Best IT Recipes

Content-Length header with HEAD requests?

The http spec says the HEAD request:

The HEAD method is identical to GET, except that the server SHOULD NOT return the message body in response. The metadata contained in the HTTP headers in response to the HEAD request MUST be identical to the information sent in response to the GET request.

If the response to the HEAD request contains a Content-Length header? Should this be the value to be returned in the GET request, even if there is no response body? Or if Content-Length is 0?

+55
rest
04 Oct '10 at 11:35
source share
5 answers

It seems to me that the HTTP 1.1 RFC is pretty specific:

The content-length field of the object header indicates the size of the object’s body, in decimal value the number of OCTETs sent to the recipient, or in the case of the HEAD method, the size of the body of the person who was sent, the request was GET .

+36
Sep 20 '13 at 20:56 on
source share

Section 14.13 of the HTTP / 1.1 specification contains a detailed Content-Length header and says the following:

Applications SHOULD use this field to indicate the transmission length of the message body, unless prohibited by the rules in section 4.4.

The word “SHOULD” has a very specific meaning in the RFC :

  1. SHOULD This word or the adjective “RECOMMENDED” means that in certain circumstances there may be reasonable reasons to ignore a particular subject, but all the consequences must be understood and carefully considered before choosing another course.

Thus, you may not always see Content-Length. Normally, you may not see it for any content that is dynamically generated, as it may be too expensive to serve a HEAD search query. For example, a HEAD request for Apache for a static file will contain Content-Length, but a request for a PHP script may not be.

For example, try this website ...

 telnet stackoverflow.com 80 HEAD / HTTP/1.0 Host:stackoverflow.com HTTP/1.1 200 OK Date: Mon, 11 Jan 2016 10:58:25 GMT Content-Type: text/html; charset=utf-8 Connection: close Set-Cookie: __cfduid=c2eb4742a1e02d89cab0402220736c0bd1452509905; expires=Tue, 10-Jan-17 10:58:25 GMT; path=/; domain=.stackoverflow.com; HttpOnly Cache-Control: public, no-cache="Set-Cookie", max-age=36 Expires: Mon, 11 Jan 2016 10:59:02 GMT Last-Modified: Mon, 11 Jan 2016 10:58:02 GMT Vary: * X-Frame-Options: SAMEORIGIN X-Request-Guid: 487e80bc-3783-4cfd-d883-a3bc84253234 Set-Cookie: prov=8dc24306-c067-45eb-bf5d-cffa855c2b03; domain=.stackoverflow.com; expires=Fri, 01-Jan-2055 00:00:00 GMT; path=/; HttpOnly Server: cloudflare-nginx CF-RAY: 26303c15f8e035a2-LHR

No content.

+38
Oct 04 '10 at 11:57
source share

Yes, the Content-Length HEAD response SHOULD , but not always (see @Paul answer ), include the Content-Length value of the GET response:

Stack overflow does:

 > telnet stackoverflow.com 80 HEAD / HTTP/1.1 Host: stackoverflow.com HTTP/1.1 200 OK Cache-Control: public, max-age=60 Content-Length: 362245 <-------- Content-Type: text/html; charset=utf-8 Expires: Mon, 04 Oct 2010 11:51:49 GMT Last-Modified: Mon, 04 Oct 2010 11:50:49 GMT Vary: * Date: Mon, 04 Oct 2010 11:50:49 GMT

Google does not:

 > telnet www.google.com 80 HEAD / HTTP/1.1 Host: www.google.ie HTTP/1.1 200 OK Date: Mon, 04 Oct 2010 11:55:36 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=ISO-8859-1 Server: gws X-XSS-Protection: 1; mode=block Transfer-Encoding: chunked
+13
Oct 04 '10 at
source share

The W3C HTTP specification states:

If the values ​​of the new field indicate that the cached object is different from the current object (as indicated in the Content-Length change, ...

Which (for me) means that it should contain the "correct" value, as in the GET answer.

+8
04 Oct 2018-10-10T00:
source share

Against the accepted answer, section 4.3.2 of RFC 7231 states:

The server MUST send the same header fields in response to a HEAD request that would be sent if the request was GET, except that the payload header fields (section 3.3)

- i.e. Content-Length, Content-Range, Trailer and Transfer-Encoding -

MAY be omitted.

This is even weaker than the note SHOULD be answered by Paul Dixon

  1. MAY This word or the adjective "ADDITIONAL" means that the item is truly optional. One supplier may choose an item because a particular market requires it or because the seller feels that he is improving the product, while another supplier may omit the same item.

So, the real answer: you do not need to include Content-Length, but if you do, you must specify the correct value.

+3
Feb 10 '17 at 23:12
source share


More articles:


All Articles