Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(http): Refresh headers docs (d-k) #36075

Merged
merged 17 commits into from
Nov 18, 2024
Merged
Show file tree
Hide file tree
Changes from 3 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 14 additions & 18 deletions files/en-us/web/http/headers/date/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,10 @@ browser-compat: http.headers.Date

{{HTTPSidebar}}

The **`Date`** general HTTP header contains the date and time
at which the message originated.
bsmth marked this conversation as resolved.
Show resolved Hide resolved
The HTTP **`Date`** header contains the date and time at which the message originated.
hamishwillee marked this conversation as resolved.
Show resolved Hide resolved

> **Warning:** `Date` is listed
> in the [forbidden header names](https://fetch.spec.whatwg.org/#forbidden-header-name)
> in the fetch spec, so this code will not send the `Date` header:
> [!WARNING]
hamishwillee marked this conversation as resolved.
Show resolved Hide resolved
> The `Date` header is a {{Glossary("Forbidden header name")}}, so this code cannot set the message `Date`, for example:
>
> ```js
> fetch("https://httpbin.org/get", {
Expand All @@ -33,7 +31,7 @@ at which the message originated.
</tr>
<tr>
<th scope="row">{{Glossary("Forbidden header name")}}</th>
<td>yes</td>
<td>Yes</td>
bsmth marked this conversation as resolved.
Show resolved Hide resolved
</tr>
</tbody>
</table>
Expand All @@ -46,24 +44,22 @@ Date: <day-name>, <day> <month> <year> <hour>:<minute>:<second> GMT

## Directives

- \<day-name>
- `<day-name>`
- : One of "Mon", "Tue", "Wed", "Thu", "Fri", "Sat", or "Sun" (case-sensitive).
bsmth marked this conversation as resolved.
Show resolved Hide resolved
- \<day>
- : 2 digit day number, e.g. "04" or "23".
- \<month>
- : One of "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct",
"Nov", "Dec" (case sensitive).
- \<year>
- `<day>`
- : 2 digit day number, e.g., "04" or "23".
- `<month>`
- : One of "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" (case sensitive).
- `<year>`
- : 4 digit year number, e.g. "1990" or "2016".
- \<hour>
- `<hour>`
- : 2 digit hour number, e.g. "09" or "23".
- \<minute>
- `<minute>`
- : 2 digit minute number, e.g. "04" or "59".
- \<second>
- `<second>`
- : 2 digit second number, e.g. "04" or "59".
- GMT
- : Greenwich Mean Time. HTTP dates are always expressed in GMT, never in local
time.
- : Greenwich Mean Time. HTTP dates are always expressed in GMT, never in local time.

## Examples

Expand Down
24 changes: 10 additions & 14 deletions files/en-us/web/http/headers/device-memory/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,12 @@ browser-compat: http.headers.Device-Memory

{{HTTPSidebar}}{{securecontext_header}}

The **`Device-Memory`** [device client hint](/en-US/docs/Web/HTTP/Client_hints#device_client_hints) request header field indicates the approximate amount of available RAM on the client device. The header is part of the {{DOMxRef("Device Memory API", "Device Memory API", "", "nocode")}}.
The HTTP **`Device-Memory`** {{Glossary("request header")}} is used in [device client hints](/en-US/docs/Web/HTTP/Client_hints#device_client_hints) to indicate the approximate amount of available RAM on the client device.
bsmth marked this conversation as resolved.
Show resolved Hide resolved
The header is part of the {{DOMxRef("Device Memory API", "Device Memory API", "", "nocode")}}.
bsmth marked this conversation as resolved.
Show resolved Hide resolved

Client hints are accessible only on secure origins.
A server has to opt in to receive the `Device-Memory` header from the client, by first sending the {{HTTPHeader("Accept-CH")}} response header.
Servers that opt in to the `Device-Memory` client hint will typically also specify it in the {{HTTPHeader("Vary")}} header to inform caches that the server may send different responses based on the header value in a request.

<table class="properties">
<tbody>
Expand All @@ -20,17 +25,11 @@ The **`Device-Memory`** [device client hint](/en-US/docs/Web/HTTP/Client_hints#d
</tr>
<tr>
<th scope="row">{{Glossary("Forbidden header name")}}</th>
<td>no</td>
<td>No</td>
</tr>
</tbody>
</table>

> [!NOTE]
>
> - Client Hints are accessible only on secure origins (via TLS).
> - A server has to opt in to receive the `Device-Memory` header from the client, by sending the {{HTTPHeader("Accept-CH")}} response header.
> - Servers that opt in to the `Device-Memory` client hint will typically also specify it in the {{HTTPHeader("Vary")}} header. This informs caches that the server may send different responses based on the header value in a request.

## Syntax

```http
Expand All @@ -41,12 +40,11 @@ Device-Memory: <number>

- `<number>`
- : The approximate amount of device RAM. Possible values are: `0.25`, `0.5`, `1`, `2`, `4`, `8`.

The amount of device RAM can be used as a {{glossary("fingerprinting")}} variable, so values for the header are intentionally coarse to reduce the potential for its misuse.
The amount of device RAM can be used as a {{glossary("fingerprinting")}} variable, so values for the header are intentionally coarse to reduce the potential for its misuse.

## Examples

The server first needs to opt in to receive `Device-Memory` header by sending the response headers {{HTTPHeader("Accept-CH")}} containing `Device-Memory`.
The server first needs to opt in to receive `Device-Memory` header by sending the {{HTTPHeader("Accept-CH")}} response header containing `Device-Memory`:

```http
Accept-CH: Device-Memory
Expand All @@ -73,11 +71,9 @@ Device-Memory: 1
- {{DOMxRef("Navigator.deviceMemory")}}
- {{DOMxRef("WorkerNavigator.deviceMemory")}}
- Device client hints

- {{HTTPHeader("Content-DPR")}}
- {{HTTPHeader("DPR")}}
- {{HTTPHeader("Viewport-Width")}}
- {{HTTPHeader("Width")}}

- {{HTTPHeader("Accept-CH")}}
- [HTTP Caching > Vary](/en-US/docs/Web/HTTP/Caching#vary) and {{HTTPHeader("Vary")}}
- [HTTP Caching: Vary](/en-US/docs/Web/HTTP/Caching#vary) and {{HTTPHeader("Vary")}}
12 changes: 6 additions & 6 deletions files/en-us/web/http/headers/digest/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,11 @@ browser-compat: http.headers.Digest
> Use {{HTTPHeader("Content-Digest")}} instead.
> For `id-*` digest algorithms, use {{HTTPHeader("Repr-Digest")}}.

The **`Digest`** response or request HTTP header provides the other side with a {{Glossary("digest")}} of the {{HTTPHeader("Content-Encoding")}}-encoded _selected representation_. It can be requested by using the {{HTTPHeader("Want-Digest")}} header.
The HTTP **`Digest`** header provides the recipient with a {{Glossary("digest")}} of the {{HTTPHeader("Content-Encoding")}}-encoded _selected representation_.
bsmth marked this conversation as resolved.
Show resolved Hide resolved
It can be requested by using the {{HTTPHeader("Want-Digest")}} header.

Representations are different forms of a particular resource that might be returned from a request: for example, the same resource might be formatted in a particular media type such as XML or JSON, localized to a particular written language or geographical region, and/or compressed or otherwise encoded for transmission.
The _selected representation_ is the actual format of a resource that is returned following [content negotiation](/en-US/docs/Web/HTTP/Content_negotiation), and can be determined from the response's {{Glossary("Representation header","Representation headers")}}.
The _selected representation_ is a resource returned following [content negotiation](/en-US/docs/Web/HTTP/Content_negotiation), and can be determined from the response's {{Glossary("Representation header","Representation headers")}}.

The digest applies to the whole representation of a resource, not to a particular message.
It can be used to verify that the representation data has not been modified during transmission.
Expand All @@ -30,11 +31,11 @@ It can be used to verify that the representation data has not been modified duri
<tbody>
<tr>
<th scope="row">Header type</th>
<td>{{Glossary("Response header")}}</td>
<td>{{Glossary("Response header")}}, {{Glossary("Request header")}}</td>
</tr>
<tr>
<th scope="row">{{Glossary("Forbidden header name")}}</th>
<td>no</td>
<td>No</td>
</tr>
</tbody>
</table>
Expand Down Expand Up @@ -76,6 +77,5 @@ Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=,id-sha-256=0KJL0PvN
## See also

- {{HTTPHeader("Want-Digest")}}

- [HTTP range requests](/en-US/docs/Web/HTTP/Range_requests)
- [`206 Partial Content`](/en-US/docs/Web/HTTP/Status/206)
- {{HTTPStatus("206", "206 Partial Content")}}
bsmth marked this conversation as resolved.
Show resolved Hide resolved
13 changes: 6 additions & 7 deletions files/en-us/web/http/headers/dnt/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,8 @@ browser-compat: http.headers.DNT
> [!NOTE]
> The DNT (Do Not Track) specification has been discontinued. See {{domxref("Navigator.doNotTrack")}} for more information.

The **`DNT`** (**D**o **N**ot
**T**rack) request header indicates the user's tracking preference. It lets
users indicate whether they would prefer privacy rather than personalized content.
The HTTP **`DNT`** (Do Not Track) {{Glossary("request header")}} indicates the user's tracking preference.
It lets users indicate whether they would prefer privacy rather than personalized content.

DNT is deprecated in favor of [Global Privacy Control](https://globalprivacycontrol.org/), which is communicated to servers using the {{HTTPHeader("Sec-GPC")}} header, and accessible to clients from {{domxref("navigator.globalPrivacyControl")}}.

Expand All @@ -27,7 +26,7 @@ DNT is deprecated in favor of [Global Privacy Control](https://globalprivacycont
</tr>
<tr>
<th scope="row">{{Glossary("Forbidden header name")}}</th>
<td>yes</td>
<td>Yes</td>
</tr>
</tbody>
</table>
Expand All @@ -42,11 +41,11 @@ DNT: null

## Directives

- 0
- `0`
- : The user prefers to allow tracking on the target site.
- 1
- `1`
- : The user prefers not to be tracked on the target site.
- null
- `null`
- : The user has not specified a preference about tracking.

## Examples
Expand Down
25 changes: 12 additions & 13 deletions files/en-us/web/http/headers/downlink/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,14 @@ browser-compat: http.headers.Downlink

{{HTTPSidebar}} {{SeeCompatTable}}

The **`Downlink`** [Client hint](/en-US/docs/Web/HTTP/Client_hints) request header field provides the approximate bandwidth of the client's connection to the server, in Mbps.
The HTTP **`Downlink`** {{Glossary("request header")}} is used in [Client Hints](/en-US/docs/Web/HTTP/Client_hints) to provide the approximate bandwidth in Mbps of the client's connection to the server.

The hint allows a server to choose what information is sent based on the network bandwidth.
For example, a server might choose to send smaller versions of images and other resources on low bandwidth networks.

> [!NOTE]
> The {{HTTPHeader("Vary")}} header is used in responses to indicate that a different resource is sent for every different value of the header (see [HTTP Caching Vary](/en-US/docs/Web/HTTP/Caching#vary)).
> Even if `Downlink` is used to configure what resources are sent, consider omitting it in the {{HTTPHeader("Vary")}} header — it is likely to change often, which effectively makes the resource uncacheable.

<table class="properties">
<tbody>
Expand All @@ -22,18 +29,11 @@ The **`Downlink`** [Client hint](/en-US/docs/Web/HTTP/Client_hints) request head
</tr>
<tr>
<th scope="row">{{Glossary("Forbidden header name")}}</th>
<td>no</td>
<td>No</td>
</tr>
</tbody>
</table>

The `Downlink` value is given in Mbps and rounded to the nearest 25 kilobits per second to prevent [fingerprinting](/en-US/docs/Glossary/Fingerprinting). There are many other mechanisms an attacker might use to obtain similar information.

The hint allows a server to choose what information is sent based on the network bandwidth. For example, a server might choose to send smaller versions of images and other resources on low bandwidth networks.

> [!NOTE]
> The {{HTTPHeader("Vary")}} header is used in responses to indicate that a different resource is sent for every different value of the header (see [HTTP Caching Vary](/en-US/docs/Web/HTTP/Caching#vary)). Even if `Downlink` is used to configure what resources are sent, consider omitting it in the {{HTTPHeader("Vary")}} header — it is likely to change often, which effectively makes the resource uncacheable.

## Syntax

```http
Expand All @@ -42,8 +42,9 @@ Downlink: <number>

## Directives

- \<number>
- `<number>`
- : The downlink rate in Mbps, rounded to the nearest 25 kilobits.
The downlink rate may be used as a {{glossary("fingerprinting")}} variable, so values for the header are intentionally coarse to reduce the potential for its misuse.

## Examples

Expand Down Expand Up @@ -71,11 +72,9 @@ Downlink: 1.7

- [Improving user privacy and developer experience with User-Agent Client Hints](https://developer.chrome.com/docs/privacy-security/user-agent-client-hints) (developer.chrome.com)
- Network client hints

- {{HTTPHeader("RTT")}}
- {{HTTPHeader("ECT")}}
- {{HTTPHeader("Save-Data")}}

- {{HTTPHeader("Accept-CH")}}
- [HTTP Caching > Vary](/en-US/docs/Web/HTTP/Caching#vary) and {{HTTPHeader("Vary")}}
- [HTTP Caching: Vary](/en-US/docs/Web/HTTP/Caching#vary) and {{HTTPHeader("Vary")}}
- {{domxref("NetworkInformation.effectiveType")}}
37 changes: 18 additions & 19 deletions files/en-us/web/http/headers/dpr/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,21 @@ browser-compat: http.headers.DPR

{{HTTPSidebar}}{{Deprecated_Header}}{{SecureContext_Header}}{{Non-standard_Header}}

The **`DPR`** [device client hint](/en-US/docs/Web/HTTP/Client_hints) request header provides the client device pixel ratio. This ratio is the number of physical device pixels corresponding to every {{Glossary("CSS pixel")}}.
The HTTP **`DPR`** {{Glossary("request header")}} provides [device client hints](/en-US/docs/Web/HTTP/Client_hints) about the client device pixel ratio (DPR).
This ratio is the number of physical device pixels corresponding to every {{Glossary("CSS pixel")}}.

The hint is useful when selecting image sources that best correspond to a screen's pixel density.
This is similar to the role played by `x` descriptors in the `<img>` [`srcset`](/en-US/docs/Web/HTML/Element/img#srcset) attribute to allow user agents to select a preferred image.

If a server uses the `DPR` hint to choose which resource is sent in a response, the response must include the {{HTTPHeader("Content-DPR")}} header.
The client must use the value in `Content-DPR` for layout if it differs from the value in the request's `DPR` header.
If the `DPR` header appears more than once in a message the last occurrence is used.

Servers that opt in to the `DPR` client hint will typically also specify it in the {{HTTPHeader("Vary")}} header to inform caches that the server may send different responses based on the header value in a request.

> [!WARNING]
bsmth marked this conversation as resolved.
Show resolved Hide resolved
> The `DPR` header was removed from the client hints specification in [draft-ietf-httpbis-client-hints-07](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-client-hints-07).
> The proposed replacement is [`Sec-CH-DPR`](https://wicg.github.io/responsive-image-client-hints/#sec-ch-dpr) (Responsive Image Client Hints).

<table class="properties">
<tbody>
Expand All @@ -23,24 +37,11 @@ The **`DPR`** [device client hint](/en-US/docs/Web/HTTP/Client_hints) request he
</tr>
<tr>
<th scope="row">{{Glossary("Forbidden header name")}}</th>
<td>no</td>
<td>No</td>
</tr>
</tbody>
</table>

The hint is useful when selecting image sources that best correspond to a screen's pixel density. This is similar to the role played by `x` descriptors in the `<img>` [`srcset`](/en-US/docs/Web/HTML/Element/img#srcset) attribute to allow user agents to select a preferred image.

If a server uses the `DPR` hint to choose which resource is sent in a response, the response must include the {{HTTPHeader("Content-DPR")}} header. The client must use the value in `Content-DPR` for layout if it differs from the value in the request's `DPR` header.

If the `DPR` header appears more than once in a message the last occurrence is used.

> [!NOTE]
>
> - Client Hints are accessible only on secure origins (via TLS).
hamishwillee marked this conversation as resolved.
Show resolved Hide resolved
> - A server has to opt in to receive the `DPR` header from the client, by sending the {{HTTPHeader("Accept-CH")}} response header.
> - Servers that opt in to the `DPR` client hint will typically also specify it in the {{HTTPHeader("Vary")}} header. This informs caches that the server may send different responses based on the header value in a request.
> - `DPR` was removed from the client hints specification in [draft-ietf-httpbis-client-hints-07](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-client-hints-07). The proposed replacement is [`Sec-CH-DPR`](https://wicg.github.io/responsive-image-client-hints/#sec-ch-dpr) (Responsive Image Client Hints).

## Syntax

```http
Expand Down Expand Up @@ -78,13 +79,11 @@ Content-DPR: 2.0

## See also

- [Improving user privacy and developer experience with User-Agent Client Hints](https://developer.chrome.com/docs/privacy-security/user-agent-client-hints) (developer.chrome.com)
- Device client hints

- {{HTTPHeader("Content-DPR")}}
- {{HTTPHeader("Device-Memory")}}
- {{HTTPHeader("Viewport-Width")}}
- {{HTTPHeader("Width")}}

- {{HTTPHeader("Accept-CH")}}
- [HTTP Caching > Vary](/en-US/docs/Web/HTTP/Caching#vary) and {{HTTPHeader("Vary")}}
- [HTTP Caching: Vary](/en-US/docs/Web/HTTP/Caching#vary) and {{HTTPHeader("Vary")}}
- [Improving user privacy and developer experience with User-Agent Client Hints](https://developer.chrome.com/docs/privacy-security/user-agent-client-hints) (developer.chrome.com)
9 changes: 3 additions & 6 deletions files/en-us/web/http/headers/early-data/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,9 @@ browser-compat: http.headers.Early-Data

{{SeeCompatTable}}{{HTTPSidebar}}

The **`Early-Data`** header is set by
an intermediary to indicate that the request has been conveyed in [TLS early data](/en-US/docs/Web/Security/Transport_Layer_Security#tls_1.3),
and also indicates that the intermediary understands the {{HTTPStatus("425", "425 Too Early")}} status code.
The HTTP **`Early-Data`** {{Glossary("request header")}} is set by an intermediary to indicate that the request has been conveyed in [TLS early data](/en-US/docs/Web/Security/Transport_Layer_Security#tls_1.3), and also indicates that the intermediary understands the {{HTTPStatus("425", "425 Too Early")}} status code.
bsmth marked this conversation as resolved.
Show resolved Hide resolved

The `Early-Data` header is **not** set by the originator of the
request (i.e., a browser).
The `Early-Data` header is **not** set by the originator of the request (i.e., a browser).

<table class="properties">
<tbody>
Expand All @@ -24,7 +21,7 @@ request (i.e., a browser).
</tr>
<tr>
<th scope="row">{{Glossary("Forbidden header name")}}</th>
<td>no</td>
<td>No</td>
</tr>
</tbody>
</table>
Expand Down
Loading