HTTPResponseHeaderFieldsTypeHTTP Session Object Schema

The Access-Control-Allow-Origin field specifies the HTTP Response Access-Control-Allow-Origin header field, which defines which web sites can participate in cross-origin resource sharing.

The Accept-Ranges field specifies the HTTP Response Accept-Ranges header field, which defines the partial content range types this server supports.

The Age field specifies the HTTP Response Authorization header field, which defines the age the object has been in a proxy cache, in seconds.

The Cache-Control field specifies the HTTP Response Cache-Control header field, which tells all caching mechanisms from server to client whether they may cache this object.

The Connection field specifies the HTTP Response Connection header field, which specifies the options that are desired for the connection.

The Content-Encoding field specifies the HTTP Response Content-Encoding header field, which defines the type of encoding used on the data.

The Content-Language field specifies the HTTP Response Content-Language header field, which defines the language the content is in.

The Content-Length field specifies the HTTP Response Content-Length header field, which defines the length of the request body in octets.

The Content-Location field specifies the HTTP Response Content-Location header field, which defines an alternate location for the returned data.

The Content-MD5 field specifies the HTTP Response Content-MD5 header field, which defines the base64-encoded binary MD5 sum of the content of the response.

The Content-Disposition field specifies the HTTP Response Content-Disposition header field, which provides a means for the origin server to suggest a default filename if the user requests that the content is saved to a file.

The Content-Range field specifies the HTTP Response Content-Range header field, which defines where in a full body message the partial message belongs.

The Content-Type field specifies the HTTP Response Content-Type header field, which defines the MIME type of the content.

The Date field specifies the HTTP Request Date header field, which defines the date and time that the message was sent.

The ETag field specifies the HTTP Response ETag header field, which defines an identifier for a specific version of a resource, often a message digest.

The Expires field specifies the HTTP Response Expires header field, which defines the date/time after which the response is considered stale.

The Last-Modified field specifies the HTTP Response Last-Modified header field, which defines the date/time for the requested object, in RFC 2822 format.

The Link field specifies the HTTP Response Link header field, which defines a typed relationship with another resource, where the relation type is defined by RFC 5988.

The Location field specifies the HTTP Response Location header field, which defines the location used in redirection, or when a new resource has been created.

The P3P field specifies the HTTP Response P3P header field, which sets P3P policy to be used by the browser.

The Pragma field specifies the HTTP Response Pragma header field, which defines any implementation-specific values that may have various anywhere along the request-response chain.

The Proxy-Authenticate field specifies the HTTP Response Proxy-Authenticate header field, which defines the type of authentication necessary to access the proxy.

The Refresh field specifies the HTTP Response Refresh header field, which specifies a given interval, in seconds, after which the current page should be refreshed.

The Retry-After field specifies the HTTP Response Retry-After header field, which defines the period, in seconds, after which the client should try again if an entity is temporarily unavailable.

The Server field specifies the HTTP Response Server field, which defines a name for the responding server.

The Set-Cookie field specifies the HTTP Response Set-Cookie field, which defines an HTTP cookie.

The Strict-Transport-Security field specifies the HTTP response Strict-Transport-Security field, which defines the HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

The Trailer field specifies the HTTP Response Trailer field, which indicates that the given set of header fields is present in the trailer of a message encoded with chunked transfer-coding.

The Transfer-Encoding field specifies the HTTP Response Transfer-Encoding field, which defines the form of encoding used to safely transfer the entity to the user.

The Vary field specifies the HTTP Response Vary field, which informs downstream proxies on how to match future request headers to decide whether the cached response can be used rather than requested a fresh one from the origin server.

The Via field specifies the HTTP Response Via field, which informs the client of proxies through which the response was sent.

The Warning field specifies the HTTP Response Warning field, which defines any general warnings about possible problems with the entity body.

The WWW-Authenticate field specifies the HTTP Response WWW-Authenticate field, which defines the authentication scheme that should be used to access the requested entity.

The X-Frame-Options field specifies the non-standard HTTP Response X-Frame-Options field, which is used as a form of clickjacking protection, supporting no rendering within a frame and no rendering if origin mismatch.

The X-XSS-Protection field specifies the non-standard HTTP Response X-XSS-Protection field, which is used as a cross-site scripting (XSS) filter.

The X-Content-Type-Options field specifies the non-standard HTTP Response X-Content-Type-Options field, which supports the 'nosniff' parameter to prevent the MIME-sniffing of a response away from the declared content type.

The X-Powered-By field specifies the non-standard HTTP Response X-Powered-By field, which specifies the technology supporting the web application running on the server.

The X-UA-Compatible field specifies the non-standard HTTP Response X-UA-Compatible field, which is used to recommend the preferred rendering engine to use to display the content.