1 /* 2 * Copyright (C) 2011 The Guava Authors 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except 5 * in compliance with the License. You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software distributed under the License 10 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express 11 * or implied. See the License for the specific language governing permissions and limitations under 12 * the License. 13 */ 14 15 package com.google.common.net; 16 17 import com.google.common.annotations.Beta; 18 import com.google.common.annotations.GwtCompatible; 19 20 /** 21 * Contains constant definitions for the HTTP header field names. See: 22 * 23 * <ul> 24 * <li><a href="http://www.ietf.org/rfc/rfc2109.txt">RFC 2109</a> 25 * <li><a href="http://www.ietf.org/rfc/rfc2183.txt">RFC 2183</a> 26 * <li><a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a> 27 * <li><a href="http://www.ietf.org/rfc/rfc2965.txt">RFC 2965</a> 28 * <li><a href="http://www.ietf.org/rfc/rfc5988.txt">RFC 5988</a> 29 * </ul> 30 * 31 * @author Kurt Alfred Kluever 32 * @since 11.0 33 */ 34 @GwtCompatible 35 @ElementTypesAreNonnullByDefault 36 public final class HttpHeaders { HttpHeaders()37 private HttpHeaders() {} 38 39 // HTTP Request and Response header fields 40 41 /** The HTTP {@code Cache-Control} header field name. */ 42 public static final String CACHE_CONTROL = "Cache-Control"; 43 /** The HTTP {@code Content-Length} header field name. */ 44 public static final String CONTENT_LENGTH = "Content-Length"; 45 /** The HTTP {@code Content-Type} header field name. */ 46 public static final String CONTENT_TYPE = "Content-Type"; 47 /** The HTTP {@code Date} header field name. */ 48 public static final String DATE = "Date"; 49 /** The HTTP {@code Pragma} header field name. */ 50 public static final String PRAGMA = "Pragma"; 51 /** The HTTP {@code Via} header field name. */ 52 public static final String VIA = "Via"; 53 /** The HTTP {@code Warning} header field name. */ 54 public static final String WARNING = "Warning"; 55 56 // HTTP Request header fields 57 58 /** The HTTP {@code Accept} header field name. */ 59 public static final String ACCEPT = "Accept"; 60 /** The HTTP {@code Accept-Charset} header field name. */ 61 public static final String ACCEPT_CHARSET = "Accept-Charset"; 62 /** The HTTP {@code Accept-Encoding} header field name. */ 63 public static final String ACCEPT_ENCODING = "Accept-Encoding"; 64 /** The HTTP {@code Accept-Language} header field name. */ 65 public static final String ACCEPT_LANGUAGE = "Accept-Language"; 66 /** The HTTP {@code Access-Control-Request-Headers} header field name. */ 67 public static final String ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers"; 68 /** The HTTP {@code Access-Control-Request-Method} header field name. */ 69 public static final String ACCESS_CONTROL_REQUEST_METHOD = "Access-Control-Request-Method"; 70 /** The HTTP {@code Authorization} header field name. */ 71 public static final String AUTHORIZATION = "Authorization"; 72 /** The HTTP {@code Connection} header field name. */ 73 public static final String CONNECTION = "Connection"; 74 /** The HTTP {@code Cookie} header field name. */ 75 public static final String COOKIE = "Cookie"; 76 /** 77 * The HTTP <a href="https://fetch.spec.whatwg.org/#cross-origin-resource-policy-header">{@code 78 * Cross-Origin-Resource-Policy}</a> header field name. 79 * 80 * @since 28.0 81 */ 82 public static final String CROSS_ORIGIN_RESOURCE_POLICY = "Cross-Origin-Resource-Policy"; 83 /** 84 * The HTTP <a href="https://tools.ietf.org/html/rfc8470">{@code Early-Data}</a> header field 85 * name. 86 * 87 * @since 27.0 88 */ 89 public static final String EARLY_DATA = "Early-Data"; 90 /** The HTTP {@code Expect} header field name. */ 91 public static final String EXPECT = "Expect"; 92 /** The HTTP {@code From} header field name. */ 93 public static final String FROM = "From"; 94 /** 95 * The HTTP <a href="https://tools.ietf.org/html/rfc7239">{@code Forwarded}</a> header field name. 96 * 97 * @since 20.0 98 */ 99 public static final String FORWARDED = "Forwarded"; 100 /** 101 * The HTTP {@code Follow-Only-When-Prerender-Shown} header field name. 102 * 103 * @since 17.0 104 */ 105 @Beta 106 public static final String FOLLOW_ONLY_WHEN_PRERENDER_SHOWN = "Follow-Only-When-Prerender-Shown"; 107 /** The HTTP {@code Host} header field name. */ 108 public static final String HOST = "Host"; 109 /** 110 * The HTTP <a href="https://tools.ietf.org/html/rfc7540#section-3.2.1">{@code HTTP2-Settings} 111 * </a> header field name. 112 * 113 * @since 24.0 114 */ 115 public static final String HTTP2_SETTINGS = "HTTP2-Settings"; 116 /** The HTTP {@code If-Match} header field name. */ 117 public static final String IF_MATCH = "If-Match"; 118 /** The HTTP {@code If-Modified-Since} header field name. */ 119 public static final String IF_MODIFIED_SINCE = "If-Modified-Since"; 120 /** The HTTP {@code If-None-Match} header field name. */ 121 public static final String IF_NONE_MATCH = "If-None-Match"; 122 /** The HTTP {@code If-Range} header field name. */ 123 public static final String IF_RANGE = "If-Range"; 124 /** The HTTP {@code If-Unmodified-Since} header field name. */ 125 public static final String IF_UNMODIFIED_SINCE = "If-Unmodified-Since"; 126 /** The HTTP {@code Last-Event-ID} header field name. */ 127 public static final String LAST_EVENT_ID = "Last-Event-ID"; 128 /** The HTTP {@code Max-Forwards} header field name. */ 129 public static final String MAX_FORWARDS = "Max-Forwards"; 130 /** The HTTP {@code Origin} header field name. */ 131 public static final String ORIGIN = "Origin"; 132 /** 133 * The HTTP <a href="https://github.com/WICG/origin-isolation">{@code Origin-Isolation}</a> header 134 * field name. 135 * 136 * @since 30.1 137 */ 138 public static final String ORIGIN_ISOLATION = "Origin-Isolation"; 139 /** The HTTP {@code Proxy-Authorization} header field name. */ 140 public static final String PROXY_AUTHORIZATION = "Proxy-Authorization"; 141 /** The HTTP {@code Range} header field name. */ 142 public static final String RANGE = "Range"; 143 /** The HTTP {@code Referer} header field name. */ 144 public static final String REFERER = "Referer"; 145 /** 146 * The HTTP <a href="https://www.w3.org/TR/referrer-policy/">{@code Referrer-Policy}</a> header 147 * field name. 148 * 149 * @since 23.4 150 */ 151 public static final String REFERRER_POLICY = "Referrer-Policy"; 152 153 /** 154 * Values for the <a href="https://www.w3.org/TR/referrer-policy/">{@code Referrer-Policy}</a> 155 * header. 156 * 157 * @since 23.4 158 */ 159 public static final class ReferrerPolicyValues { ReferrerPolicyValues()160 private ReferrerPolicyValues() {} 161 162 public static final String NO_REFERRER = "no-referrer"; 163 public static final String NO_REFFERER_WHEN_DOWNGRADE = "no-referrer-when-downgrade"; 164 public static final String SAME_ORIGIN = "same-origin"; 165 public static final String ORIGIN = "origin"; 166 public static final String STRICT_ORIGIN = "strict-origin"; 167 public static final String ORIGIN_WHEN_CROSS_ORIGIN = "origin-when-cross-origin"; 168 public static final String STRICT_ORIGIN_WHEN_CROSS_ORIGIN = "strict-origin-when-cross-origin"; 169 public static final String UNSAFE_URL = "unsafe-url"; 170 } 171 172 /** 173 * The HTTP <a href="https://www.w3.org/TR/service-workers/#update-algorithm">{@code 174 * Service-Worker}</a> header field name. 175 * 176 * @since 20.0 177 */ 178 public static final String SERVICE_WORKER = "Service-Worker"; 179 /** The HTTP {@code TE} header field name. */ 180 public static final String TE = "TE"; 181 /** The HTTP {@code Upgrade} header field name. */ 182 public static final String UPGRADE = "Upgrade"; 183 /** 184 * The HTTP <a href="https://w3c.github.io/webappsec-upgrade-insecure-requests/#preference">{@code 185 * Upgrade-Insecure-Requests}</a> header field name. 186 * 187 * @since 28.1 188 */ 189 public static final String UPGRADE_INSECURE_REQUESTS = "Upgrade-Insecure-Requests"; 190 191 /** The HTTP {@code User-Agent} header field name. */ 192 public static final String USER_AGENT = "User-Agent"; 193 194 // HTTP Response header fields 195 196 /** The HTTP {@code Accept-Ranges} header field name. */ 197 public static final String ACCEPT_RANGES = "Accept-Ranges"; 198 /** The HTTP {@code Access-Control-Allow-Headers} header field name. */ 199 public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers"; 200 /** The HTTP {@code Access-Control-Allow-Methods} header field name. */ 201 public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods"; 202 /** The HTTP {@code Access-Control-Allow-Origin} header field name. */ 203 public static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin"; 204 /** The HTTP {@code Access-Control-Allow-Credentials} header field name. */ 205 public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials"; 206 /** The HTTP {@code Access-Control-Expose-Headers} header field name. */ 207 public static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers"; 208 /** The HTTP {@code Access-Control-Max-Age} header field name. */ 209 public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age"; 210 /** The HTTP {@code Age} header field name. */ 211 public static final String AGE = "Age"; 212 /** The HTTP {@code Allow} header field name. */ 213 public static final String ALLOW = "Allow"; 214 /** The HTTP {@code Content-Disposition} header field name. */ 215 public static final String CONTENT_DISPOSITION = "Content-Disposition"; 216 /** The HTTP {@code Content-Encoding} header field name. */ 217 public static final String CONTENT_ENCODING = "Content-Encoding"; 218 /** The HTTP {@code Content-Language} header field name. */ 219 public static final String CONTENT_LANGUAGE = "Content-Language"; 220 /** The HTTP {@code Content-Location} header field name. */ 221 public static final String CONTENT_LOCATION = "Content-Location"; 222 /** The HTTP {@code Content-MD5} header field name. */ 223 public static final String CONTENT_MD5 = "Content-MD5"; 224 /** The HTTP {@code Content-Range} header field name. */ 225 public static final String CONTENT_RANGE = "Content-Range"; 226 /** 227 * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-header-field">{@code 228 * Content-Security-Policy}</a> header field name. 229 * 230 * @since 15.0 231 */ 232 public static final String CONTENT_SECURITY_POLICY = "Content-Security-Policy"; 233 /** 234 * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-report-only-header-field"> 235 * {@code Content-Security-Policy-Report-Only}</a> header field name. 236 * 237 * @since 15.0 238 */ 239 public static final String CONTENT_SECURITY_POLICY_REPORT_ONLY = 240 "Content-Security-Policy-Report-Only"; 241 /** 242 * The HTTP nonstandard {@code X-Content-Security-Policy} header field name. It was introduced in 243 * <a href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the Firefox until 244 * version 23 and the Internet Explorer version 10. Please, use {@link #CONTENT_SECURITY_POLICY} 245 * to pass the CSP. 246 * 247 * @since 20.0 248 */ 249 public static final String X_CONTENT_SECURITY_POLICY = "X-Content-Security-Policy"; 250 /** 251 * The HTTP nonstandard {@code X-Content-Security-Policy-Report-Only} header field name. It was 252 * introduced in <a href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the 253 * Firefox until version 23 and the Internet Explorer version 10. Please, use {@link 254 * #CONTENT_SECURITY_POLICY_REPORT_ONLY} to pass the CSP. 255 * 256 * @since 20.0 257 */ 258 public static final String X_CONTENT_SECURITY_POLICY_REPORT_ONLY = 259 "X-Content-Security-Policy-Report-Only"; 260 /** 261 * The HTTP nonstandard {@code X-WebKit-CSP} header field name. It was introduced in <a 262 * href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the Chrome until 263 * version 25. Please, use {@link #CONTENT_SECURITY_POLICY} to pass the CSP. 264 * 265 * @since 20.0 266 */ 267 public static final String X_WEBKIT_CSP = "X-WebKit-CSP"; 268 /** 269 * The HTTP nonstandard {@code X-WebKit-CSP-Report-Only} header field name. It was introduced in 270 * <a href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the Chrome until 271 * version 25. Please, use {@link #CONTENT_SECURITY_POLICY_REPORT_ONLY} to pass the CSP. 272 * 273 * @since 20.0 274 */ 275 public static final String X_WEBKIT_CSP_REPORT_ONLY = "X-WebKit-CSP-Report-Only"; 276 /** 277 * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP">{@code 278 * Cross-Origin-Embedder-Policy}</a> header field name. 279 * 280 * @since 30.0 281 */ 282 public static final String CROSS_ORIGIN_EMBEDDER_POLICY = "Cross-Origin-Embedder-Policy"; 283 /** 284 * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP-RO">{@code 285 * Cross-Origin-Embedder-Policy-Report-Only}</a> header field name. 286 * 287 * @since 30.0 288 */ 289 public static final String CROSS_ORIGIN_EMBEDDER_POLICY_REPORT_ONLY = 290 "Cross-Origin-Embedder-Policy-Report-Only"; 291 /** 292 * The HTTP Cross-Origin-Opener-Policy header field name. 293 * 294 * @since 28.2 295 */ 296 public static final String CROSS_ORIGIN_OPENER_POLICY = "Cross-Origin-Opener-Policy"; 297 /** The HTTP {@code ETag} header field name. */ 298 public static final String ETAG = "ETag"; 299 /** The HTTP {@code Expires} header field name. */ 300 public static final String EXPIRES = "Expires"; 301 /** The HTTP {@code Last-Modified} header field name. */ 302 public static final String LAST_MODIFIED = "Last-Modified"; 303 /** The HTTP {@code Link} header field name. */ 304 public static final String LINK = "Link"; 305 /** The HTTP {@code Location} header field name. */ 306 public static final String LOCATION = "Location"; 307 /** 308 * The HTTP {@code Keep-Alive} header field name. 309 * 310 * @since 31.0 311 */ 312 public static final String KEEP_ALIVE = "Keep-Alive"; 313 /** 314 * The HTTP <a href="https://googlechrome.github.io/OriginTrials/#header">{@code Origin-Trial}</a> 315 * header field name. 316 * 317 * @since 27.1 318 */ 319 public static final String ORIGIN_TRIAL = "Origin-Trial"; 320 /** The HTTP {@code P3P} header field name. Limited browser support. */ 321 public static final String P3P = "P3P"; 322 /** The HTTP {@code Proxy-Authenticate} header field name. */ 323 public static final String PROXY_AUTHENTICATE = "Proxy-Authenticate"; 324 /** The HTTP {@code Refresh} header field name. Non-standard header supported by most browsers. */ 325 public static final String REFRESH = "Refresh"; 326 /** 327 * The HTTP <a href="https://www.w3.org/TR/reporting/">{@code Report-To}</a> header field name. 328 * 329 * @since 27.1 330 */ 331 public static final String REPORT_TO = "Report-To"; 332 /** The HTTP {@code Retry-After} header field name. */ 333 public static final String RETRY_AFTER = "Retry-After"; 334 /** The HTTP {@code Server} header field name. */ 335 public static final String SERVER = "Server"; 336 /** 337 * The HTTP <a href="https://www.w3.org/TR/server-timing/">{@code Server-Timing}</a> header field 338 * name. 339 * 340 * @since 23.6 341 */ 342 public static final String SERVER_TIMING = "Server-Timing"; 343 /** 344 * The HTTP <a href="https://www.w3.org/TR/service-workers/#update-algorithm">{@code 345 * Service-Worker-Allowed}</a> header field name. 346 * 347 * @since 20.0 348 */ 349 public static final String SERVICE_WORKER_ALLOWED = "Service-Worker-Allowed"; 350 /** The HTTP {@code Set-Cookie} header field name. */ 351 public static final String SET_COOKIE = "Set-Cookie"; 352 /** The HTTP {@code Set-Cookie2} header field name. */ 353 public static final String SET_COOKIE2 = "Set-Cookie2"; 354 355 /** 356 * The HTTP <a href="http://goo.gl/Dxx19N">{@code SourceMap}</a> header field name. 357 * 358 * @since 27.1 359 */ 360 @Beta public static final String SOURCE_MAP = "SourceMap"; 361 362 /** 363 * The HTTP <a href="http://tools.ietf.org/html/rfc6797#section-6.1">{@code 364 * Strict-Transport-Security}</a> header field name. 365 * 366 * @since 15.0 367 */ 368 public static final String STRICT_TRANSPORT_SECURITY = "Strict-Transport-Security"; 369 /** 370 * The HTTP <a href="http://www.w3.org/TR/resource-timing/#cross-origin-resources">{@code 371 * Timing-Allow-Origin}</a> header field name. 372 * 373 * @since 15.0 374 */ 375 public static final String TIMING_ALLOW_ORIGIN = "Timing-Allow-Origin"; 376 /** The HTTP {@code Trailer} header field name. */ 377 public static final String TRAILER = "Trailer"; 378 /** The HTTP {@code Transfer-Encoding} header field name. */ 379 public static final String TRANSFER_ENCODING = "Transfer-Encoding"; 380 /** The HTTP {@code Vary} header field name. */ 381 public static final String VARY = "Vary"; 382 /** The HTTP {@code WWW-Authenticate} header field name. */ 383 public static final String WWW_AUTHENTICATE = "WWW-Authenticate"; 384 385 // Common, non-standard HTTP header fields 386 387 /** The HTTP {@code DNT} header field name. */ 388 public static final String DNT = "DNT"; 389 /** The HTTP {@code X-Content-Type-Options} header field name. */ 390 public static final String X_CONTENT_TYPE_OPTIONS = "X-Content-Type-Options"; 391 /** 392 * The HTTP <a 393 * href="https://iabtechlab.com/wp-content/uploads/2019/06/VAST_4.2_final_june26.pdf">{@code 394 * X-Device-IP}</a> header field name. Header used for VAST requests to provide the IP address of 395 * the device on whose behalf the request is being made. 396 * 397 * @since 31.0 398 */ 399 public static final String X_DEVICE_IP = "X-Device-IP"; 400 /** 401 * The HTTP <a 402 * href="https://iabtechlab.com/wp-content/uploads/2019/06/VAST_4.2_final_june26.pdf">{@code 403 * X-Device-Referer}</a> header field name. Header used for VAST requests to provide the {@link 404 * #REFERER} header value that the on-behalf-of client would have used when making a request 405 * itself. 406 * 407 * @since 31.0 408 */ 409 public static final String X_DEVICE_REFERER = "X-Device-Referer"; 410 /** 411 * The HTTP <a 412 * href="https://iabtechlab.com/wp-content/uploads/2019/06/VAST_4.2_final_june26.pdf">{@code 413 * X-Device-Accept-Language}</a> header field name. Header used for VAST requests to provide the 414 * {@link #ACCEPT_LANGUAGE} header value that the on-behalf-of client would have used when making 415 * a request itself. 416 * 417 * @since 31.0 418 */ 419 public static final String X_DEVICE_ACCEPT_LANGUAGE = "X-Device-Accept-Language"; 420 /** 421 * The HTTP <a 422 * href="https://iabtechlab.com/wp-content/uploads/2019/06/VAST_4.2_final_june26.pdf">{@code 423 * X-Device-Requested-With}</a> header field name. Header used for VAST requests to provide the 424 * {@link #X_REQUESTED_WITH} header value that the on-behalf-of client would have used when making 425 * a request itself. 426 * 427 * @since 31.0 428 */ 429 public static final String X_DEVICE_REQUESTED_WITH = "X-Device-Requested-With"; 430 /** The HTTP {@code X-Do-Not-Track} header field name. */ 431 public static final String X_DO_NOT_TRACK = "X-Do-Not-Track"; 432 /** The HTTP {@code X-Forwarded-For} header field name (superseded by {@code Forwarded}). */ 433 public static final String X_FORWARDED_FOR = "X-Forwarded-For"; 434 /** The HTTP {@code X-Forwarded-Proto} header field name. */ 435 public static final String X_FORWARDED_PROTO = "X-Forwarded-Proto"; 436 /** 437 * The HTTP <a href="http://goo.gl/lQirAH">{@code X-Forwarded-Host}</a> header field name. 438 * 439 * @since 20.0 440 */ 441 public static final String X_FORWARDED_HOST = "X-Forwarded-Host"; 442 /** 443 * The HTTP <a href="http://goo.gl/YtV2at">{@code X-Forwarded-Port}</a> header field name. 444 * 445 * @since 20.0 446 */ 447 public static final String X_FORWARDED_PORT = "X-Forwarded-Port"; 448 /** The HTTP {@code X-Frame-Options} header field name. */ 449 public static final String X_FRAME_OPTIONS = "X-Frame-Options"; 450 /** The HTTP {@code X-Powered-By} header field name. */ 451 public static final String X_POWERED_BY = "X-Powered-By"; 452 /** 453 * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code 454 * Public-Key-Pins}</a> header field name. 455 * 456 * @since 15.0 457 */ 458 @Beta public static final String PUBLIC_KEY_PINS = "Public-Key-Pins"; 459 /** 460 * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code 461 * Public-Key-Pins-Report-Only}</a> header field name. 462 * 463 * @since 15.0 464 */ 465 @Beta public static final String PUBLIC_KEY_PINS_REPORT_ONLY = "Public-Key-Pins-Report-Only"; 466 /** 467 * The HTTP {@code X-Request-ID} header field name. 468 * 469 * @since 30.1 470 */ 471 public static final String X_REQUEST_ID = "X-Request-ID"; 472 /** The HTTP {@code X-Requested-With} header field name. */ 473 public static final String X_REQUESTED_WITH = "X-Requested-With"; 474 /** The HTTP {@code X-User-IP} header field name. */ 475 public static final String X_USER_IP = "X-User-IP"; 476 /** 477 * The HTTP <a href="https://goo.gl/VKpXxa">{@code X-Download-Options}</a> header field name. 478 * 479 * <p>When the new X-Download-Options header is present with the value {@code noopen}, the user is 480 * prevented from opening a file download directly; instead, they must first save the file 481 * locally. 482 * 483 * @since 24.1 484 */ 485 @Beta public static final String X_DOWNLOAD_OPTIONS = "X-Download-Options"; 486 /** The HTTP {@code X-XSS-Protection} header field name. */ 487 public static final String X_XSS_PROTECTION = "X-XSS-Protection"; 488 /** 489 * The HTTP <a 490 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control">{@code 491 * X-DNS-Prefetch-Control}</a> header controls DNS prefetch behavior. Value can be "on" or "off". 492 * By default, DNS prefetching is "on" for HTTP pages and "off" for HTTPS pages. 493 */ 494 public static final String X_DNS_PREFETCH_CONTROL = "X-DNS-Prefetch-Control"; 495 /** 496 * The HTTP <a href="http://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing"> 497 * {@code Ping-From}</a> header field name. 498 * 499 * @since 19.0 500 */ 501 public static final String PING_FROM = "Ping-From"; 502 /** 503 * The HTTP <a href="http://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing"> 504 * {@code Ping-To}</a> header field name. 505 * 506 * @since 19.0 507 */ 508 public static final String PING_TO = "Ping-To"; 509 510 /** 511 * The HTTP <a 512 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#As_a_server_admin.2C_can_I_distinguish_prefetch_requests_from_normal_requests.3F">{@code 513 * Purpose}</a> header field name. 514 * 515 * @since 28.0 516 */ 517 public static final String PURPOSE = "Purpose"; 518 /** 519 * The HTTP <a 520 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#As_a_server_admin.2C_can_I_distinguish_prefetch_requests_from_normal_requests.3F">{@code 521 * X-Purpose}</a> header field name. 522 * 523 * @since 28.0 524 */ 525 public static final String X_PURPOSE = "X-Purpose"; 526 /** 527 * The HTTP <a 528 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#As_a_server_admin.2C_can_I_distinguish_prefetch_requests_from_normal_requests.3F">{@code 529 * X-Moz}</a> header field name. 530 * 531 * @since 28.0 532 */ 533 public static final String X_MOZ = "X-Moz"; 534 535 /** 536 * The HTTP <a 537 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Device-Memory">{@code 538 * Device-Memory}</a> header field name. 539 * 540 * @since 31.0 541 */ 542 public static final String DEVICE_MEMORY = "Device-Memory"; 543 544 /** 545 * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Downlink">{@code 546 * Downlink}</a> header field name. 547 * 548 * @since 31.0 549 */ 550 public static final String DOWNLINK = "Downlink"; 551 552 /** 553 * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ECT">{@code 554 * ECT}</a> header field name. 555 * 556 * @since 31.0 557 */ 558 public static final String ECT = "ECT"; 559 560 /** 561 * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/RTT">{@code 562 * RTT}</a> header field name. 563 * 564 * @since 31.0 565 */ 566 public static final String RTT = "RTT"; 567 568 /** 569 * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Save-Data">{@code 570 * Save-Data}</a> header field name. 571 * 572 * @since 31.0 573 */ 574 public static final String SAVE_DATA = "Save-Data"; 575 576 /** 577 * The HTTP <a 578 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Viewport-Width">{@code 579 * Viewport-Width}</a> header field name. 580 * 581 * @since 31.0 582 */ 583 public static final String VIEWPORT_WIDTH = "Viewport-Width"; 584 585 /** 586 * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Width">{@code 587 * Width}</a> header field name. 588 * 589 * @since 31.0 590 */ 591 public static final String WIDTH = "Width"; 592 593 /** 594 * The HTTP <a href="https://www.w3.org/TR/permissions-policy-1/">{@code Permissions-Policy}</a> 595 * header field name. 596 * 597 * @since 31.0 598 */ 599 public static final String PERMISSIONS_POLICY = "Permissions-Policy"; 600 601 /** 602 * The HTTP <a 603 * href="https://wicg.github.io/user-preference-media-features-headers/#sec-ch-prefers-color-scheme">{@code 604 * Sec-CH-Prefers-Color-Scheme}</a> header field name. 605 * 606 * <p>This header is experimental. 607 * 608 * @since 31.0 609 */ 610 public static final String SEC_CH_PREFERS_COLOR_SCHEME = "Sec-CH-Prefers-Color-Scheme"; 611 612 /** 613 * The HTTP <a 614 * href="https://www.rfc-editor.org/rfc/rfc8942#name-the-accept-ch-response-head">{@code 615 * Accept-CH}</a> header field name. 616 * 617 * @since 31.0 618 */ 619 public static final String ACCEPT_CH = "Accept-CH"; 620 /** 621 * The HTTP <a 622 * href="https://datatracker.ietf.org/doc/html/draft-davidben-http-client-hint-reliability-03.txt#section-3">{@code 623 * Critical-CH}</a> header field name. 624 * 625 * @since 31.0 626 */ 627 public static final String CRITICAL_CH = "Critical-CH"; 628 629 /** 630 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua">{@code Sec-CH-UA}</a> 631 * header field name. 632 * 633 * @since 30.0 634 */ 635 public static final String SEC_CH_UA = "Sec-CH-UA"; 636 /** 637 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-arch">{@code 638 * Sec-CH-UA-Arch}</a> header field name. 639 * 640 * @since 30.0 641 */ 642 public static final String SEC_CH_UA_ARCH = "Sec-CH-UA-Arch"; 643 /** 644 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-model">{@code 645 * Sec-CH-UA-Model}</a> header field name. 646 * 647 * @since 30.0 648 */ 649 public static final String SEC_CH_UA_MODEL = "Sec-CH-UA-Model"; 650 /** 651 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-platform">{@code 652 * Sec-CH-UA-Platform}</a> header field name. 653 * 654 * @since 30.0 655 */ 656 public static final String SEC_CH_UA_PLATFORM = "Sec-CH-UA-Platform"; 657 /** 658 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-platform-version">{@code 659 * Sec-CH-UA-Platform-Version}</a> header field name. 660 * 661 * @since 30.0 662 */ 663 public static final String SEC_CH_UA_PLATFORM_VERSION = "Sec-CH-UA-Platform-Version"; 664 /** 665 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-full-version">{@code 666 * Sec-CH-UA-Full-Version}</a> header field name. 667 * 668 * @since 30.0 669 */ 670 public static final String SEC_CH_UA_FULL_VERSION = "Sec-CH-UA-Full-Version"; 671 /** 672 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-mobile">{@code 673 * Sec-CH-UA-Mobile}</a> header field name. 674 * 675 * @since 30.0 676 */ 677 public static final String SEC_CH_UA_MOBILE = "Sec-CH-UA-Mobile"; 678 /** 679 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-bitness">{@code 680 * Sec-CH-UA-Bitness}</a> header field name. 681 * 682 * @since 31.0 683 */ 684 public static final String SEC_CH_UA_BITNESS = "Sec-CH-UA-Bitness"; 685 686 /** 687 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-Dest}</a> 688 * header field name. 689 * 690 * @since 27.1 691 */ 692 public static final String SEC_FETCH_DEST = "Sec-Fetch-Dest"; 693 /** 694 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-Mode}</a> 695 * header field name. 696 * 697 * @since 27.1 698 */ 699 public static final String SEC_FETCH_MODE = "Sec-Fetch-Mode"; 700 /** 701 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-Site}</a> 702 * header field name. 703 * 704 * @since 27.1 705 */ 706 public static final String SEC_FETCH_SITE = "Sec-Fetch-Site"; 707 /** 708 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-User}</a> 709 * header field name. 710 * 711 * @since 27.1 712 */ 713 public static final String SEC_FETCH_USER = "Sec-Fetch-User"; 714 /** 715 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Metadata}</a> 716 * header field name. 717 * 718 * @since 26.0 719 */ 720 public static final String SEC_METADATA = "Sec-Metadata"; 721 /** 722 * The HTTP <a href="https://tools.ietf.org/html/draft-ietf-tokbind-https">{@code 723 * Sec-Token-Binding}</a> header field name. 724 * 725 * @since 25.1 726 */ 727 public static final String SEC_TOKEN_BINDING = "Sec-Token-Binding"; 728 /** 729 * The HTTP <a href="https://tools.ietf.org/html/draft-ietf-tokbind-ttrp">{@code 730 * Sec-Provided-Token-Binding-ID}</a> header field name. 731 * 732 * @since 25.1 733 */ 734 public static final String SEC_PROVIDED_TOKEN_BINDING_ID = "Sec-Provided-Token-Binding-ID"; 735 /** 736 * The HTTP <a href="https://tools.ietf.org/html/draft-ietf-tokbind-ttrp">{@code 737 * Sec-Referred-Token-Binding-ID}</a> header field name. 738 * 739 * @since 25.1 740 */ 741 public static final String SEC_REFERRED_TOKEN_BINDING_ID = "Sec-Referred-Token-Binding-ID"; 742 /** 743 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Accept}</a> header 744 * field name. 745 * 746 * @since 28.0 747 */ 748 public static final String SEC_WEBSOCKET_ACCEPT = "Sec-WebSocket-Accept"; 749 /** 750 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Extensions}</a> 751 * header field name. 752 * 753 * @since 28.0 754 */ 755 public static final String SEC_WEBSOCKET_EXTENSIONS = "Sec-WebSocket-Extensions"; 756 /** 757 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Key}</a> header 758 * field name. 759 * 760 * @since 28.0 761 */ 762 public static final String SEC_WEBSOCKET_KEY = "Sec-WebSocket-Key"; 763 /** 764 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Protocol}</a> 765 * header field name. 766 * 767 * @since 28.0 768 */ 769 public static final String SEC_WEBSOCKET_PROTOCOL = "Sec-WebSocket-Protocol"; 770 /** 771 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Version}</a> header 772 * field name. 773 * 774 * @since 28.0 775 */ 776 public static final String SEC_WEBSOCKET_VERSION = "Sec-WebSocket-Version"; 777 /** 778 * The HTTP <a href="https://tools.ietf.org/html/rfc8586">{@code CDN-Loop}</a> header field name. 779 * 780 * @since 28.0 781 */ 782 public static final String CDN_LOOP = "CDN-Loop"; 783 } 784