7 Minute read
| Introduction
REST API is an API that conforms to the design principles of the REST, or representational state transfer architectural style. REST API is a method of accessing web services with a flexible approach without having any processing. In it, a request is sent from client to server in the form of web URL as HTTP GET/POST/PUT or DELETE request. After that, a response comes back from server in the form of a resource which can be HTML, XML, Image or JSON with JSON being the most popular format being used in Web Services. A Rest API can be better understood with the illustration given as below:
| HTTP Headers
The HTTP headers are used to transfer additional information between the clients and the server with the help of the request and response headers. It should be noted that the headers are case-insensitive, header fields are separated by colon, and key-value pairs are in clear-text string format. The end of the header section is denoted by an empty field header. There are a few header fields that can contain comments and a few headers can contain quality(q) key-value pairs that are separated by an equal (=) sign.
Context-wise, there are 4 types of HTTP headers. They are as follows:
- General Header: These types of headers are applicable for both Request and Response headers without affecting the database body.
- Request Header: This type of header contains information about the fetched request by the client.
- Response Header: This type of header contains the location of the source that has been requested by the client.
- Entity Header: This type of header contains information about the body of the resources like MIME type and Content-length.
Some examples of headers with their corresponding features are described below:
Header | Description |
Authorization | used to request restricted documents |
Proxy-Authenticate | A response header that gives access to a resource file by defining an authorization method. It allows the proxy server to transmit the request further by authenticating it. |
Proxy-Authorization | A"grant_type=client_credentials&client_id=abcdefg@75f.io&client_secret=xyz@0869" request type of header. This header contains the credentials to authenticate between the user agent and the user-specified server. |
WWW-Authenticate | A response header that defines the authentication method. It should be used to gain access to a resource. |
| Caching
Header | Description |
Age | a response header. It defines the times in seconds of control that have been in the proxy cache. |
Cache control | a general type header used to specify directives for caching mechanisms. |
Clear-Site-Data | a response-type header, used in deleting the browsing data which is in the requesting website. |
Expires | a response-type header, it is used to define date/time after after that time that vanishes. |
Pragma | a general-type header, but response behavior is not specified and thus implementation-specific. |
Warnings | a general type header that is used to inform possible problems to the client. |
| Content Negotiation
Header | Description |
Accept | a request type header. The Accept header is used to inform the server by the client that which content type is understandable by the client expressed as MIME-types. |
Accept-charset | a request type header which is used to indicate what character sets are acceptable for the response from the server. |
Accept-Encoding | a response-type header. It is usually a comparison algorithm of request header. All the HTTP client used to tell the server which encoding or encoding it supports. |
Accept-Language | a request-type header that tells the server about all the languages that the client can understand. |
| Message Body Information
Header | Description |
Content-Length | a response type header. It is used to indicate the size of entity-body in decimal no of octets i.e. bytes and sent it to the recipient. It is a forbidden header name. |
Content-Type | an entity type header. It is used to indicate the media type of the resource. The media type is a string sent along with the file indicating the format of the file. |
Content-Encoding | a response type header. It is used to compress the media type. It informers the server which encoding the user will supported. |
Content-Language | an entity type header. It is used to define, which language speaker document is intended to. It doesn’t define the language of the document. |
Content-Location | It is an entity type header that gives another location for the data that is returned and also tells how to access the resource by indicating the direct URL. |
| Accept Request
The Accept request HTTP header advertises which content types, expressed as MIME types, the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Type response header.
| MIME Type
MIME types—also sometimes called Internet media types or Content-types—describe the media type of content either contained in email or served by web servers or web applications and are intended to help guide a web browser to correctly process and display the content. Examples of MIME types are: text/html for normal web pages.
Syntax
Accept: <MIME_type>/<MIME_subtype>
Accept: <MIME_type>/*
Accept: */*
// Multiple types, weighted with the quality value syntax:
Accept: text/html, application/xhtml+xml, application/xml;q=0.9, image/webp, */*;q=0.8
| Directives
<MIME_type>/<MIME_subtype>
A single, precise MIME type, like text/html.
<MIME_type>/*
A MIME type, but without a subtype. image/* corresponds to image/png, image/svg, image/gif, and other image types.
*/*
Any MIME type
;q= (q-factor weighting)
A value used is placed in an order of preference expressed using a relative quality value called the weight.
Example:
| Content Type
The content-type representation header is used to indicate the original media type of the resource (prior to any content encoding applied for sending).
In responses, a Content-Type header provides the client with the actual content type of the returned content. This header's value may be ignored, for example when browsers perform MIME sniffing; set the X-Content-Type-Options header value to nosniff to prevent this behavior.
In requests, (such as POST or PUT), the client tells the server what type of data is actually sent.
Syntax
Content-Type: text/html; charset=UTF-8
Content-Type: multipart/form-data; boundary=something
Directives
media-type
The MIME type of the resource or the data.
charset
The character encoding standard.
boundary
For multipart entities the boundary directive is required. The directive consists of 1 to 70 characters from a set of characters (and not ending with white space) known to be very robust through email gateways. It is used to encapsulate the boundaries of the multiple parts of the message. Often, the header boundary is prepended with two dashes and the final boundary has two dashes appended at the end.
Examples
Content Type in HTML Forms
| What is the difference between Content-type and Accept header?
The content type is always about the content of the current request or response. So if your request has no payload, you don't use a content-type request header. Accept header is used by HTTP clients to tell the server which type of content they expect/prefer as the response.
| 413 Payload Too Large
The HTTP 413 Payload Too Large response status code indicates that the request entity is larger than limits defined by server; the server might close the connection or return a Retry-After header field. It occurs when the size of a client’s request exceeds the server’s file size limit. This typically happens when a client attempts to upload a large file to a web server, and the server responds with a 413 error to alert the client.
Comments
0 comments
Please sign in to leave a comment.