1 /*
2 * Copyright (C) 2011 The Guava Authors
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 package com.google.common.net;
18
19 import com.google.common.annotations.Beta;
20 import com.google.common.annotations.GwtCompatible;
21
22 /**
23 * Contains constant definitions for the HTTP header field names. See:
24 * <ul>
25 * <li><a href="http://www.ietf.org/rfc/rfc2109.txt">RFC 2109</a>
26 * <li><a href="http://www.ietf.org/rfc/rfc2183.txt">RFC 2183</a>
27 * <li><a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a>
28 * <li><a href="http://www.ietf.org/rfc/rfc2965.txt">RFC 2965</a>
29 * <li><a href="http://www.ietf.org/rfc/rfc5988.txt">RFC 5988</a>
30 * </ul>
31 *
32 *
33 * @author Kurt Alfred Kluever
34 * @since 11.0
35 */
36 @GwtCompatible
37 public final class HttpHeaders {
38 private HttpHeaders() {}
39
40 // HTTP Request and Response header fields
41
42 /** The HTTP {@code Cache-Control} header field name. */
43 public static final String CACHE_CONTROL = "Cache-Control";
44 /** The HTTP {@code Content-Length} header field name. */
45 public static final String CONTENT_LENGTH = "Content-Length";
46 /** The HTTP {@code Content-Type} header field name. */
47 public static final String CONTENT_TYPE = "Content-Type";
48 /** The HTTP {@code Date} header field name. */
49 public static final String DATE = "Date";
50 /** The HTTP {@code Pragma} header field name. */
51 public static final String PRAGMA = "Pragma";
52 /** The HTTP {@code Via} header field name. */
53 public static final String VIA = "Via";
54 /** The HTTP {@code Warning} header field name. */
55 public static final String WARNING = "Warning";
56
57 // HTTP Request header fields
58
59 /** The HTTP {@code Accept} header field name. */
60 public static final String ACCEPT = "Accept";
61 /** The HTTP {@code Accept-Charset} header field name. */
62 public static final String ACCEPT_CHARSET = "Accept-Charset";
63 /** The HTTP {@code Accept-Encoding} header field name. */
64 public static final String ACCEPT_ENCODING = "Accept-Encoding";
65 /** The HTTP {@code Accept-Language} header field name. */
66 public static final String ACCEPT_LANGUAGE = "Accept-Language";
67 /** The HTTP {@code Access-Control-Request-Headers} header field name. */
68 public static final String ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers";
69 /** The HTTP {@code Access-Control-Request-Method} header field name. */
70 public static final String ACCESS_CONTROL_REQUEST_METHOD = "Access-Control-Request-Method";
71 /** The HTTP {@code Authorization} header field name. */
72 public static final String AUTHORIZATION = "Authorization";
73 /** The HTTP {@code Connection} header field name. */
74 public static final String CONNECTION = "Connection";
75 /** The HTTP {@code Cookie} header field name. */
76 public static final String COOKIE = "Cookie";
77 /** The HTTP {@code Expect} header field name. */
78 public static final String EXPECT = "Expect";
79 /** The HTTP {@code From} header field name. */
80 public static final String FROM = "From";
81 /**
82 * The HTTP {@code Follow-Only-When-Prerender-Shown}</a> header field name.
83 *
84 * @since 17.0
85 */
86 @Beta
87 public static final String FOLLOW_ONLY_WHEN_PRERENDER_SHOWN = "Follow-Only-When-Prerender-Shown";
88 /** The HTTP {@code Host} header field name. */
89 public static final String HOST = "Host";
90 /** The HTTP {@code If-Match} header field name. */
91 public static final String IF_MATCH = "If-Match";
92 /** The HTTP {@code If-Modified-Since} header field name. */
93 public static final String IF_MODIFIED_SINCE = "If-Modified-Since";
94 /** The HTTP {@code If-None-Match} header field name. */
95 public static final String IF_NONE_MATCH = "If-None-Match";
96 /** The HTTP {@code If-Range} header field name. */
97 public static final String IF_RANGE = "If-Range";
98 /** The HTTP {@code If-Unmodified-Since} header field name. */
99 public static final String IF_UNMODIFIED_SINCE = "If-Unmodified-Since";
100 /** The HTTP {@code Last-Event-ID} header field name. */
101 public static final String LAST_EVENT_ID = "Last-Event-ID";
102 /** The HTTP {@code Max-Forwards} header field name. */
103 public static final String MAX_FORWARDS = "Max-Forwards";
104 /** The HTTP {@code Origin} header field name. */
105 public static final String ORIGIN = "Origin";
106 /** The HTTP {@code Proxy-Authorization} header field name. */
107 public static final String PROXY_AUTHORIZATION = "Proxy-Authorization";
108 /** The HTTP {@code Range} header field name. */
109 public static final String RANGE = "Range";
110 /** The HTTP {@code Referer} header field name. */
111 public static final String REFERER = "Referer";
112 /** The HTTP {@code TE} header field name. */
113 public static final String TE = "TE";
114 /** The HTTP {@code Upgrade} header field name. */
115 public static final String UPGRADE = "Upgrade";
116 /** The HTTP {@code User-Agent} header field name. */
117 public static final String USER_AGENT = "User-Agent";
118
119 // HTTP Response header fields
120
121 /** The HTTP {@code Accept-Ranges} header field name. */
122 public static final String ACCEPT_RANGES = "Accept-Ranges";
123 /** The HTTP {@code Access-Control-Allow-Headers} header field name. */
124 public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
125 /** The HTTP {@code Access-Control-Allow-Methods} header field name. */
126 public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
127 /** The HTTP {@code Access-Control-Allow-Origin} header field name. */
128 public static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
129 /** The HTTP {@code Access-Control-Allow-Credentials} header field name. */
130 public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";
131 /** The HTTP {@code Access-Control-Expose-Headers} header field name. */
132 public static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers";
133 /** The HTTP {@code Access-Control-Max-Age} header field name. */
134 public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age";
135 /** The HTTP {@code Age} header field name. */
136 public static final String AGE = "Age";
137 /** The HTTP {@code Allow} header field name. */
138 public static final String ALLOW = "Allow";
139 /** The HTTP {@code Content-Disposition} header field name. */
140 public static final String CONTENT_DISPOSITION = "Content-Disposition";
141 /** The HTTP {@code Content-Encoding} header field name. */
142 public static final String CONTENT_ENCODING = "Content-Encoding";
143 /** The HTTP {@code Content-Language} header field name. */
144 public static final String CONTENT_LANGUAGE = "Content-Language";
145 /** The HTTP {@code Content-Location} header field name. */
146 public static final String CONTENT_LOCATION = "Content-Location";
147 /** The HTTP {@code Content-MD5} header field name. */
148 public static final String CONTENT_MD5 = "Content-MD5";
149 /** The HTTP {@code Content-Range} header field name. */
150 public static final String CONTENT_RANGE = "Content-Range";
151 /**
152 * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-header-field">
153 * {@code Content-Security-Policy}</a> header field name.
154 *
155 * @since 15.0
156 */
157 public static final String CONTENT_SECURITY_POLICY = "Content-Security-Policy";
158 /**
159 * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-report-only-header-field">
160 * {@code Content-Security-Policy-Report-Only}</a> header field name.
161 *
162 * @since 15.0
163 */
164 public static final String CONTENT_SECURITY_POLICY_REPORT_ONLY =
165 "Content-Security-Policy-Report-Only";
166 /** The HTTP {@code ETag} header field name. */
167 public static final String ETAG = "ETag";
168 /** The HTTP {@code Expires} header field name. */
169 public static final String EXPIRES = "Expires";
170 /** The HTTP {@code Last-Modified} header field name. */
171 public static final String LAST_MODIFIED = "Last-Modified";
172 /** The HTTP {@code Link} header field name. */
173 public static final String LINK = "Link";
174 /** The HTTP {@code Location} header field name. */
175 public static final String LOCATION = "Location";
176 /** The HTTP {@code P3P} header field name. Limited browser support. */
177 public static final String P3P = "P3P";
178 /** The HTTP {@code Proxy-Authenticate} header field name. */
179 public static final String PROXY_AUTHENTICATE = "Proxy-Authenticate";
180 /** The HTTP {@code Refresh} header field name. Non-standard header supported by most browsers. */
181 public static final String REFRESH = "Refresh";
182 /** The HTTP {@code Retry-After} header field name. */
183 public static final String RETRY_AFTER = "Retry-After";
184 /** The HTTP {@code Server} header field name. */
185 public static final String SERVER = "Server";
186 /** The HTTP {@code Set-Cookie} header field name. */
187 public static final String SET_COOKIE = "Set-Cookie";
188 /** The HTTP {@code Set-Cookie2} header field name. */
189 public static final String SET_COOKIE2 = "Set-Cookie2";
190 /**
191 * The HTTP <a href="http://tools.ietf.org/html/rfc6797#section-6.1">
192 * {@code Strict-Transport-Security}</a> header field name.
193 *
194 * @since 15.0
195 */
196 public static final String STRICT_TRANSPORT_SECURITY = "Strict-Transport-Security";
197 /**
198 * The HTTP <a href="http://www.w3.org/TR/resource-timing/#cross-origin-resources">
199 * {@code Timing-Allow-Origin}</a> header field name.
200 *
201 * @since 15.0
202 */
203 public static final String TIMING_ALLOW_ORIGIN = "Timing-Allow-Origin";
204 /** The HTTP {@code Trailer} header field name. */
205 public static final String TRAILER = "Trailer";
206 /** The HTTP {@code Transfer-Encoding} header field name. */
207 public static final String TRANSFER_ENCODING = "Transfer-Encoding";
208 /** The HTTP {@code Vary} header field name. */
209 public static final String VARY = "Vary";
210 /** The HTTP {@code WWW-Authenticate} header field name. */
211 public static final String WWW_AUTHENTICATE = "WWW-Authenticate";
212
213 // Common, non-standard HTTP header fields
214
215 /** The HTTP {@code DNT} header field name. */
216 public static final String DNT = "DNT";
217 /** The HTTP {@code X-Content-Type-Options} header field name. */
218 public static final String X_CONTENT_TYPE_OPTIONS = "X-Content-Type-Options";
219 /** The HTTP {@code X-Do-Not-Track} header field name. */
220 public static final String X_DO_NOT_TRACK = "X-Do-Not-Track";
221 /** The HTTP {@code X-Forwarded-For} header field name. */
222 public static final String X_FORWARDED_FOR = "X-Forwarded-For";
223 /** The HTTP {@code X-Forwarded-Proto} header field name. */
224 public static final String X_FORWARDED_PROTO = "X-Forwarded-Proto";
225 /** The HTTP {@code X-Frame-Options} header field name. */
226 public static final String X_FRAME_OPTIONS = "X-Frame-Options";
227 /** The HTTP {@code X-Powered-By} header field name. */
228 public static final String X_POWERED_BY = "X-Powered-By";
229 /**
230 * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">
231 * {@code Public-Key-Pins}</a> header field name.
232 *
233 * @since 15.0
234 */
235 @Beta
236 public static final String PUBLIC_KEY_PINS = "Public-Key-Pins";
237 /**
238 * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">
239 * {@code Public-Key-Pins-Report-Only}</a> header field name.
240 *
241 * @since 15.0
242 */
243 @Beta
244 public static final String PUBLIC_KEY_PINS_REPORT_ONLY = "Public-Key-Pins-Report-Only";
245 /** The HTTP {@code X-Requested-With} header field name. */
246 public static final String X_REQUESTED_WITH = "X-Requested-With";
247 /** The HTTP {@code X-User-IP} header field name. */
248 public static final String X_USER_IP = "X-User-IP";
249 /** The HTTP {@code X-XSS-Protection} header field name. */
250 public static final String X_XSS_PROTECTION = "X-XSS-Protection";
251 }