The TCP/IP Guide  9  TCP/IP Application Layer Protocols, Services and Applications (OSI Layers 5, 6 and 7)       9  TCP/IP Key Applications and Application Protocols            9  TCP/IP File and Message Transfer Applications and Protocols (FTP, TFTP, Electronic Mail, USENET, HTTP/WWW, Gopher)                 9  TCP/IP World Wide Web (WWW, "The Web") and the Hypertext Transfer Protocol (HTTP)                      9  TCP/IP Hypertext Transfer Protocol (HTTP)                           9  HTTP Message Headers

HTTP Request Headers 1 2 HTTP Entity Headers

Proxy-Authenticate

This is the proxy version of the WWW-Authenticate header (see below). It is included in a 407 (“Proxy Authentication Required”) response, to indicate how the proxy is requiring the client to perform authentication. The header specifies an authentication method as well as any other parameters needed for authentication. The client will use this to generate a new request containing a Proxy-Authorization header. This is a hop-by-hop header.

This header is sometimes included in unsuccessful requests—such as those resulting in a 503 (“Service Unavailable”) response—to tell the client when it should try its request again. It may also be used with a redirection response such as 301, 302 or 307, to indicate how long the client should wait before sending a request for the redirected URL. The Retry-After header may specify either a time interval to wait (in seconds) or a full date/time when the server suggests the client try again.

This is the server's version of the User-Agent request header; it identifies the type and version of the server software generating the response. Note that proxies do not modify this field when forwarding a response; they put their identification information into a Via header instead.

Specifies which request header fields fully determine whether a cache is allowed to use this response to reply to subsequent requests for the same resource without revalidation. A caching device inspects the Vary header to determine which other headers it needs to examine to determine whether or not it can respond with a cached entry, when the client makes its next request for the resource in this reply. Yeah, this one's a bit confusing.

This header is included in a 401 (“Unauthorized”) response, to indicate how the server wants the client to authenticate. The header specifies an authentication method as well as any other parameters needed for authentication. The client will use this to generate a new request containing an Authorization header.

HTTP Request Headers 1 2 HTTP Entity Headers