Requested server URL
Describe the destination where the request will be sent , Include , And only include domain name and port number .
In any type of request ,request Will include this header Information .
Server pass host To find out which website to visit
Virtual host （virtual hosting） I.e. shared host （shared web hosting）, Virtual technology can be used to divide a complete server into several hosts , So you can run multiple sites or services on a single server .
Let's take a simple example ： There is one ip The address is 22.214.171.124 Server for , Google is deployed on this server 、 Baidu 、 Taobao's website . Why do we visit https://www.google.com when , To see is Google Not Baidu or Taobao ？ The reason is that Host The request header determines which virtual host to access .
Not set in browser Connection, Will default to keep-alive（ A long connection ）
About Connection Information about
Used to indicate where the request originated , Include , And only the agreement and domain name .
This parameter generally only exists in CORS Cross domain request in progress , You can see response There are corresponding header：Access-Control-Allow-Origin.
The article mentions about Origin To prevent cfrs attack
What is mentioned here csrf attack
1. Anti theft chain
For example, I only allow my own website to visit my own image server
2. Prevent malicious requests .
Related examples ：
About Origin and refere Comparison of
origin It is mainly used to explain where the initial request was initiated ;
origin Used only for Post request , and Referer For all types of requests ;
origin Method ratio of Referer Security .
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36");
simply , Is to access the browser version and other information of the source
Because of the browser war in history , At that time, I wanted to get a web page with pictures and texts , You have to claim that you are Mozilla browser . This led to today's User-Agent Usually with Mozilla word , Out of respect for history , Everyone will fill in this part by default .
Windows NT 10.0 Is the version of the operating system I use
Win64; x64 My operating system is 64 Bit
AppleWebKit/537.36 (KHTML, like Gecko) Engine version
Chrome/70.0.3538.77 Safari/537.36 Browser version
Accept-Encoding Requested HTTP Header announces its content encoding , It is usually a compression algorithm , The client can understand . Use content negotiation ,
Server selects one of the proposals , Use it and pass Content-Encoding The response header informs the client of its selection .
gzip Use Lempel-Ziv code （ LZ77 ） Compression format for , with 32 position CRC .
compress Use Lempel-Ziv-Welch（ LZW ） Compression format of algorithm .
deflate Use zlib Compression format of structure , as well as deflate Compression algorithm .
br Use Brotli Compression format of algorithm .
identity Indicating identity function （ No compression , It doesn't change ）. Even if it doesn't exist , This value is always considered acceptable .
* Match any content encoding that is not listed in the title . If the title does not exist , This is the default . This does not mean that any algorithm is supported ; It's just that there's no preference .
;q=（ q Value weighting ） Any value is prioritized by a relative mass value called a weight
Content-Type（ Content type ）, Generally, it refers to the existence of Content-Type, Used to define the type of network files and the encoding of web pages , Decide what form the browser will take 、 What encoding reads this file , This is what we often see PHP The result of a web click is the reason to download a file or a picture .
Content-Type The header tells the client what type of content is actually returned .
Grammar format ：
ext/html ： HTML Format
text/plain ： Plain text format
text/xml ： XML Format
image/gif ：gif Image format
image/jpeg ：jpg Image format
image/png：png Image format
application/xhtml+xml ：XHTML Format
application/xml： XML data format
application/atom+xml ：Atom XML Aggregate format
application/json： JSON data format
application/msword ： Word Document format
application/octet-stream ： Binary stream data （ Such as common file downloads ）
application/x-www-form-urlencoded ： <form encType=””> In the default encType,form Form data is encoded as key/value Format send to server （ Default format of data submitted by form
Another common media format is used when uploading files ：
multipart/form-data ： When you need to upload files in the form , You need to use this format
Specify the type of content the client can receive
Related cache policies