HTTP::Promise::Headers - HTTP Headers Class
use HTTP::Promise::Headers; my $h = HTTP::Promise::Headers->new || die( HTTP::Promise::Headers->error, "\n" );
v0.2.0
This class uses for the most part an XS module (HTTP::XSHeaders) to be very fast, and yet provides a convenient and versatile interface to retrieve and manipulate HTTP headers.
A number of classes has been created to have a more granular control on the creation of some header values. See "SEE ALSO"
All HTTP headers known today have their corresponding method that can be used to easily get or set their corresponding header value.
This instantiates a new HTTP::Promise::Headers object. You might pass some initial attribute-value pairs as parameters to the constructor.
For example:
$h = HTTP::Headers->new( Date => 'Mon, 09 May 2022 09:00:00 GMT', Content_Type => 'text/html; charset=utf-8; version=5.0', Content_Base => 'http://www.example.org/' );
The constructor arguments are passed to the "header" method described below.
This is an alias for "push_header"
Provided with an optional EOL to be used as End-Of-Line character, and this will return a string representation of the headers. EOL defaults to \015\012. Embedded "\n" characters in header field values will be substituted with this line ending sequence.
EOL
\015\012
This uses "scan" internally and use header field case as suggested by HTTP specifications. It will also follow recommended "Good Practice" of ordering the header fields. Long header values are not folded.
This is a convenience method around the "authorization" method for the Authorization header using the "Basic Authentication Scheme".
Authorization
To set the related header value, you provide a login and an optional password, and this will set the Authorization header value and return the current headers object for chaining.
$h->authorization_basic( $user, $password );
If no value is provided, this will get the curent value of the Authorization header field, base64 decode it, and return the decoded string as a scalar object, i.e. something like usernaem:password
usernaem:password
my $str = $h->authorization_basic;
This is a convenience method to set or get the boundary, if any, used for multipart Content-Type
Content-Type
If provided, this will add the boundary parameter with the given value to the Content-Type header field.
boundary
If no value is provided, this returns the current boundary, if any, or an empty string.
This is a convenience method to set or get the charset associated with the Content-Type header field.
If provided, this will add the charset parameter with the given value to the Content-Type header field.
charset
If no value is provided, this returns the current charset, if any, or an empty string.
This will remove all header fields.
Returns a copy of this HTTP::Promise::Headers object.
Returns true if the Content-Type mime-type is textual in nature, i.e. its first half is text, false otherwise. For example: text/plain or text/html
text
text/plain
text/html
Returns true if the Content-Type mime-type is html, such as text/html, false otherwise.
Returns true if the Content-Type mime-type is application/json, false otherwise.
application/json
Returns true if the Content-Type mime-type is application/xhtml+xml or application/vnd.wap.xhtml+xml, false otherwise.
application/xhtml+xml
application/vnd.wap.xhtml+xml
Returns true if the Content-Type mime-type is text/xml or application/xml, or contains the keyword xml, false otherwise.
text/xml
application/xml
xml
This is a legacy method and it returns the upper-cased charset specified in the Content-Type header. In list context return the lower-cased bare content type followed by the upper-cased charset. Both values will be undef if not specified in the header.
undef
This takes a file name from the Content-Disposition header value typically and returns it decoded if it was encoded as per the rfc2231
Content-Disposition
Content-Disposition: form-data; name="fileField"; filename*=UTF-8''%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB.txt my $fname = $h->decode_filename( "UTF-8''%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB.txt" ); or Content-Disposition: form-data; name="fileField"; filename*=UTF-8'ja-JP'%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB.txt my $fname = $h->decode_filename( "UTF-8'ja-JP'%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB.txt" );
or encoded with quoted-printable
Content-Disposition: attachment; filename="=?UTF-8?Q?=E3=83=95=E3=82=A1=E3=82=A4=E3=83=AB.txt?=" my $fname = $h->decode_filename( "=?UTF-8?Q?=E3=83=95=E3=82=A1=E3=82=A4=E3=83=AB.txt?=" );
or encoded with base64
Content-Disposition: attachment; filename="=?UTF-8?B?44OV44Kh44Kk44OrLnR4dAo?=" my $fname = $h->decode_filename( "=?UTF-8?B?44OV44Kh44Kk44OrLnR4dAo?=" );
In the above example, the result for $fname would yield ファイル.txt (i.e. file.txt in Japanese)
$fname
ファイル.txt
Sets or gets the debug value. If positive, this will trigger an output of debugging messages on the STDERR or in the web server log files. Be mindful that this slows down the script, so make sure to switch it off once you are done.
Sets or gets the default mime-type to be used.
This is an alias for "remove_header"
This takes a file name to be used in the Content-Disposition header value, and an optional language iso 639 code (see rfc1766), and if it contains non ascii characters, it will utf-8 encode it and URI escape it according to rfc2231 and return the newly encoded file name.
If the file name did not require any encoding, it will return undef, so you can write something like this:
my $filename = q{マイファイル.txt}; if( my $enc = $h->encode_filename( $filename ) ) { $filename = $enc; # Now $filename is: UTF-8''%E3%83%9E%E3%82%A4%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB.txt }
You can optionally pass a language code argument:
if( my $enc = $h->encode_filename( $filename, 'ja-JP' ) ) { $filename = $enc; # Now $filename is: UTF-8'ja-JP'%E3%83%9E%E3%82%A4%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB.txt }
The Content-Disposition header value would then contain a property filename* (with the trailing wildcard).
filename*
Sets or gets an error and when set, this returns undef. When no argument is provided, this returns the latest error set.
The error returned is actually a HTTP::Promise::Exception object.
Provided with a header field name and this returns true if it exists, or false otherwise.
$h->flatten();
Returns the list of pairs of keys and values.
This is an alias for "header", mainly used without argument.
$h->header( $field ); $h->header( $field => $value ); $h->header( $f1 => $v1, $f2 => $v2, ... );
The following is an extract from the original HTTP::Headers class.
Sets or gets the value of one or more header fields. The header field name ($field) is not case sensitive. To make the life easier for perl users who wants to avoid quoting before the => operator, you can use '_' as a replacement for '-' in header names.
$field
The "header" method accepts multiple field-value ($field = $value>) pairs, which means that you can update several header field values with a single invocation.
$field =
The $value argument may be a plain string or an array reference of strings for a multi-valued field. If the $value is provided as undef then the field is removed.
$value
If the $value is not given, then that header field will remain unchanged. In addition to being a string, $value may be something that stringifies.
The old value (or values) of the last of the header fields is returned. If no such field exists undef will be returned.
A multi-valued field will be returned as separate values in list context and will be concatenated with ", " as separator in scalar context. The HTTP spec (rfc7230 which obsoleted rfc2616) promises that joining multiple values in this way will not change the semantic of a header field, but in practice there are cases like old-style Netscape cookies where "," is used as part of the syntax of a single field value.
Examples:
$h->header( MIME_Version => '1.0', User_Agent => 'My-Web-Client/0.01' ); $h->header( Accept => "text/html, text/plain, image/*" ); $h->header( Accept => [qw( text/html text/plain image/* )] ); @accepts = $h->header( 'Accept' ); # get multiple values $accepts = $h->header( 'Accept' ); # get values as a single string
Returns the list of distinct names for the fields present in the header. The field names have case as suggested by HTTP spec, and the names are returned in the recommended "Good Practice" order.
In scalar context return the number of distinct field names.
$h->init_header( $field => $value );
Set the specified header to the given value, but only if no previous value for that field is set.
The header field name ($field) is not case sensitive and '_' can be used as a replacement for '-'.
The $value argument may be a scalar or a reference to a list of scalars.
Returns a new boundary using Data::UUID
Provided with a header field name and an attribute name separated by a dot, such as content-disposition.filename and this will return the value for that attribute in this header.
content-disposition.filename
If a value is provided, it will be set, otherwise it will be returned.
If no attribute is provided, it will set or get the header field main value.
Content-Disposition: attachment; filename="hello.txt" my $dispo = $h->mime_attr( 'content-disposition' );
will return attachment
attachment
Returns the value of the Content-Encoding, Transfer-Encoding or Content-Transfer-Encoding (the latter only exists in mail, not in HTTP)
Content-Encoding
Transfer-Encoding
Content-Transfer-Encoding
Returns the mime-type from the Content-Type header value, or the one from default_type, if it is set. If nothing is found, this returns an empty string (not undef).
Returns the multipart boundary used, if any, or an empty string otherwise.
my $boundary = $h->multipart_boundary; # or you can provide the Content-Type if you already have it; it will save a few cycle my $boundary = $h->multipart_boundary( $content_type );
Provided with a filehandle, or an HTTP::Promise::IO object and this will print on it the string representation of the headers and return whatever value "print" in perlfunc will return.
$h->push_header( $field => $value ); $h->push_header( $f1 => $v1, $f2 => $v2, ... );
Add a new value for the specified header. Previous values for the same header are retained.
As for the "header" method, the field name ($field) is not case sensitive and '_' can be used as a replacement for '-'.
$header->push_header( Accept => 'image/jpeg' ); $header->push_header( Accept => [ map( "image/$_", qw( gif png tiff ) )] );
This returns the filename set in either Content-Disposition with the filename property or in Content-Type with the name property.
filename
name
If none exists, this returns undef.
This will remove all the headers used to describe the content of a message.
All header field names prefixed with Content- are included in this category, as well as Allow, Expires and Last-Modified. rfc7230 denotes these headers as Entity Header Fields.
Content-
Allow
Expires
Last-Modified
The return value is a new HTTP::Promise::Headers object that contains the removed headers only.
my @values = $h->remove_header( $field, ... ); my $total_values_removed = $h->remove_header( $field, ... );
This function removes the header with the specified names.
The header names ($field) are not case sensitive and '_' can be used as a replacement for '-'.
The return value is the values of the headers removed. In scalar context the number of headers removed is returned.
Note that if you pass in multiple header names then it is generally not possible to tell which of the returned values belonged to which field.
Provided with a header field name and a value and this replace whatever current value with the value provided.
It returns the current object for chaining.
Sets or gets the request timeout. This takes an integer.
$h->scan( \&process_header_field );
Apply a subroutine to each header field in turn. The callback routine is called with two parameters; the name of the field and a single value (a string). If a header field is multi-valued, then the routine is called once for each value. The field name passed to the callback routine has case as suggested by HTTP spec, and the headers will be visited in the recommended "Good Practice" order.
Any return values of the callback routine are ignored. The loop can be broken by raising an exception (die), but the caller of scan() would have to trap the exception itself.
die
This sets or gets the Content-Type header value when setting a value, and returns only the mime-type when retrieving the value.
$h->type( 'text/plain' ); # Assuming Content-Type: text/html; charset=utf-8 my $type = $h->type; # text/html
Provided with a string and this returns an URI-escaped string using URI::Escape::XS
$h->accept( q{text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8} ); $h->accept( [qw( text/html application/xhtml+xml application/xml;q=0.9 */*;q=0.8 )] );
Sets or gets the Accept header field value. It takes either a string or an array or array reference of values.
Accept
See rfc7231, section 5.3.2 and Mozilla documentation
See also HTTP::Promise::Headers::Accept
$h->accept( 'utf-8' );
Sets or gets the Accept-Charset headers field value. It takes a single string value.
Accept-Charset
You should know that the Accept-Charset header is deprecated by HTTP standards and that no modern web browsers is sending nor any modern HTTP server recognising it.
See Mozilla documentation
$h->accept_encoding( 'gzip, deflate, br' ); $h->accept_encoding( [qw( gzip deflate br )] ); $h->accept_encoding( 'br;q=1.0, gzip;q=0.8, *;q=0.1' );
Sets or gets the Accept-Encoding header field value. It takes either a string or an array or array reference of values.
Accept-Encoding
See also HTTP::Promise::Headers::AcceptEncoding to have a more granular control.
Encoding header fields and their nuances:
The encodings accepted by the client.
Contains the encodings that have been applied to the content, before transport
TE
The encodings the user agent accepts.
The encoding applied during transfer, such as chunked
chunked
See rfc7231, section 5.3.4 and Mozilla documentation
$h->accept_language( 'fr-CH, fr;q=0.9, en;q=0.8, de;q=0.7, *;q=0.5' ); $h->accept_language( [qw(fr-CH fr;q=0.9 en;q=0.8 de;q=0.7 *;q=0.5 )] );
Sets or gets the Accept-Language header field value. It takes either a string or an array or array reference of values.
Accept-Language
See also HTTP::Promise::Headers::AcceptLanguage to have a more granular control.
See rfc7231, section 5.3.5 and Mozilla documentation
$h->accept_patch( 'application/example, text/example' ); $h->accept_patch( [qw( application/example text/example )] ); $h->accept_patch( 'text/example;charset=utf-8' ); $h->accept_patch( 'application/merge-patch+json' );
Sets or gets the Accept-Patch header field value. It takes either a string or an array or array reference of values.
Accept-Patch
This is a server response header.
See rfc5789, section 3.1, rfc7231, section 4.3.4 and Mozilla documentation
$h->accept_post( 'application/example, text/example' ); $h->accept_post( [qw( application/example text/example )] ); $h->accept_post( 'image/webp' ); $h->accept_post( '*/*' );
Sets or gets the Accept-Post header field value. It takes either a string or an array or array reference of values.
Accept-Post
See rfc7231, section 4.3.3 and Mozilla documentation
$h->accept_ranges(1234);
Sets or gets the Accept-Ranges header field value. It takes either a string or an array or array reference of values.
Accept-Ranges
See rfc7233, section 2.3 and Mozilla documentation
This returns a new HTTP::Promise::Headers::Accept object based on the content of the Accept header value.
$h->age(1234);
Sets or gets the Age header field value. It takes a numeric value.
Age
See rfc7234, section 5.1 and Mozilla documentation
$h->allow( 'GET, POST, HEAD' ); $h->allow( [qw( GET POST HEAD )] );
Sets or gets the Allow header field value. It takes either a string or an array or array reference of values.
See rfc7231, section 7.4.1 and Mozilla documentation
# Access-Control-Allow-Credentials: true $h->allow_credentials( 'true' );
Sets or gets the Access-Control-Allow-Credentials header field value. It takes a string boolean value: true or false.
Access-Control-Allow-Credentials
true
false
# Access-Control-Allow-Headers: X-Custom-Header, Upgrade-Insecure-Requests $h->allow_headers( 'X-Custom-Header, Upgrade-Insecure-Requests' ); $h->allow_headers( [qw( X-Custom-Header Upgrade-Insecure-Requests )] );
Sets or gets the Access-Control-Allow-Headers header field value. It takes either a string or an array or array reference of values.
Access-Control-Allow-Headers
# Access-Control-Allow-Methods: POST, GET, OPTIONS $h->allow_methods( 'POST, GET, OPTIONS' ); $h->allow_methods( [qw( POST GET OPTIONS )] ); # Access-Control-Allow-Methods: * $h->allow_methods( '*' );
Sets or gets the Access-Control-Allow-Methods header field value. It takes either a string or an array or array reference of values.
Access-Control-Allow-Methods
# Access-Control-Allow-Origin: * $h->allow_origin( '*' ); # Access-Control-Allow-Origin: https://food.example.org $h->allow_origin( 'https://food.example.org' ); # Access-Control-Allow-Origin: null $h->allow_origin( 'null' );
Sets or gets the Access-Control-Allow-Origin header field value. It takes a string value.
Access-Control-Allow-Origin
# Alt-Svc: h2=":443"; ma=2592000; $h->alt_svc( 'h2=":443"; ma=2592000' ); # Alt-Svc: h2=":443"; ma=2592000; persist=1 $h->alt_svc( 'h2=":443"; ma=2592000; persist=1' ); # Alt-Svc: h2="alt.example.com:443", h2=":443" $h->alt_svc( 'h2="alt.example.com:443", h2=":443"' ); # Alt-Svc: h3-25=":443"; ma=3600, h2=":443"; ma=3600 $h->alt_svc( 'h3-25=":443"; ma=3600, h2=":443"; ma=3600' );
Sets or gets the Alt-Svc header field value. It takes either a string or an array or array reference of values.
Alt-Svc
See also HTTP::Promise::Headers::AltSvc to have a more granular control.
See rfc7838, section 3 and Mozilla documentation
This is a convenience method for the header field Alt-Svc.
To et it value, you provide a hash or hash reference of properties, including name and value respectively for the protocol-id and the alternate authority.
value
$h->alternate_server( name => 'h2', value => ':443', ma => 2592000, persist => 1 );
would create the header value:
Alt-Svc: h2=":443"; ma=2592000; persist=1
Without any parameter, it creates a new HTTP::Promise::Headers::AltSvc object for each Alt-Svc header value and returns an array object of all those HTTP::Promise::Headers::AltSvc objects.
# Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l $h->authorization( 'Basic YWxhZGRpbjpvcGVuc2VzYW1l' );
Sets or gets the Authorization header field value. It takes a string value.
See also "authorization_basic"
See rfc7235, section 4.2 and Mozilla documentation
# Cache-Control: max-age=604800 $h->cache_control( 'max-age=604800' ); # Cache-Control: s-maxage=604800 $h->cache_control( 's-maxage=604800' ); # Cache-Control: no-cache $h->cache_control( 'no-cache' ); # Cache-Control: max-age=604800, must-revalidate $h->cache_control( 'max-age=604800, must-revalidate' ); # Cache-Control: public, max-age=604800, immutable $h->cache_control( 'public, max-age=604800, immutable' );
Sets or gets the Cache-Control header field value. It takes either a string or an array or array reference of values.
Cache-Control
See also HTTP::Promise::Headers::CacheControl to have a more granular control.
See rfc7234, section 5.2 and Mozilla documentation
# Clear-Site-Data: "cache", "cookies", "storage", "executionContexts" $h->clear_site_data( q{"cache", "cookies", "storage", "executionContexts"} ); $h->clear_site_data( [qw( cache cookies storage executionContexts )] );
The Clear-Site-Data header accepts one or more directives. If all types of data should be cleared, the wildcard directive ("*") can be used.
See also HTTP::Promise::Headers::ClearSiteData to have a more granular control.
# Connection: keep-alive # Connection: close
Sets or gets the Connection header field value. It takes a string value.
Connection
See rfc7230, section 6.1 and Mozilla documentation
# Content-Disposition: inline # Content-Disposition: attachment # Content-Disposition: attachment; filename="filename.jpg" # Content-Disposition: form-data; name="fieldName" # Content-Disposition: form-data; name="fieldName"; filename="filename.jpg"
Sets or gets the Content-Disposition header field value. It takes a string value.
See also HTTP::Promise::Headers::ContentDisposition to have a more granular control.
See rfc6266, section 4, rfc7578, section 4.2 and Mozilla documentation
# Content-Encoding: gzip # Content-Encoding: compress # Content-Encoding: deflate # Content-Encoding: br # Multiple, in the order in which they were applied # Content-Encoding: deflate, gzip
Sets or gets the Cache-Encoding header field value. It takes either a string or an array or array reference of values.
Cache-Encoding
See rfc7230, section 3.3.1: "Unlike Content-Encoding (Section 3.1.2.1 of [RFC7231]), Transfer-Encoding is a property of the message, not of the representation"
See also "accept_encoding", "transfer_encoding" and "te" and this Stackoverflow discussion
See rfc7231, section 3.1.2.2 and Mozilla documentation
# Content-Language: de-DE # Content-Language: en-US $h->content_language( 'en-GB' ); # Content-Language: de-DE, en-CA $h->content_language( 'de-DE, en-CA' ); $h->content_language( [qw( de-DE en-CA )] );
Sets or gets the Cache-Language header field value. It takes either a string or an array or array reference of values.
Cache-Language
There is no enforcement on the value provided, so it is up to you to set the proper value or values.
See rfc7231, section 3.1.3.2, rfc5646 and Mozilla documentation
# Content-Length: 72 $h->content_length(72);
Sets or gets the Connection header field value. It takes a numeric value.
See rfc7230, section 3.3.2 and Mozilla documentation
# Content-Location: /some/where/file.html $h->content_location( '/some/where/file.html' );
See rfc7231, section 3.1.4.2 and Mozilla documentation
# Content-Range: bytes 200-1000/67589 # Unsatisfiable range value # Content-Range: bytes */1234
Sets or gets the Content-Range header field value. It takes a string value.
Content-Range
See also HTTP::Promise::Headers::ContentRange to have a more granular control.
See rfc7233, section 4.2 and Mozilla documentation
# Content-Security-Policy: default-src 'self' http://example.com; # connect-src 'none'; # Content-Security-Policy: connect-src http://example.com/; # script-src http://example.com/
Sets or gets the Content-Security-Policy header field value. It takes a string value.
Content-Security-Policy
See also HTTP::Promise::Headers::ContentSecurityPolicy to have a more granular control.
# Content-Security-Policy-Report-Only: default-src https:; report-uri /csp-violation-report-endpoint/
Sets or gets the Content-Security-Policy-Report-Only header field value. It takes a string value of properly formatted header value.
Content-Security-Policy-Report-Only
See also HTTP::Promise::Headers::ContentSecurityPolicyReportOnly to have a more granular control.
This sets or gets the Content-Type header value. It takes a string value.
If a value is provided, this will set the header value. If no value is provided, this simply return the header field value.
See also HTTP::Promise::Headers::ContentType to have a more granular control.
See also rfc7233, section 4.1, rfc7231, section 3.1.1.5 and Mozilla documentation, and this Mozilla documentation too
# Cross-Origin-Embedder-Policy: require-corp # Cross-Origin-Opener-Policy: same-origin
This sets or gets the Cross-Origin-Embedder-Policy header value. It takes a string value.
Cross-Origin-Embedder-Policy
It can have either of the following value: require-corp or same-origin
require-corp
same-origin
See also Mozilla documentation
# Cross-Origin-Opener-Policy: unsafe-none # Cross-Origin-Opener-Policy: same-origin-allow-popups # Cross-Origin-Opener-Policy: same-origin
This sets or gets the Cross-Origin-Opener-Policy header value. It takes a string value.
Cross-Origin-Opener-Policy
It can have either of the following value: unsafe-none or same-origin-allow-popups or same-origin
unsafe-none
same-origin-allow-popups
This sets or gets the Cross-Origin-Resource-Policy header value. It takes a string value.
Cross-Origin-Resource-Policy
It can have either of the following value: same-site or same-origin or same-origin
same-site
For more example: https://resourcepolicy.fyi/
This is an alias for "content_security_policy_report_only"
This sets or gets the Date header value. It takes a date string value, a unix timestamp or a DateTime value.
Date
If no value is provided, it returns the current value of the Date header field as a DateTime object.
# Device-Memory: 1
This sets or gets the Device-Memory header value. It takes a number.
Device-Memory
Mozilla documentation
# Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= # Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=,unixsum=30637
This sets or gets the Digest header value. It takes either a string or an array or array reference of properly formatted values.
Digest
See draft rfc and Mozilla documentation
# DNT: 0 # DNT: 1 # DNT: null
This sets or gets the DNT header value. It takes a string value.
DNT
# Early-Data: 1
This sets or gets the Early-Data header value. It takes a string value.
Early-Data
See also rfc8470, section 5.1 and Mozilla documentation
# ETag: "33a64df551425fcc55e4d42a148795d9f25f89d4" # ETag: W/"0815"
This sets or gets the Etag header value. It takes a string of properly formatted value.
Etag
See also rfc7232, section 2.3 and Mozilla documentation
This sets or gets the Expect header value. It takes a string of properly formatted value, typically 100-continue
Expect
100-continue
For example, before sending a very large file:
PUT /some/where HTTP/1.1 Host: origin.example.com Content-Type: video/h264 Content-Length: 1234567890987 Expect: 100-continue
If the server is ok, it would return a 100 Continue
100 Continue
See also rfc7231, section 5.1.1 and Mozilla documentation, interesting article
# Expect-CT: max-age=86400, enforce, report-uri="https://foo.example.com/report" $h->expect_ct( q{max-age=86400, enforce, report-uri="https://foo.example.com/report"} ); $h->expect_ct( [qw( max-age=86400 enforce report-uri="https://foo.example.com/report" )] );
This sets or gets the Expect-CT header value. It takes a string of properly formatted value.
Expect-CT
See also HTTP::Promise::Headers::ExpectCT to have a more granular control.
See also rfc draft and Mozilla documentation
This sets or gets the Expires header value. It takes a date string value, a unix timestamp or a DateTime value.
Expires: Wed, 21 Oct 2015 07:28:00 GMT
See also rfc7234, section 5.3 and Mozilla documentation
This sets or gets the Expose-Headers header value. It takes either a string or an array or array reference of properly formatted values.
Expose-Headers
Access-Control-Expose-Headers: *, Authorization
This sets or gets the Forwarded header value. It takes either a string or an array or array reference of properly formatted values.
Forwarded
See also HTTP::Promise::Headers::Forwarded to have a more granular control.
Forwarded: for=192.0.2.60;proto=http;by=203.0.113.43 # Values from multiple proxy servers can be appended using a comma Forwarded: for=192.0.2.43, for=198.51.100.17
See also rfc7239, section 4 and Mozilla documentation
This sets or gets the From header value. It takes a string value.
From
From: webmaster@example.org
See also rfc7231, section 5.5.1 and Mozilla documentation
This sets or gets the Host header value. It takes a string value.
Host
Host: dev.example.org
See also rfc7230, section 5.4 and Mozilla documentation
This sets or gets the If-Match header value. It takes a string value.
If-Match
If-Match: "bfc13a64729c4290ef5b2c2730249c88ca92d82d" If-Match: "67ab43", "54ed21", "7892dd" If-Match: *
See also rfc7232, section 3.1 and Mozilla documentation
This sets or gets the If-Modified-Since header value. It takes a date string value, a unix timestamp or a DateTime value.
If-Modified-Since
If-Modified-Since: Wed, 21 Oct 2015 07:28:00 GMT
See also rfc7232, section 3.3 and Mozilla documentation
This sets or gets the If-None-Match header value. It takes a string value.
If-None-Match
If-None-Match: "bfc13a64729c4290ef5b2c2730249c88ca92d82d" If-None-Match: W/"67ab43", "54ed21", "7892dd" If-None-Match: *
See also rfc7232, section 3.2 and Mozilla documentation
This sets or gets the If-Range header value. It takes a string value.
If-Range
If-Range: Wed, 21 Oct 2015 07:28:00 GMT
See also rfc7233, section 3.2 and Mozilla documentation
This sets or gets the If-Unmodified-Since header value. It takes a date string value, a unix timestamp or a DateTime value.
If-Unmodified-Since
If-Unmodified-Since: Wed, 21 Oct 2015 07:28:00 GMT
See also rfc7232, section 3.4 and Mozilla documentation
This sets or gets the Keep-Alive header value. It takes either a string or an array or array reference of properly formatted values.
Keep-Alive
See also HTTP::Promise::Headers::KeepAlive to have a more granular control.
Example response containing a Keep-Alive header:
HTTP/1.1 200 OK Connection: Keep-Alive Content-Encoding: gzip Content-Type: text/html; charset=utf-8 Date: Thu, 11 Aug 2016 15:23:13 GMT Keep-Alive: timeout=5, max=1000 Last-Modified: Mon, 25 Jul 2016 04:32:39 GMT Server: Apache
See also rfc7230, section A.1.2 and Mozilla documentation
This sets or gets the Last-Modified header value. It takes a date string value, a unix timestamp or a DateTime value.
Last-Modified: Wed, 21 Oct 2015 07:28:00 GMT
See also rfc7232, section 2.2 and Mozilla documentation
This sets or gets the Link header value. It takes a string value.
Link
See also HTTP::Promise::Headers::Link to have a more granular control.
Example:
Link: <https://example.com>; rel="preconnect"
See also rfc8288, section 3 and Mozilla documentation
This sets or gets the Location header value. It takes a string value.
Location
Location: /index.html
See also rfc7231, section 7.1.2 and Mozilla documentation
This sets or gets the Location header value. It takes a numeric value.
Access-Control-Max-Age: 600
This sets or gets the NEL header value. It takes a string of properly formatted json value.
NEL
NEL: { "report_to": "name_of_reporting_group", "max_age": 12345, "include_subdomains": false, "success_fraction": 0.0, "failure_fraction": 1.0 }
This sets or gets the Origin header value. It takes a string of properly formatted json value.
Origin
Origin: http://dev.example.org:80
See also rfc6454, section 7 and Mozilla documentation
Sets or gets the URI used for the proxy. It returns a URI object.
This sets or gets the Proxy-Authenticate header value. It takes a string value.
Proxy-Authenticate
Proxy-Authenticate: Basic realm="Access to the internal site"
This sets or gets the Proxy-Authorization header value. It takes a string value.
Proxy-Authorization
Proxy-Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
See also rfc7235, section 4.4 and Mozilla documentation
This sets or gets the Range header value. It takes a string value.
Range
See also HTTP::Promise::Headers::Range to have a more granular control.
Range: bytes=200-1000, 2000-6576, 19000-
See also rfc7233, section 3.1 and Mozilla documentation
This sets or gets the Referer header value. It takes a string value.
Referer
Referer: https://dev.example.org/some/where Referer: https://example.org/page?q=123 Referer: https://example.org/
See also rfc7231, section 5.5.2 and Mozilla documentation
This is an alias for "referer"
This sets or gets the Referrer-Policy header value. It takes a string value.
Referrer-Policy
The allowed values can be: no-referrer, no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url
no-referrer
no-referrer-when-downgrade
origin
origin-when-cross-origin
strict-origin
strict-origin-when-cross-origin
unsafe-url
Referrer-Policy: no-referrer # With fallback Referrer-Policy: no-referrer, strict-origin-when-cross-origin
This sets or gets the Access-Control-Request-Headers header value. It takes a string value.
Access-Control-Request-Headers
Access-Control-Request-Headers: X-PINGOTHER, Content-Type
This sets or gets the Access-Control-Request-Method header value. It takes a string value.
Access-Control-Request-Method
Access-Control-Request-Method: POST
This sets or gets the Retry-After header value. It takes a string value.
Retry-After
Retry-After: Wed, 21 Oct 2015 07:28:00 GMT Retry-After: 120
See also rfc7231, section 7.1.3 and Mozilla documentation
This sets or gets the Save-Data header value. It takes a string value.
Save-Data
The value can be either on or off
on
off
Save-Data: on
This sets or gets the Server header value. It takes a string value.
Server
Server: Apache/2.4.1 (Unix)
See also rfc7231, section 7.4.2 and Mozilla documentation
See also HTTP::Promise::Headers::ServerTiming to have a more granular control.
# Single metric without value Server-Timing: missedCache # Single metric with value Server-Timing: cpu;dur=2.4 # Single metric with description and value Server-Timing: cache;desc="Cache Read";dur=23.2 # Two metrics with value Server-Timing: db;dur=53, app;dur=47.2
This sets or gets the Set-Cookie header value. It takes a string value.
Set-Cookie
See also Cookie to have a more granular control.
Set-Cookie: sessionId=38afes7a8 Set-Cookie: __Secure-ID=123; Secure; Domain=example.com Set-Cookie: __Host-ID=123; Secure; Path=/
See also rfc6265, section 4.1 and Mozilla documentation
This sets or gets the SourceMap header value. It takes a string value.
SourceMap
SourceMap: /path/to/file.js.map
See also draft specifications and Mozilla documentation
This sets or gets the Strict-Transport-Security header value. It takes a string value.
Strict-Transport-Security
See also HTTP::Promise::Headers::StrictTransportSecurity to have a more granular control.
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
See also rfc6797, section 6.1 and Mozilla documentation
This sets or gets the TE header value. It takes a string value.
See also HTTP::Promise::Headers::TE to have a more granular control.
TE: deflate TE: gzip TE: trailers # Multiple directives, weighted with the quality value syntax: TE: trailers, deflate;q=0.5
Notably, the value trailers means the HTTP client support trailers, which are a set of headers sent after the body.
trailers
See also "transfer_encoding", rfc7230, section 4.3 and Mozilla documentation, article on trailers
This sets or gets the Timing-Allow-Origin header value. It takes a string value.
Timing-Allow-Origin
Timing-Allow-Origin: * Timing-Allow-Origin: https://dev.example.org, https://example.com
Sets or gets the Title of the HTML document if that were the case. This is here for legacy.
Title
This sets or gets the deprecated Tk header value. It takes a string value.
Tk
Tk: N
This sets or gets the Trailer header value. It takes a string value.
Trailer
Trailer: Expires
See also rfc7230, section 4.4, rfc7230, section 4.1.2 and Mozilla documentation
This sets or gets the Transfer-Encoding header value. It takes a string value.
Transfer-Encoding: chunked Transfer-Encoding: compress Transfer-Encoding: deflate Transfer-Encoding: gzip # Several values can be listed, separated by a comma Transfer-Encoding: gzip, chunked
See also "te", rfc7230, section 3.3.1 and Mozilla documentation and Wikipedia
This sets or gets the Upgrade header value. It takes a string value.
Upgrade
Connection: upgrade Upgrade: HTTP/2.0, SHTTP/1.3, IRC/6.9, RTA/x11 Connection: Upgrade Upgrade: websocket
See also rfc7230, section 6.7, rfc7231, section 6.6.15, rfc7240, section 8.1.1 and Mozilla documentation
This sets or gets the Upgrade-Insecure-Requests header value. It takes a string value.
Upgrade-Insecure-Requests
Upgrade-Insecure-Requests: 1
This sets or gets the User-Agent header value. It takes a string value.
User-Agent
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/42.0 User-Agent: curl/7.64.1
See also rfc7231, section 5.5.3 and Mozilla documentation
This sets or gets the Vary header value. It takes a string value.
Vary
Vary: * Vary: Accept-Encoding, User-Agent
See also rfc7231, section 7.1.4 and Mozilla documentation
This sets or gets the Via header value. It takes a string value.
Via
Via: 1.1 vegur Via: HTTP/1.1 GWA Via: 1.0 fred, 1.1 p.example.net
See also rfc7230, section 5.7.1 and Mozilla documentation
This sets or gets the Want-Digest header value. It takes a string value.
Want-Digest
Want-Digest: sha-256 Want-Digest: SHA-512;q=0.3, sha-256;q=1, md5;q=0
This sets or gets the Warning header value. It takes a string value.
Warning
Warning: 110 anderson/1.3.37 "Response is stale"
See also rfc7234, section 5.5 and Mozilla documentation
This sets or gets the WWW-Authenticate header value. It takes a string value.
WWW-Authenticate
WWW-Authenticate: Basic realm="Access to the staging site", charset="UTF-8" WWW-Authenticate: Digest realm="http-auth@example.org", qop="auth, auth-int", algorithm=SHA-256, nonce="7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v", opaque="FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS" WWW-Authenticate: Digest realm="http-auth@example.org", qop="auth, auth-int", algorithm=MD5, nonce="7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v", opaque="FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS"
See also rfc7235, section 4.1 and Mozilla documentation
Sets or gets an arbitrary X-* header. For example:
X-*
$h->x( 'Spip-Cache' => 3600 );
would set the X-Spip-Cache header value to 3600
X-Spip-Cache
3600
my $value = $h->x( 'Spip-Cache' );
This sets or gets the X-Content-Type-Options header value. It takes a string value.
X-Content-Type-Options
X-Content-Type-Options: nosniff
This sets or gets the X-DNS-Prefetch-Control header value. It takes a string value.
X-DNS-Prefetch-Control
X-DNS-Prefetch-Control: on X-DNS-Prefetch-Control: off
This sets or gets the X-Forwarded-For header value. It takes a string value.
X-Forwarded-For
X-Forwarded-For: 2001:db8:85a3:8d3:1319:8a2e:370:7348 X-Forwarded-For: 203.0.113.195 X-Forwarded-For: 203.0.113.195, 2001:db8:85a3:8d3:1319:8a2e:370:7348
See also "host", "forwarded", "x_forwarded_host", "x_forwarded_proto", Mozilla documentation
This sets or gets the X-Forwarded-Host header value. It takes a string value.
X-Forwarded-Host
X-Forwarded-Host: id42.example-cdn.com
See also "host", "forwarded", "x_forwarded_for", "x_forwarded_proto", https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host
This sets or gets the X-Forwarded-Proto header value. It takes a string value.
X-Forwarded-Proto
X-Forwarded-Proto: https
See also "host", "forwarded", "x_forwarded_for", "x_forwarded_host", https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
This sets or gets the X-Frame-Options header value. It takes a string value.
X-Frame-Options
X-Frame-Options: DENY X-Frame-Options: SAMEORIGIN
This sets or gets the X-XSS-Protection header value. It takes a string value.
X-XSS-Protection
X-XSS-Protection: 0 X-XSS-Protection: 1 X-XSS-Protection: 1; mode=block X-XSS-Protection: 1; report=https://example.org/some/where
Jacques Deguest <jack@deguest.jp>
Mozilla documentation on HTTP headers
HTTP::Promise::Headers::AcceptEncoding, HTTP::Promise::Headers::AcceptLanguage, HTTP::Promise::Headers::Accept, HTTP::Promise::Headers::AltSvc, HTTP::Promise::Headers::CacheControl, HTTP::Promise::Headers::ClearSiteData, HTTP::Promise::Headers::ContentDisposition, HTTP::Promise::Headers::ContentRange, HTTP::Promise::Headers::ContentSecurityPolicy, HTTP::Promise::Headers::ContentSecurityPolicyReportOnly, HTTP::Promise::Headers::ContentType, HTTP::Promise::Headers::Cookie, HTTP::Promise::Headers::ExpectCT, HTTP::Promise::Headers::Forwarded, HTTP::Promise::Headers::Generic, HTTP::Promise::Headers::KeepAlive, HTTP::Promise::Headers::Link, HTTP::Promise::Headers::Range, HTTP::Promise::Headers::ServerTiming, HTTP::Promise::Headers::StrictTransportSecurity, HTTP::Promise::Headers::TE
rfc7230, section 3.2 on headers field names, rfc6838 on mime types
HTTP::Promise, HTTP::Promise::Request, HTTP::Promise::Response, HTTP::Promise::Message, HTTP::Promise::Entity, HTTP::Promise::Headers, HTTP::Promise::Body, HTTP::Promise::Body::Form, HTTP::Promise::Body::Form::Data, HTTP::Promise::Body::Form::Field, HTTP::Promise::Status, HTTP::Promise::MIME, HTTP::Promise::Parser, HTTP::Promise::IO, HTTP::Promise::Stream, HTTP::Promise::Exception
Copyright(c) 2022 DEGUEST Pte. Ltd.
All rights reserved This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
To install HTTP::Promise, copy and paste the appropriate command in to your terminal.
cpanm
cpanm HTTP::Promise
CPAN shell
perl -MCPAN -e shell install HTTP::Promise
For more information on module installation, please visit the detailed CPAN module installation guide.