Rectangle 27 17

You should see the Content-Length is smaller than ntCoent-Length in cases where Content-Encoding:gzip or similar

Thats is what I thought it was used for. Good to get it clarified. Is this common practice?

I cant find this documented in any RFC, though it shows in all response headers.

Sign up for our newsletter and get our top new questions delivered to your inbox (see an example).

HTTP Header - ntCoent-Length - Stack Overflow

http http-headers
Rectangle 27 17

You should see the Content-Length is smaller than ntCoent-Length in cases where Content-Encoding:gzip or similar

Thats is what I thought it was used for. Good to get it clarified. Is this common practice?

I cant find this documented in any RFC, though it shows in all response headers.

HTTP Header - ntCoent-Length - Stack Overflow

http http-headers
Rectangle 27 156

The Content-Length entity-header field indicates the size of the entity-body,
in decimal number of OCTETs, sent to the recipient or, in the case of the HEAD
method, the size of the entity-body that would have been sent had the request
been a GET.

It doesn't matter what the content-type is.

Combine this answer with the answer from Tom Cabanski and you have all the information you need. In case of text you can count the number of characters since ASCII is 8 bit.

@hcpl: but text is not necessarily always ASCII, also ASCII is 7-bit, not 8.

Replace ASCII with whatever encoding you're using and look up the number of bits that encoding requires. For the 7 vs 8 bit response; Originally it was 7 bit indeed so you're right again. But today 8 bits are used in most (if not all) cases because of the way computer memory is organized. edit: Rereading my answer I see where you're going. I should rephrase my original comment.

@hcpl: the entire reason why the bytes vs. characters issue is significant is due to variable width encodings like UTF-8 and UTF-16 where the "number of bits" is not fixed.

could you forge this number? like POST a string param with huge length but set your content-length to 1?

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 157

The Content-Length entity-header field indicates the size of the entity-body,
in decimal number of OCTETs, sent to the recipient or, in the case of the HEAD
method, the size of the entity-body that would have been sent had the request
been a GET.

It doesn't matter what the content-type is.

Combine this answer with the answer from Tom Cabanski and you have all the information you need. In case of text you can count the number of characters since ASCII is 8 bit.

@hcpl: but text is not necessarily always ASCII, also ASCII is 7-bit, not 8.

Replace ASCII with whatever encoding you're using and look up the number of bits that encoding requires. For the 7 vs 8 bit response; Originally it was 7 bit indeed so you're right again. But today 8 bits are used in most (if not all) cases because of the way computer memory is organized. edit: Rereading my answer I see where you're going. I should rephrase my original comment.

@hcpl: the entire reason why the bytes vs. characters issue is significant is due to variable width encodings like UTF-8 and UTF-16 where the "number of bits" is not fixed.

could you forge this number? like POST a string param with huge length but set your content-length to 1?

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 31

The Content-Length header is a number denoting an the exact byte length of the HTTP body. The HTTP body starts immediately after the first empty line that is found after the start-line and headers.

Generally the Content-Length header is used for HTTP 1.1 so that the receiving party knows when the current response* has finished, so the connection can be reused for another request.

Alternatively, Content-Length header can be omitted and a chunked Transfer-Encoding header can be used.

If both Content-Length and Transfer-Encoding headers are missing, then at the end of the response the connection must be closed.

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 32

The Content-Length header is a number denoting an the exact byte length of the HTTP body. The HTTP body starts immediately after the first empty line that is found after the start-line and headers.

Generally the Content-Length header is used for HTTP 1.1 so that the receiving party knows when the current response* has finished, so the connection can be reused for another request.

Alternatively, Content-Length header can be omitted and a chunked Transfer-Encoding header can be used.

If both Content-Length and Transfer-Encoding headers are missing, then at the end of the response the connection must be closed.

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 30

One octet is 8 bits. Content-length is the number of octets that the message body represents. share|improve this answer answered Jul 21 '11 at 6:53 itsproject 475512

@ViniciusPires 'byte' is commonly used to describe smallest addressable unit of memory, which is not necessarily 8 bits on all architectures. That is why 'octet' is used to avoid any ambiguity

OCTET

very specific meaning

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 23

The Content-Length entity-header field indicates the size of the entity-body, in decimal number of OCTETs, sent to the recipient or, in the case of the HEAD method, the size of the entity-body that would have been sent had the request been a GET.

Content-Length    = "Content-Length" ":" 1*DIGIT
Content-Length: 3495

Applications SHOULD use this field to indicate the transfer-length of the message-body, unless this is prohibited by the rules in section 4.4.

Any Content-Length greater than or equal to zero is a valid value. Section 4.4 describes how to determine the length of a message-body if a Content-Length is not given.

Note that the meaning of this field is significantly different from the corresponding definition in MIME, where it is an optional field used within the "message/external-body" content-type. In HTTP, it SHOULD be sent whenever the message's length can be determined prior to being transferred, unless this is prohibited by the rules in section 4.4.

My interpretation is that this means the length "on the wire", i.e. the length of the *encoded" content

"On the wire", the length would be altered depending on compression, but it is correct to say the length before being compressed.

Will Content-Length differs on different type of machines like Mac/Linux? OR will it differ while using different client like curl/postman ...?

Assuming all else remains equal (e.g. encoding, compression, etc.) then the content length should be platform independent. This is a header from the server so, assuming it doesn't sniff the user-agent and behave differently, the client shouldn't make any difference.

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 31

One octet is 8 bits. Content-length is the number of octets that the message body represents. share|improve this answer answered Jul 21 '11 at 6:53 itsproject 495513

@ViniciusPires 'byte' is commonly used to describe smallest addressable unit of memory, which is not necessarily 8 bits on all architectures. That is why 'octet' is used to avoid any ambiguity

OCTET

very specific meaning

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 23

The Content-Length entity-header field indicates the size of the entity-body, in decimal number of OCTETs, sent to the recipient or, in the case of the HEAD method, the size of the entity-body that would have been sent had the request been a GET.

Content-Length    = "Content-Length" ":" 1*DIGIT
Content-Length: 3495

Applications SHOULD use this field to indicate the transfer-length of the message-body, unless this is prohibited by the rules in section 4.4.

Any Content-Length greater than or equal to zero is a valid value. Section 4.4 describes how to determine the length of a message-body if a Content-Length is not given.

Note that the meaning of this field is significantly different from the corresponding definition in MIME, where it is an optional field used within the "message/external-body" content-type. In HTTP, it SHOULD be sent whenever the message's length can be determined prior to being transferred, unless this is prohibited by the rules in section 4.4.

My interpretation is that this means the length "on the wire", i.e. the length of the *encoded" content

"On the wire", the length would be altered depending on compression, but it is correct to say the length before being compressed.

Will Content-Length differs on different type of machines like Mac/Linux? OR will it differ while using different client like curl/postman ...?

Assuming all else remains equal (e.g. encoding, compression, etc.) then the content length should be platform independent. This is a header from the server so, assuming it doesn't sniff the user-agent and behave differently, the client shouldn't make any difference.

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 241

Getting header values from the Initial Page Request:

Unfortunately, there isn't an API to give you the HTTP response headers for your initial page request. That was the original question posted here. It has been repeatedly asked, too, because some people would like to get the actual response headers of the original page request without issuing another one.

If an HTTP request is made over AJAX, it is possible to get the response headers with the getAllResponseHeaders() method. It's part of the XMLHttpRequest API. To see how this can be applied, check out the fetchSimilarHeaders() function below. Note that this is a work-around to the problem that won't be reliable for some applications.

myXMLHttpRequest.getAllResponseHeaders();

This will not give you information about the original page request's HTTP response headers, but it could be used to make educated guesses about what those headers were. More on that is described next.

This question was first asked several years ago, asking specifically about how to get at the original HTTP response headers for the current page (i.e. the same page inside of which the javascript was running). This is quite a different question than simply getting the response headers for any HTTP request. For the initial page request, the headers aren't readily available to javascript. Whether the header values you need will be reliably and sufficiently consistent if you request the same page again via AJAX will depend on your particular application.

The following are a few suggestions for getting around that problem.

If the response is largely static and the headers are not expected to change much between requests, you could make an AJAX request for the same page you're currently on and assume that they're they are the same values which were part of the page's HTTP response. This could allow you to access the headers you need using the nice XMLHttpRequest API described above.

function fetchSimilarHeaders (callback) {
    var request = new XMLHttpRequest();
    request.onreadystatechange = function () {
        if (request.readyState === 4) {
            //
            // The following headers may often be similar
            // to those of the original page request...
            //
            if (callback && typeof callback === 'function') {
                callback(request.getAllResponseHeaders());
            }
        }
    };

    //
    // Re-request the same page (document.location)
    // We hope to get the same or similar response headers to those which 
    // came with the current page, but we have no guarantee.
    // Since we are only after the headers, a HEAD request may be sufficient.
    //
    request.open('HEAD', document.location, true);
    request.send(null);
}

This approach will be problematic if you truly have to rely on the values being consistent between requests, since you can't fully guarantee that they are the same. It's going to depend on your specific application and whether you know that the value you need is something that won't be changing from one request to the next.

There are some BOM properties (Browser Object Model) which the browser determines by looking at the headers. Some of these properties reflect HTTP headers directly (e.g. navigator.userAgent is set to the value of the HTTP User-Agent header field). By sniffing around the available properties you might be able to find what you need, or some clues to indicate what the HTTP response contained.

If you control the server side, you can access any header you like as you construct the full response. Values could be passed to the client with the page, stashed in some markup or perhaps in an inlined JSON structure. If you wanted to have every HTTP request header available to your javascript, you could iterate through them on the server and send them back as hidden values in the markup. It's probably not ideal to send header values this way, but you could certainly do it for the specific value you need. This solution is arguably inefficient, too, but it would do the job if you needed it.

RE update: ajax requests were a standard part of web development way back in 2008 as well -_-

3) you could stash them in the http cookie header, too. Then you wouldn't need to change the document markup.

There is a simple way to access the response header elements such as the link element: use document example here: gist.github.com/FunThomas424242/

Accessing the web page's HTTP Headers in JavaScript - Stack Overflow

javascript http http-headers
Rectangle 27 241

Getting header values from the Initial Page Request:

Unfortunately, there isn't an API to give you the HTTP response headers for your initial page request. That was the original question posted here. It has been repeatedly asked, too, because some people would like to get the actual response headers of the original page request without issuing another one.

If an HTTP request is made over AJAX, it is possible to get the response headers with the getAllResponseHeaders() method. It's part of the XMLHttpRequest API. To see how this can be applied, check out the fetchSimilarHeaders() function below. Note that this is a work-around to the problem that won't be reliable for some applications.

myXMLHttpRequest.getAllResponseHeaders();

This will not give you information about the original page request's HTTP response headers, but it could be used to make educated guesses about what those headers were. More on that is described next.

This question was first asked several years ago, asking specifically about how to get at the original HTTP response headers for the current page (i.e. the same page inside of which the javascript was running). This is quite a different question than simply getting the response headers for any HTTP request. For the initial page request, the headers aren't readily available to javascript. Whether the header values you need will be reliably and sufficiently consistent if you request the same page again via AJAX will depend on your particular application.

The following are a few suggestions for getting around that problem.

If the response is largely static and the headers are not expected to change much between requests, you could make an AJAX request for the same page you're currently on and assume that they're they are the same values which were part of the page's HTTP response. This could allow you to access the headers you need using the nice XMLHttpRequest API described above.

function fetchSimilarHeaders (callback) {
    var request = new XMLHttpRequest();
    request.onreadystatechange = function () {
        if (request.readyState === 4) {
            //
            // The following headers may often be similar
            // to those of the original page request...
            //
            if (callback && typeof callback === 'function') {
                callback(request.getAllResponseHeaders());
            }
        }
    };

    //
    // Re-request the same page (document.location)
    // We hope to get the same or similar response headers to those which 
    // came with the current page, but we have no guarantee.
    // Since we are only after the headers, a HEAD request may be sufficient.
    //
    request.open('HEAD', document.location, true);
    request.send(null);
}

This approach will be problematic if you truly have to rely on the values being consistent between requests, since you can't fully guarantee that they are the same. It's going to depend on your specific application and whether you know that the value you need is something that won't be changing from one request to the next.

There are some BOM properties (Browser Object Model) which the browser determines by looking at the headers. Some of these properties reflect HTTP headers directly (e.g. navigator.userAgent is set to the value of the HTTP User-Agent header field). By sniffing around the available properties you might be able to find what you need, or some clues to indicate what the HTTP response contained.

If you control the server side, you can access any header you like as you construct the full response. Values could be passed to the client with the page, stashed in some markup or perhaps in an inlined JSON structure. If you wanted to have every HTTP request header available to your javascript, you could iterate through them on the server and send them back as hidden values in the markup. It's probably not ideal to send header values this way, but you could certainly do it for the specific value you need. This solution is arguably inefficient, too, but it would do the job if you needed it.

RE update: ajax requests were a standard part of web development way back in 2008 as well -_-

3) you could stash them in the http cookie header, too. Then you wouldn't need to change the document markup.

There is a simple way to access the response header elements such as the link element: use document example here: gist.github.com/FunThomas424242/

Accessing the web page's HTTP Headers in JavaScript - Stack Overflow

javascript http http-headers
Rectangle 27 6

The most common use of POST, by far, is to submit HTML form data to CGI scripts. In this case, the Content-Type: header is usually application/x-www-form-urlencoded, and the Content-Length: header gives the length of the URL-encoded form data (here's a note on URL-encoding). The CGI script receives the message body through STDIN, and decodes it. Here's a typical form submission, using POST:

POST /path/script.cgi HTTP/1.0
From: frog@jmarshall.com
User-Agent: HTTPTool/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 32

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 6

The most common use of POST, by far, is to submit HTML form data to CGI scripts. In this case, the Content-Type: header is usually application/x-www-form-urlencoded, and the Content-Length: header gives the length of the URL-encoded form data (here's a note on URL-encoding). The CGI script receives the message body through STDIN, and decodes it. Here's a typical form submission, using POST:

POST /path/script.cgi HTTP/1.0
From: frog@jmarshall.com
User-Agent: HTTPTool/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 32

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 203

It's the number of bytes of data in the body of the request or response. The body is the part that comes after the blank line below the headers.

Rather than "request or response", isn't it "the body of the response" ONLY? The request doesn't have a blank line between header and data.

can I change the HTTP response header content length filed in a java filter

@ajfbiw.s Consider a http post request. "The presence of a message-body in a request is signaled by the inclusion of a Content-Length or Transfer-Encoding header field in the request's message-headers. " from w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.3

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 205

It's the number of bytes of data in the body of the request or response. The body is the part that comes after the blank line below the headers.

Rather than "request or response", isn't it "the body of the response" ONLY? The request doesn't have a blank line between header and data.

can I change the HTTP response header content length filed in a java filter

@ajfbiw.s Consider a http post request. "The presence of a message-body in a request is signaled by the inclusion of a Content-Length or Transfer-Encoding header field in the request's message-headers. " from w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.3

What's the "Content-Length" field in HTTP header? - Stack Overflow

http-headers
Rectangle 27 23

A request with If-Modified-Since only makes sense if the client already has a resource which is obtained along with a response that has a Last-Modified header in combination with headers which allow browser caching like a Cache-Control and/or Pragma value containing public.

Also, I've noticed that some browsers does not include If-Modified-Since when the original response also contained an ETag header. The browser will instead use If-None-Match to test it.

-1 for spinning the old story about the pragma header

@symc: which is still very valid in combination with some old proxies. It's only beyond me how mentioning that would potentially influence the OP's concrete issue negatively :) Have had a bad day?

php - Understand If-Modified-Since HTTP Header - Stack Overflow

php http cache-control outputcache if-modified-since
Rectangle 27 23

A request with If-Modified-Since only makes sense if the client already has a resource which is obtained along with a response that has a Last-Modified header in combination with headers which allow browser caching like a Cache-Control and/or Pragma value containing public.

Also, I've noticed that some browsers does not include If-Modified-Since when the original response also contained an ETag header. The browser will instead use If-None-Match to test it.

-1 for spinning the old story about the pragma header

@symc: which is still very valid in combination with some old proxies. It's only beyond me how mentioning that would potentially influence the OP's concrete issue negatively :) Have had a bad day?

php - Understand If-Modified-Since HTTP Header - Stack Overflow

php http cache-control outputcache if-modified-since
Rectangle 27 82

According to RFC 2616 section 13.3.4, an HTTP 1.1 Client MUST use the ETag in any cache-conditional requests, and if both an ETag and Last Modified are present, it SHOULD use both. The ETag header is considered a strong validator (see section 13.3.3), unless explicitly declared weak by the server, whereas the Last Modified header is considered weak unless at least a minute difference exists between it and the Date header. Note, however that the Server is not required to send either (but it SHOULD, if it can).

Note that the Client does not check the headers to see if they have changed; it just blindly uses them in the next conditional request; it is up to the Server to evaluate whether to send the requested content or a 304 Not Modified response. If the Server only sends one, then the Client will use that one alone (although, only strong validators are useful for a Range request). Of course, it is also at the discretion of intermediate caches (unless they have been prevented from caching via Cache Control directives) and the Server as to how they will act upon the headers; the RFC states that they MUST NOT return a 304 Not Modified if the validators are inconsisent, but since the header values are generated by the server, it has quite a bit of leeway.

In practice, I have noticed that Chrome, FireFox, and IE 7+ all send both headers, if available. I also tested the behavior when sending modified headers, which I had already suspected from the information in the RFC. The four clients I tested only sent conditional requests if the page(s) were refreshed or if it was the first time the page had been requested by the current process.

Great answer, Thomas. Thanks for providing the official spec and discussing current browser implementations.

the server MUST NOT perform the requested method, unless required to do so because the resource's modification date fails to match that supplied in an If-Modified-Since header field in the request.

caching - What takes precedence: the ETag or Last-Modified HTTP header...

http caching last-modified etag
Rectangle 27 791

header
header('Content-Type: text/html; charset=utf-8');

Note to call this function before any output has been sent to the client. Otherwise the header has been sent too and you obviously cant change it any more. You can check that with headers_sent. See the manual page of header for more information.

Oh that was a lot simplier than I thought!! Thanks

I would only add that when you set the HTTP header correctly like this, you do not need the <meta> tag at all anymore.

@Jon: I would use both. The HTTP-equivalent META is used when the HTML document is not loaded via HTTP (e.g. from disk).

This will only work if your executing php, to do it for static pages, you should save your html file AS utf-8. Doing so will add the BOM character utf-8 encoded to the beginning of the file. bytes 0xEF, 0xBB, 0xBF added to the beginning of the file. Most web servers will notice this and apply the appropriate header. In fact saving your php file as utf-8, would accomplish the same thing.

@Jeremy Walton: That the UTF-8 BOM is added does not happen necessarily. In fact, its not even necessary for UTF-8 as it only has one byte order (but it could be used to identify UTF-8).

@Gumbo: sure, I am simplifying here and targeting the by far most common web scenario (the question seems to talk about this scenario). Taking into account the apparent level of the question, why do something when you don't even understand what the advantages it may someday provide are?

html - Set HTTP header to UTF-8 using PHP - Stack Overflow

php html http-headers