1/* 2 * Copyright (C) 2011 The Guava Authors 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package com.google.common.net; 18 19import com.google.common.annotations.Beta; 20import com.google.common.annotations.GwtCompatible; 21 22/** 23 * Contains constant definitions for the HTTP header field names. See: 24 * <ul> 25 * <li><a href="http://www.ietf.org/rfc/rfc2109.txt">RFC 2109</a> 26 * <li><a href="http://www.ietf.org/rfc/rfc2183.txt">RFC 2183</a> 27 * <li><a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a> 28 * <li><a href="http://www.ietf.org/rfc/rfc2965.txt">RFC 2965</a> 29 * <li><a href="http://www.ietf.org/rfc/rfc5988.txt">RFC 5988</a> 30 * </ul> 31 * 32 * 33 * @author Kurt Alfred Kluever 34 * @since 11.0 35 */ 36@GwtCompatible 37public final class HttpHeaders { 38 private HttpHeaders() {} 39 40 // HTTP Request and Response header fields 41 42 /** The HTTP {@code Cache-Control} header field name. */ 43 public static final String CACHE_CONTROL = "Cache-Control"; 44 /** The HTTP {@code Content-Length} header field name. */ 45 public static final String CONTENT_LENGTH = "Content-Length"; 46 /** The HTTP {@code Content-Type} header field name. */ 47 public static final String CONTENT_TYPE = "Content-Type"; 48 /** The HTTP {@code Date} header field name. */ 49 public static final String DATE = "Date"; 50 /** The HTTP {@code Pragma} header field name. */ 51 public static final String PRAGMA = "Pragma"; 52 /** The HTTP {@code Via} header field name. */ 53 public static final String VIA = "Via"; 54 /** The HTTP {@code Warning} header field name. */ 55 public static final String WARNING = "Warning"; 56 57 // HTTP Request header fields 58 59 /** The HTTP {@code Accept} header field name. */ 60 public static final String ACCEPT = "Accept"; 61 /** The HTTP {@code Accept-Charset} header field name. */ 62 public static final String ACCEPT_CHARSET = "Accept-Charset"; 63 /** The HTTP {@code Accept-Encoding} header field name. */ 64 public static final String ACCEPT_ENCODING = "Accept-Encoding"; 65 /** The HTTP {@code Accept-Language} header field name. */ 66 public static final String ACCEPT_LANGUAGE = "Accept-Language"; 67 /** The HTTP {@code Access-Control-Request-Headers} header field name. */ 68 public static final String ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers"; 69 /** The HTTP {@code Access-Control-Request-Method} header field name. */ 70 public static final String ACCESS_CONTROL_REQUEST_METHOD = "Access-Control-Request-Method"; 71 /** The HTTP {@code Authorization} header field name. */ 72 public static final String AUTHORIZATION = "Authorization"; 73 /** The HTTP {@code Connection} header field name. */ 74 public static final String CONNECTION = "Connection"; 75 /** The HTTP {@code Cookie} header field name. */ 76 public static final String COOKIE = "Cookie"; 77 /** The HTTP {@code Expect} header field name. */ 78 public static final String EXPECT = "Expect"; 79 /** The HTTP {@code From} header field name. */ 80 public static final String FROM = "From"; 81 /** 82 * The HTTP {@code Follow-Only-When-Prerender-Shown}</a> header field name. 83 * 84 * @since 17.0 85 */ 86 @Beta 87 public static final String FOLLOW_ONLY_WHEN_PRERENDER_SHOWN = "Follow-Only-When-Prerender-Shown"; 88 /** The HTTP {@code Host} header field name. */ 89 public static final String HOST = "Host"; 90 /** The HTTP {@code If-Match} header field name. */ 91 public static final String IF_MATCH = "If-Match"; 92 /** The HTTP {@code If-Modified-Since} header field name. */ 93 public static final String IF_MODIFIED_SINCE = "If-Modified-Since"; 94 /** The HTTP {@code If-None-Match} header field name. */ 95 public static final String IF_NONE_MATCH = "If-None-Match"; 96 /** The HTTP {@code If-Range} header field name. */ 97 public static final String IF_RANGE = "If-Range"; 98 /** The HTTP {@code If-Unmodified-Since} header field name. */ 99 public static final String IF_UNMODIFIED_SINCE = "If-Unmodified-Since"; 100 /** The HTTP {@code Last-Event-ID} header field name. */ 101 public static final String LAST_EVENT_ID = "Last-Event-ID"; 102 /** The HTTP {@code Max-Forwards} header field name. */ 103 public static final String MAX_FORWARDS = "Max-Forwards"; 104 /** The HTTP {@code Origin} header field name. */ 105 public static final String ORIGIN = "Origin"; 106 /** The HTTP {@code Proxy-Authorization} header field name. */ 107 public static final String PROXY_AUTHORIZATION = "Proxy-Authorization"; 108 /** The HTTP {@code Range} header field name. */ 109 public static final String RANGE = "Range"; 110 /** The HTTP {@code Referer} header field name. */ 111 public static final String REFERER = "Referer"; 112 /** The HTTP {@code TE} header field name. */ 113 public static final String TE = "TE"; 114 /** The HTTP {@code Upgrade} header field name. */ 115 public static final String UPGRADE = "Upgrade"; 116 /** The HTTP {@code User-Agent} header field name. */ 117 public static final String USER_AGENT = "User-Agent"; 118 119 // HTTP Response header fields 120 121 /** The HTTP {@code Accept-Ranges} header field name. */ 122 public static final String ACCEPT_RANGES = "Accept-Ranges"; 123 /** The HTTP {@code Access-Control-Allow-Headers} header field name. */ 124 public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers"; 125 /** The HTTP {@code Access-Control-Allow-Methods} header field name. */ 126 public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods"; 127 /** The HTTP {@code Access-Control-Allow-Origin} header field name. */ 128 public static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin"; 129 /** The HTTP {@code Access-Control-Allow-Credentials} header field name. */ 130 public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials"; 131 /** The HTTP {@code Access-Control-Expose-Headers} header field name. */ 132 public static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers"; 133 /** The HTTP {@code Access-Control-Max-Age} header field name. */ 134 public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age"; 135 /** The HTTP {@code Age} header field name. */ 136 public static final String AGE = "Age"; 137 /** The HTTP {@code Allow} header field name. */ 138 public static final String ALLOW = "Allow"; 139 /** The HTTP {@code Content-Disposition} header field name. */ 140 public static final String CONTENT_DISPOSITION = "Content-Disposition"; 141 /** The HTTP {@code Content-Encoding} header field name. */ 142 public static final String CONTENT_ENCODING = "Content-Encoding"; 143 /** The HTTP {@code Content-Language} header field name. */ 144 public static final String CONTENT_LANGUAGE = "Content-Language"; 145 /** The HTTP {@code Content-Location} header field name. */ 146 public static final String CONTENT_LOCATION = "Content-Location"; 147 /** The HTTP {@code Content-MD5} header field name. */ 148 public static final String CONTENT_MD5 = "Content-MD5"; 149 /** The HTTP {@code Content-Range} header field name. */ 150 public static final String CONTENT_RANGE = "Content-Range"; 151 /** 152 * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-header-field"> 153 * {@code Content-Security-Policy}</a> header field name. 154 * 155 * @since 15.0 156 */ 157 public static final String CONTENT_SECURITY_POLICY = "Content-Security-Policy"; 158 /** 159 * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-report-only-header-field"> 160 * {@code Content-Security-Policy-Report-Only}</a> header field name. 161 * 162 * @since 15.0 163 */ 164 public static final String CONTENT_SECURITY_POLICY_REPORT_ONLY = 165 "Content-Security-Policy-Report-Only"; 166 /** The HTTP {@code ETag} header field name. */ 167 public static final String ETAG = "ETag"; 168 /** The HTTP {@code Expires} header field name. */ 169 public static final String EXPIRES = "Expires"; 170 /** The HTTP {@code Last-Modified} header field name. */ 171 public static final String LAST_MODIFIED = "Last-Modified"; 172 /** The HTTP {@code Link} header field name. */ 173 public static final String LINK = "Link"; 174 /** The HTTP {@code Location} header field name. */ 175 public static final String LOCATION = "Location"; 176 /** The HTTP {@code P3P} header field name. Limited browser support. */ 177 public static final String P3P = "P3P"; 178 /** The HTTP {@code Proxy-Authenticate} header field name. */ 179 public static final String PROXY_AUTHENTICATE = "Proxy-Authenticate"; 180 /** The HTTP {@code Refresh} header field name. Non-standard header supported by most browsers. */ 181 public static final String REFRESH = "Refresh"; 182 /** The HTTP {@code Retry-After} header field name. */ 183 public static final String RETRY_AFTER = "Retry-After"; 184 /** The HTTP {@code Server} header field name. */ 185 public static final String SERVER = "Server"; 186 /** The HTTP {@code Set-Cookie} header field name. */ 187 public static final String SET_COOKIE = "Set-Cookie"; 188 /** The HTTP {@code Set-Cookie2} header field name. */ 189 public static final String SET_COOKIE2 = "Set-Cookie2"; 190 /** 191 * The HTTP <a href="http://tools.ietf.org/html/rfc6797#section-6.1"> 192 * {@code Strict-Transport-Security}</a> header field name. 193 * 194 * @since 15.0 195 */ 196 public static final String STRICT_TRANSPORT_SECURITY = "Strict-Transport-Security"; 197 /** 198 * The HTTP <a href="http://www.w3.org/TR/resource-timing/#cross-origin-resources"> 199 * {@code Timing-Allow-Origin}</a> header field name. 200 * 201 * @since 15.0 202 */ 203 public static final String TIMING_ALLOW_ORIGIN = "Timing-Allow-Origin"; 204 /** The HTTP {@code Trailer} header field name. */ 205 public static final String TRAILER = "Trailer"; 206 /** The HTTP {@code Transfer-Encoding} header field name. */ 207 public static final String TRANSFER_ENCODING = "Transfer-Encoding"; 208 /** The HTTP {@code Vary} header field name. */ 209 public static final String VARY = "Vary"; 210 /** The HTTP {@code WWW-Authenticate} header field name. */ 211 public static final String WWW_AUTHENTICATE = "WWW-Authenticate"; 212 213 // Common, non-standard HTTP header fields 214 215 /** The HTTP {@code DNT} header field name. */ 216 public static final String DNT = "DNT"; 217 /** The HTTP {@code X-Content-Type-Options} header field name. */ 218 public static final String X_CONTENT_TYPE_OPTIONS = "X-Content-Type-Options"; 219 /** The HTTP {@code X-Do-Not-Track} header field name. */ 220 public static final String X_DO_NOT_TRACK = "X-Do-Not-Track"; 221 /** The HTTP {@code X-Forwarded-For} header field name. */ 222 public static final String X_FORWARDED_FOR = "X-Forwarded-For"; 223 /** The HTTP {@code X-Forwarded-Proto} header field name. */ 224 public static final String X_FORWARDED_PROTO = "X-Forwarded-Proto"; 225 /** The HTTP {@code X-Frame-Options} header field name. */ 226 public static final String X_FRAME_OPTIONS = "X-Frame-Options"; 227 /** The HTTP {@code X-Powered-By} header field name. */ 228 public static final String X_POWERED_BY = "X-Powered-By"; 229 /** 230 * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning"> 231 * {@code Public-Key-Pins}</a> header field name. 232 * 233 * @since 15.0 234 */ 235 @Beta 236 public static final String PUBLIC_KEY_PINS = "Public-Key-Pins"; 237 /** 238 * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning"> 239 * {@code Public-Key-Pins-Report-Only}</a> header field name. 240 * 241 * @since 15.0 242 */ 243 @Beta 244 public static final String PUBLIC_KEY_PINS_REPORT_ONLY = "Public-Key-Pins-Report-Only"; 245 /** The HTTP {@code X-Requested-With} header field name. */ 246 public static final String X_REQUESTED_WITH = "X-Requested-With"; 247 /** The HTTP {@code X-User-IP} header field name. */ 248 public static final String X_USER_IP = "X-User-IP"; 249 /** The HTTP {@code X-XSS-Protection} header field name. */ 250 public static final String X_XSS_PROTECTION = "X-XSS-Protection"; 251} 252