| CARVIEW |
Select Language
HTTP/2 302
x-cloud-trace-context: 8e22cf65043025e0a1eb9f7f7a4d4499
location: /en-US/docs/Glossary/Response_header
via: 1.1 google, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
cache-control: no-store
server: Google Frontend
content-type: text/plain; charset=utf-8
date: Thu, 25 Dec 2025 09:25:36 GMT
x-served-by: cache-bfi-krnt7300021-BFI, cache-bfi-krnt7300043-BFI, cache-sin-wsat1880087-SIN, cache-bom-vanm7210042-BOM
x-cache: MISS, MISS, MISS, MISS
x-cache-hits: 0, 0, 0, 0
x-timer: S1766654736.253340,VS0,VE292
vary: Accept
content-length: 58
HTTP/2 200
x-guploader-uploadid: AHVrFxNqZO_3wwy37dvw2gaOErl3mDNkfL7akut-h_eC0by3lGCr6-pnR72lUESUbUXOMkin
cache-control: public, max-age=3600
x-goog-hash: crc32c=nsAZ0A==, md5=giC5X+pS2Fut4yIbNilKtw==
x-cloud-trace-context: 221263484008f61527da2f6b8a1a6857
x-frame-options: DENY
via: 1.1 google, 1.1 varnish, 1.1 varnish, 1.1 varnish
server: Google Frontend
expires: Thu, 25 Dec 2025 07:49:59 GMT
last-modified: Thu, 25 Dec 2025 01:05:00 GMT
x-goog-stored-content-length: 175414
x-goog-metageneration: 1
strict-transport-security: max-age=63072000
x-goog-meta-goog-reserved-file-mtime: 1766623290
x-content-type-options: nosniff
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
origin-trial: AxVILwizhbMjxFeHOn1P3R8niO1RJY/smaK4B4d1rLzc1gTaxtXMSaTi+FoigYgCw40uFRDwFcEAeqDR+vVLOW4AAABfeyJvcmlnaW4iOiJodHRwczovL2RldmVsb3Blci5tb3ppbGxhLm9yZyIsImZlYXR1cmUiOiJQcml2YXRlQXR0cmlidXRpb25WMiIsImV4cGlyeSI6MTc0MjA3OTYwMH0=
content-type: text/html
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; script-src 'report-sample' 'self' 'wasm-unsafe-eval' https://www.google-analytics.com/analytics.js https://*.googletagmanager.com assets.codepen.io production-assets.codepen.io https://js.stripe.com 'sha256-XNBp89FG76amD8BqrJzyflxOF9PaWPqPqvJfKZPCv7M=' 'sha256-YCNoU9DNiinACbd8n6UPyB/8vj0kXvhkOni9/06SuYw=' 'sha256-PZjP7OR6mBEtnvXIZfCZ5PuOlxoDF1LDZL8aj8c42rw='; script-src-elem 'report-sample' 'self' 'wasm-unsafe-eval' https://www.google-analytics.com/analytics.js https://*.googletagmanager.com assets.codepen.io production-assets.codepen.io https://js.stripe.com 'sha256-XNBp89FG76amD8BqrJzyflxOF9PaWPqPqvJfKZPCv7M=' 'sha256-YCNoU9DNiinACbd8n6UPyB/8vj0kXvhkOni9/06SuYw=' 'sha256-PZjP7OR6mBEtnvXIZfCZ5PuOlxoDF1LDZL8aj8c42rw='; style-src 'report-sample' 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' developer.allizom.org bcd.developer.allizom.org bcd.developer.mozilla.org updates.developer.allizom.org updates.developer.mozilla.org https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://incoming.telemetry.mozilla.org https://observatory-api.mdn.allizom.net https://observatory-api.mdn.mozilla.net https://api.github.com/search/issues stats.g.doubleclick.net https://api.stripe.com; font-src 'self'; frame-src 'self' mdn.github.io *.mdnplay.dev *.mdnyalp.dev *.play.test.mdn.allizom.net https://v2.scrimba.com https://scrimba.com jsfiddle.net www.youtube-nocookie.com codepen.io survey.alchemer.com https://js.stripe.com; img-src 'self' data: *.githubusercontent.com *.googleusercontent.com *.gravatar.com mozillausercontent.com firefoxusercontent.com profile.stage.mozaws.net profile.accounts.firefox.com developer.mozilla.org mdn.dev wikipedia.org upload.wikimedia.org https://mdn.github.io/shared-assets/ https://mdn.dev/ https://*.google-analytics.com https://*.googletagmanager.com www.gstatic.com; manifest-src 'self'; media-src 'self' archive.org videos.cdn.mozilla.net https://mdn.github.io/shared-assets/; child-src 'self'; worker-src 'self';
etag: "8220b95fea52d85bade3221b36294ab7"
x-goog-generation: 1766624700148587
content-encoding: gzip
accept-ranges: bytes
age: 0
date: Thu, 25 Dec 2025 09:25:36 GMT
x-served-by: cache-sin-wsat1880056-SIN, cache-sin-wsat1880056-SIN, cache-bom-vanm7210042-BOM
x-cache: MISS, HIT, MISS
x-cache-hits: 0, 0, 0
x-timer: S1766654737.564662,VS0,VE329
vary: Accept-Encoding
content-length: 25172
Response header - Glossary | MDN
Toggle sidebar
Response header
A response header is an HTTP header that can be used in an HTTP response and that doesn't relate to the content of the message. Response headers, like Age, Location or Server are used to give a more detailed context of the response.
Not all headers appearing in a response are categorized as response headers by the specification. For example, the Content-Type header is a representation header indicating the original type of data in the body of the response message (prior to the encoding in the Content-Encoding representation header being applied). However, "conversationally" all headers are usually referred to as response headers in a response message.
The following shows a few response and representation headers after a GET request.
http
200 OK
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Jul 2016 16:06:00 GMT
ETag: "c561c68d0ba92bbeb8b0f612a9199f722e3a621a"
Keep-Alive: timeout=5, max=997
Last-Modified: Mon, 18 Jul 2016 02:36:04 GMT
Server: Apache
Set-Cookie: my-key=my value; expires=Mon, 17-Jul-2017 16:06:00 GMT; Max-Age=31449600; Path=/; secure
Transfer-Encoding: chunked
Vary: Cookie, Accept-Encoding
X-Backend-Server: developer2.webapp.scl3.mozilla.com
X-Cache-Info: not cacheable; meta data too large
X-kuma-revision: 1085259
x-frame-options: DENY
See also
- List of all HTTP headers
- Related glossary terms: