document. Location is usually not set directly, but through the sendRedirect method of HttpServletResponse, which also sets the status code to 302 #Refresh
Server	Server name. Servlets generally do not set this value, but are set by the web server itself.
Set-Cookie	Set the cookie associated with the page. Servlets should not use response.setHeader("Set-Cookie", ...), but should use the dedicated method addCookie provided by HttpServletResponse. See discussion of cookie settings below.
WWW-Authenticate	What type of authorization information should the client provide in the Authorization header? This header is required in responses containing a 401 (Unauthorized) status line. For example, response.setHeader("WWW-Authenticate", "BASIC realm=＼"executives＼""). Note that Servlets generally do not handle this aspect, but let the Web server's specialized mechanism control access to password-protected pages (such as .htaccess).