The response headers described here are used in server responses to communicate information about the server and how it may handle requests.
Accept-Ranges: bytes | none
Indicates the acceptance of range requests for a URI, specifying either the range unit (e.g., bytes) or none if no range requests are accepted.
Indicates the age of the document in seconds.
Proxy-Authenticate: scheme realm
Indicates the authentication scheme and parameters applicable to the proxy for this URI and the current connection. Used with response 407 (Proxy Authentication Required).
Indicates methods supported by the server as a comma-separated list. Intended for declaration of non-standard methods supported at this site. For methods applicable only to an individual URI, use the Allow header. See Chapter 17, HTTP Overview, for a discussion of request methods.
Retry-After: date | seconds
Used with response code 503 (Service Unavailable). It contains either an integer number of seconds or a GMT date and time (as described by the Date header formats). If the value is an integer, it is interpreted as the number of seconds to wait after the request was issued. For example:
Retry-After: 3600 Retry-After: Sat, 18 May 1996 06:59:37 GMT
Contains the name and version number of the server. For example:
Set-Cookie: name=value[; options]
Contains a name/value pair of information to retain for this URL. For browsers supporting Netscape persistent cookies; not included in the HTTP standard. See Chapter 12, Cookies, for more information. Options are:
The cookie becomes invalid after the specified date.
The URL range for which the cookie is valid.
the domain name range for which the cookie is valid.
Return the cookie only under a secure connection.
Vary: * | headers
Specifies that the entity has multiple sources and may therefore vary according to specified list of request header(s). Multiple headers can be listed, separated by commas. An asterisk (*) means that another factor other than the request headers may affect the document that is returned.
Warning: code host[:port] "string"
Indicates additional information to that in the status code, for use by caching proxies. The host field contains the name or pseudonym of the server host, with an optional port number. The two-digit warning codes and their recommended descriptive strings are:
The response data is known to be stale.
The response data is known to be stale because the proxy failed to revalidate the data.
The cache is disconnected from the network.
The data is older than 24 hours and the cache heuristically chose a freshness lifetime greater than 24 hours.
The proxy has changed the encoding or media type of the document, as specified by the Content-Encoding or Content-Type headers.
Arbitrary information to be logged or presented to the user.
WWW-Authenticate: scheme realm
Used with the 401 (Unauthorized) response code. It specifies the authorization scheme and realm of authorization required from a client at the requested URI. Many different authorization realms can exist on a server. A common authorization scheme is BASIC, which requires a username and password. For example:
WWW-Authenticate: BASIC realm="Admin"
When returned to the client, this header indicates that the BASIC type of authorization data in the appropriate realm should be returned in the client's Authorization header.