1 /*
2 * Copyright (C) 2011 The Guava Authors
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
5 * in compliance with the License. You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software distributed under the License
10 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 * or implied. See the License for the specific language governing permissions and limitations under
12 * the License.
13 */
14
15 package com.google.common.net;
16
17 import com.google.common.annotations.Beta;
18 import com.google.common.annotations.GwtCompatible;
19
20 /**
21 * Contains constant definitions for the HTTP header field names. See:
22 *
23 * <ul>
24 * <li><a href="http://www.ietf.org/rfc/rfc2109.txt">RFC 2109</a>
25 * <li><a href="http://www.ietf.org/rfc/rfc2183.txt">RFC 2183</a>
26 * <li><a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a>
27 * <li><a href="http://www.ietf.org/rfc/rfc2965.txt">RFC 2965</a>
28 * <li><a href="http://www.ietf.org/rfc/rfc5988.txt">RFC 5988</a>
29 * </ul>
30 *
31 * @author Kurt Alfred Kluever
32 * @since 11.0
33 */
34 @GwtCompatible
35 @ElementTypesAreNonnullByDefault
36 public final class HttpHeaders {
37 private HttpHeaders() {}
38
39 // HTTP Request and Response header fields
40
41 /** The HTTP {@code Cache-Control} header field name. */
42 public static final String CACHE_CONTROL = "Cache-Control";
43 /** The HTTP {@code Content-Length} header field name. */
44 public static final String CONTENT_LENGTH = "Content-Length";
45 /** The HTTP {@code Content-Type} header field name. */
46 public static final String CONTENT_TYPE = "Content-Type";
47 /** The HTTP {@code Date} header field name. */
48 public static final String DATE = "Date";
49 /** The HTTP {@code Pragma} header field name. */
50 public static final String PRAGMA = "Pragma";
51 /** The HTTP {@code Via} header field name. */
52 public static final String VIA = "Via";
53 /** The HTTP {@code Warning} header field name. */
54 public static final String WARNING = "Warning";
55
56 // HTTP Request header fields
57
58 /** The HTTP {@code Accept} header field name. */
59 public static final String ACCEPT = "Accept";
60 /** The HTTP {@code Accept-Charset} header field name. */
61 public static final String ACCEPT_CHARSET = "Accept-Charset";
62 /** The HTTP {@code Accept-Encoding} header field name. */
63 public static final String ACCEPT_ENCODING = "Accept-Encoding";
64 /** The HTTP {@code Accept-Language} header field name. */
65 public static final String ACCEPT_LANGUAGE = "Accept-Language";
66 /** The HTTP {@code Access-Control-Request-Headers} header field name. */
67 public static final String ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers";
68 /** The HTTP {@code Access-Control-Request-Method} header field name. */
69 public static final String ACCESS_CONTROL_REQUEST_METHOD = "Access-Control-Request-Method";
70 /** The HTTP {@code Authorization} header field name. */
71 public static final String AUTHORIZATION = "Authorization";
72 /** The HTTP {@code Connection} header field name. */
73 public static final String CONNECTION = "Connection";
74 /** The HTTP {@code Cookie} header field name. */
75 public static final String COOKIE = "Cookie";
76 /**
77 * The HTTP <a href="https://fetch.spec.whatwg.org/#cross-origin-resource-policy-header">{@code
78 * Cross-Origin-Resource-Policy}</a> header field name.
79 *
80 * @since 28.0
81 */
82 public static final String CROSS_ORIGIN_RESOURCE_POLICY = "Cross-Origin-Resource-Policy";
83 /**
84 * The HTTP <a href="https://tools.ietf.org/html/rfc8470">{@code Early-Data}</a> header field
85 * name.
86 *
87 * @since 27.0
88 */
89 public static final String EARLY_DATA = "Early-Data";
90 /** The HTTP {@code Expect} header field name. */
91 public static final String EXPECT = "Expect";
92 /** The HTTP {@code From} header field name. */
93 public static final String FROM = "From";
94 /**
95 * The HTTP <a href="https://tools.ietf.org/html/rfc7239">{@code Forwarded}</a> header field name.
96 *
97 * @since 20.0
98 */
99 public static final String FORWARDED = "Forwarded";
100 /**
101 * The HTTP {@code Follow-Only-When-Prerender-Shown} header field name.
102 *
103 * @since 17.0
104 */
105 @Beta
106 public static final String FOLLOW_ONLY_WHEN_PRERENDER_SHOWN = "Follow-Only-When-Prerender-Shown";
107 /** The HTTP {@code Host} header field name. */
108 public static final String HOST = "Host";
109 /**
110 * The HTTP <a href="https://tools.ietf.org/html/rfc7540#section-3.2.1">{@code HTTP2-Settings}
111 * </a> header field name.
112 *
113 * @since 24.0
114 */
115 public static final String HTTP2_SETTINGS = "HTTP2-Settings";
116 /** The HTTP {@code If-Match} header field name. */
117 public static final String IF_MATCH = "If-Match";
118 /** The HTTP {@code If-Modified-Since} header field name. */
119 public static final String IF_MODIFIED_SINCE = "If-Modified-Since";
120 /** The HTTP {@code If-None-Match} header field name. */
121 public static final String IF_NONE_MATCH = "If-None-Match";
122 /** The HTTP {@code If-Range} header field name. */
123 public static final String IF_RANGE = "If-Range";
124 /** The HTTP {@code If-Unmodified-Since} header field name. */
125 public static final String IF_UNMODIFIED_SINCE = "If-Unmodified-Since";
126 /** The HTTP {@code Last-Event-ID} header field name. */
127 public static final String LAST_EVENT_ID = "Last-Event-ID";
128 /** The HTTP {@code Max-Forwards} header field name. */
129 public static final String MAX_FORWARDS = "Max-Forwards";
130 /** The HTTP {@code Origin} header field name. */
131 public static final String ORIGIN = "Origin";
132 /**
133 * The HTTP <a href="https://github.com/WICG/origin-isolation">{@code Origin-Isolation}</a> header
134 * field name.
135 *
136 * @since 30.1
137 */
138 public static final String ORIGIN_ISOLATION = "Origin-Isolation";
139 /** The HTTP {@code Proxy-Authorization} header field name. */
140 public static final String PROXY_AUTHORIZATION = "Proxy-Authorization";
141 /** The HTTP {@code Range} header field name. */
142 public static final String RANGE = "Range";
143 /** The HTTP {@code Referer} header field name. */
144 public static final String REFERER = "Referer";
145 /**
146 * The HTTP <a href="https://www.w3.org/TR/referrer-policy/">{@code Referrer-Policy}</a> header
147 * field name.
148 *
149 * @since 23.4
150 */
151 public static final String REFERRER_POLICY = "Referrer-Policy";
152
153 /**
154 * Values for the <a href="https://www.w3.org/TR/referrer-policy/">{@code Referrer-Policy}</a>
155 * header.
156 *
157 * @since 23.4
158 */
159 public static final class ReferrerPolicyValues {
160 private ReferrerPolicyValues() {}
161
162 public static final String NO_REFERRER = "no-referrer";
163 public static final String NO_REFFERER_WHEN_DOWNGRADE = "no-referrer-when-downgrade";
164 public static final String SAME_ORIGIN = "same-origin";
165 public static final String ORIGIN = "origin";
166 public static final String STRICT_ORIGIN = "strict-origin";
167 public static final String ORIGIN_WHEN_CROSS_ORIGIN = "origin-when-cross-origin";
168 public static final String STRICT_ORIGIN_WHEN_CROSS_ORIGIN = "strict-origin-when-cross-origin";
169 public static final String UNSAFE_URL = "unsafe-url";
170 }
171
172 /**
173 * The HTTP <a href="https://www.w3.org/TR/service-workers/#update-algorithm">{@code
174 * Service-Worker}</a> header field name.
175 *
176 * @since 20.0
177 */
178 public static final String SERVICE_WORKER = "Service-Worker";
179 /** The HTTP {@code TE} header field name. */
180 public static final String TE = "TE";
181 /** The HTTP {@code Upgrade} header field name. */
182 public static final String UPGRADE = "Upgrade";
183 /**
184 * The HTTP <a href="https://w3c.github.io/webappsec-upgrade-insecure-requests/#preference">{@code
185 * Upgrade-Insecure-Requests}</a> header field name.
186 *
187 * @since 28.1
188 */
189 public static final String UPGRADE_INSECURE_REQUESTS = "Upgrade-Insecure-Requests";
190
191 /** The HTTP {@code User-Agent} header field name. */
192 public static final String USER_AGENT = "User-Agent";
193
194 // HTTP Response header fields
195
196 /** The HTTP {@code Accept-Ranges} header field name. */
197 public static final String ACCEPT_RANGES = "Accept-Ranges";
198 /** The HTTP {@code Access-Control-Allow-Headers} header field name. */
199 public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
200 /** The HTTP {@code Access-Control-Allow-Methods} header field name. */
201 public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
202 /** The HTTP {@code Access-Control-Allow-Origin} header field name. */
203 public static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
204 /** The HTTP {@code Access-Control-Allow-Credentials} header field name. */
205 public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";
206 /** The HTTP {@code Access-Control-Expose-Headers} header field name. */
207 public static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers";
208 /** The HTTP {@code Access-Control-Max-Age} header field name. */
209 public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age";
210 /** The HTTP {@code Age} header field name. */
211 public static final String AGE = "Age";
212 /** The HTTP {@code Allow} header field name. */
213 public static final String ALLOW = "Allow";
214 /** The HTTP {@code Content-Disposition} header field name. */
215 public static final String CONTENT_DISPOSITION = "Content-Disposition";
216 /** The HTTP {@code Content-Encoding} header field name. */
217 public static final String CONTENT_ENCODING = "Content-Encoding";
218 /** The HTTP {@code Content-Language} header field name. */
219 public static final String CONTENT_LANGUAGE = "Content-Language";
220 /** The HTTP {@code Content-Location} header field name. */
221 public static final String CONTENT_LOCATION = "Content-Location";
222 /** The HTTP {@code Content-MD5} header field name. */
223 public static final String CONTENT_MD5 = "Content-MD5";
224 /** The HTTP {@code Content-Range} header field name. */
225 public static final String CONTENT_RANGE = "Content-Range";
226 /**
227 * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-header-field">{@code
228 * Content-Security-Policy}</a> header field name.
229 *
230 * @since 15.0
231 */
232 public static final String CONTENT_SECURITY_POLICY = "Content-Security-Policy";
233 /**
234 * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-report-only-header-field">
235 * {@code Content-Security-Policy-Report-Only}</a> header field name.
236 *
237 * @since 15.0
238 */
239 public static final String CONTENT_SECURITY_POLICY_REPORT_ONLY =
240 "Content-Security-Policy-Report-Only";
241 /**
242 * The HTTP nonstandard {@code X-Content-Security-Policy} header field name. It was introduced in
243 * <a href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the Firefox until
244 * version 23 and the Internet Explorer version 10. Please, use {@link #CONTENT_SECURITY_POLICY}
245 * to pass the CSP.
246 *
247 * @since 20.0
248 */
249 public static final String X_CONTENT_SECURITY_POLICY = "X-Content-Security-Policy";
250 /**
251 * The HTTP nonstandard {@code X-Content-Security-Policy-Report-Only} header field name. It was
252 * introduced in <a href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the
253 * Firefox until version 23 and the Internet Explorer version 10. Please, use {@link
254 * #CONTENT_SECURITY_POLICY_REPORT_ONLY} to pass the CSP.
255 *
256 * @since 20.0
257 */
258 public static final String X_CONTENT_SECURITY_POLICY_REPORT_ONLY =
259 "X-Content-Security-Policy-Report-Only";
260 /**
261 * The HTTP nonstandard {@code X-WebKit-CSP} header field name. It was introduced in <a
262 * href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the Chrome until
263 * version 25. Please, use {@link #CONTENT_SECURITY_POLICY} to pass the CSP.
264 *
265 * @since 20.0
266 */
267 public static final String X_WEBKIT_CSP = "X-WebKit-CSP";
268 /**
269 * The HTTP nonstandard {@code X-WebKit-CSP-Report-Only} header field name. It was introduced in
270 * <a href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the Chrome until
271 * version 25. Please, use {@link #CONTENT_SECURITY_POLICY_REPORT_ONLY} to pass the CSP.
272 *
273 * @since 20.0
274 */
275 public static final String X_WEBKIT_CSP_REPORT_ONLY = "X-WebKit-CSP-Report-Only";
276 /**
277 * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP">{@code
278 * Cross-Origin-Embedder-Policy}</a> header field name.
279 *
280 * @since 30.0
281 */
282 public static final String CROSS_ORIGIN_EMBEDDER_POLICY = "Cross-Origin-Embedder-Policy";
283 /**
284 * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP-RO">{@code
285 * Cross-Origin-Embedder-Policy-Report-Only}</a> header field name.
286 *
287 * @since 30.0
288 */
289 public static final String CROSS_ORIGIN_EMBEDDER_POLICY_REPORT_ONLY =
290 "Cross-Origin-Embedder-Policy-Report-Only";
291 /**
292 * The HTTP Cross-Origin-Opener-Policy header field name.
293 *
294 * @since 28.2
295 */
296 public static final String CROSS_ORIGIN_OPENER_POLICY = "Cross-Origin-Opener-Policy";
297 /** The HTTP {@code ETag} header field name. */
298 public static final String ETAG = "ETag";
299 /** The HTTP {@code Expires} header field name. */
300 public static final String EXPIRES = "Expires";
301 /** The HTTP {@code Last-Modified} header field name. */
302 public static final String LAST_MODIFIED = "Last-Modified";
303 /** The HTTP {@code Link} header field name. */
304 public static final String LINK = "Link";
305 /** The HTTP {@code Location} header field name. */
306 public static final String LOCATION = "Location";
307 /**
308 * The HTTP <a href="https://googlechrome.github.io/OriginTrials/#header">{@code Origin-Trial}</a>
309 * header field name.
310 *
311 * @since 27.1
312 */
313 public static final String ORIGIN_TRIAL = "Origin-Trial";
314 /** The HTTP {@code P3P} header field name. Limited browser support. */
315 public static final String P3P = "P3P";
316 /** The HTTP {@code Proxy-Authenticate} header field name. */
317 public static final String PROXY_AUTHENTICATE = "Proxy-Authenticate";
318 /** The HTTP {@code Refresh} header field name. Non-standard header supported by most browsers. */
319 public static final String REFRESH = "Refresh";
320 /**
321 * The HTTP <a href="https://www.w3.org/TR/reporting/">{@code Report-To}</a> header field name.
322 *
323 * @since 27.1
324 */
325 public static final String REPORT_TO = "Report-To";
326 /** The HTTP {@code Retry-After} header field name. */
327 public static final String RETRY_AFTER = "Retry-After";
328 /** The HTTP {@code Server} header field name. */
329 public static final String SERVER = "Server";
330 /**
331 * The HTTP <a href="https://www.w3.org/TR/server-timing/">{@code Server-Timing}</a> header field
332 * name.
333 *
334 * @since 23.6
335 */
336 public static final String SERVER_TIMING = "Server-Timing";
337 /**
338 * The HTTP <a href="https://www.w3.org/TR/service-workers/#update-algorithm">{@code
339 * Service-Worker-Allowed}</a> header field name.
340 *
341 * @since 20.0
342 */
343 public static final String SERVICE_WORKER_ALLOWED = "Service-Worker-Allowed";
344 /** The HTTP {@code Set-Cookie} header field name. */
345 public static final String SET_COOKIE = "Set-Cookie";
346 /** The HTTP {@code Set-Cookie2} header field name. */
347 public static final String SET_COOKIE2 = "Set-Cookie2";
348
349 /**
350 * The HTTP <a href="http://goo.gl/Dxx19N">{@code SourceMap}</a> header field name.
351 *
352 * @since 27.1
353 */
354 @Beta public static final String SOURCE_MAP = "SourceMap";
355
356 /**
357 * The HTTP <a href="http://tools.ietf.org/html/rfc6797#section-6.1">{@code
358 * Strict-Transport-Security}</a> header field name.
359 *
360 * @since 15.0
361 */
362 public static final String STRICT_TRANSPORT_SECURITY = "Strict-Transport-Security";
363 /**
364 * The HTTP <a href="http://www.w3.org/TR/resource-timing/#cross-origin-resources">{@code
365 * Timing-Allow-Origin}</a> header field name.
366 *
367 * @since 15.0
368 */
369 public static final String TIMING_ALLOW_ORIGIN = "Timing-Allow-Origin";
370 /** The HTTP {@code Trailer} header field name. */
371 public static final String TRAILER = "Trailer";
372 /** The HTTP {@code Transfer-Encoding} header field name. */
373 public static final String TRANSFER_ENCODING = "Transfer-Encoding";
374 /** The HTTP {@code Vary} header field name. */
375 public static final String VARY = "Vary";
376 /** The HTTP {@code WWW-Authenticate} header field name. */
377 public static final String WWW_AUTHENTICATE = "WWW-Authenticate";
378
379 // Common, non-standard HTTP header fields
380
381 /** The HTTP {@code DNT} header field name. */
382 public static final String DNT = "DNT";
383 /** The HTTP {@code X-Content-Type-Options} header field name. */
384 public static final String X_CONTENT_TYPE_OPTIONS = "X-Content-Type-Options";
385 /** The HTTP {@code X-Do-Not-Track} header field name. */
386 public static final String X_DO_NOT_TRACK = "X-Do-Not-Track";
387 /** The HTTP {@code X-Forwarded-For} header field name (superseded by {@code Forwarded}). */
388 public static final String X_FORWARDED_FOR = "X-Forwarded-For";
389 /** The HTTP {@code X-Forwarded-Proto} header field name. */
390 public static final String X_FORWARDED_PROTO = "X-Forwarded-Proto";
391 /**
392 * The HTTP <a href="http://goo.gl/lQirAH">{@code X-Forwarded-Host}</a> header field name.
393 *
394 * @since 20.0
395 */
396 public static final String X_FORWARDED_HOST = "X-Forwarded-Host";
397 /**
398 * The HTTP <a href="http://goo.gl/YtV2at">{@code X-Forwarded-Port}</a> header field name.
399 *
400 * @since 20.0
401 */
402 public static final String X_FORWARDED_PORT = "X-Forwarded-Port";
403 /** The HTTP {@code X-Frame-Options} header field name. */
404 public static final String X_FRAME_OPTIONS = "X-Frame-Options";
405 /** The HTTP {@code X-Powered-By} header field name. */
406 public static final String X_POWERED_BY = "X-Powered-By";
407 /**
408 * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code
409 * Public-Key-Pins}</a> header field name.
410 *
411 * @since 15.0
412 */
413 @Beta public static final String PUBLIC_KEY_PINS = "Public-Key-Pins";
414 /**
415 * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code
416 * Public-Key-Pins-Report-Only}</a> header field name.
417 *
418 * @since 15.0
419 */
420 @Beta public static final String PUBLIC_KEY_PINS_REPORT_ONLY = "Public-Key-Pins-Report-Only";
421 /**
422 * The HTTP {@code X-Request-ID} header field name.
423 *
424 * @since 30.1
425 */
426 public static final String X_REQUEST_ID = "X-Request-ID";
427 /** The HTTP {@code X-Requested-With} header field name. */
428 public static final String X_REQUESTED_WITH = "X-Requested-With";
429 /** The HTTP {@code X-User-IP} header field name. */
430 public static final String X_USER_IP = "X-User-IP";
431 /**
432 * The HTTP <a href="https://goo.gl/VKpXxa">{@code X-Download-Options}</a> header field name.
433 *
434 * <p>When the new X-Download-Options header is present with the value {@code noopen}, the user is
435 * prevented from opening a file download directly; instead, they must first save the file
436 * locally.
437 *
438 * @since 24.1
439 */
440 @Beta public static final String X_DOWNLOAD_OPTIONS = "X-Download-Options";
441 /** The HTTP {@code X-XSS-Protection} header field name. */
442 public static final String X_XSS_PROTECTION = "X-XSS-Protection";
443 /**
444 * The HTTP <a
445 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control">{@code
446 * X-DNS-Prefetch-Control}</a> header controls DNS prefetch behavior. Value can be "on" or "off".
447 * By default, DNS prefetching is "on" for HTTP pages and "off" for HTTPS pages.
448 */
449 public static final String X_DNS_PREFETCH_CONTROL = "X-DNS-Prefetch-Control";
450 /**
451 * The HTTP <a href="http://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing">
452 * {@code Ping-From}</a> header field name.
453 *
454 * @since 19.0
455 */
456 public static final String PING_FROM = "Ping-From";
457 /**
458 * The HTTP <a href="http://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing">
459 * {@code Ping-To}</a> header field name.
460 *
461 * @since 19.0
462 */
463 public static final String PING_TO = "Ping-To";
464
465 /**
466 * The HTTP <a
467 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#As_a_server_admin.2C_can_I_distinguish_prefetch_requests_from_normal_requests.3F">{@code
468 * Purpose}</a> header field name.
469 *
470 * @since 28.0
471 */
472 public static final String PURPOSE = "Purpose";
473 /**
474 * The HTTP <a
475 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#As_a_server_admin.2C_can_I_distinguish_prefetch_requests_from_normal_requests.3F">{@code
476 * X-Purpose}</a> header field name.
477 *
478 * @since 28.0
479 */
480 public static final String X_PURPOSE = "X-Purpose";
481 /**
482 * The HTTP <a
483 * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#As_a_server_admin.2C_can_I_distinguish_prefetch_requests_from_normal_requests.3F">{@code
484 * X-Moz}</a> header field name.
485 *
486 * @since 28.0
487 */
488 public static final String X_MOZ = "X-Moz";
489
490 /**
491 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua">{@code Sec-CH-UA}</a>
492 * header field name.
493 *
494 * @since 30.0
495 */
496 public static final String SEC_CH_UA = "Sec-CH-UA";
497 /**
498 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-arch">{@code
499 * Sec-CH-UA-Arch}</a> header field name.
500 *
501 * @since 30.0
502 */
503 public static final String SEC_CH_UA_ARCH = "Sec-CH-UA-Arch";
504 /**
505 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-model">{@code
506 * Sec-CH-UA-Model}</a> header field name.
507 *
508 * @since 30.0
509 */
510 public static final String SEC_CH_UA_MODEL = "Sec-CH-UA-Model";
511 /**
512 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-platform">{@code
513 * Sec-CH-UA-Platform}</a> header field name.
514 *
515 * @since 30.0
516 */
517 public static final String SEC_CH_UA_PLATFORM = "Sec-CH-UA-Platform";
518 /**
519 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-platform-version">{@code
520 * Sec-CH-UA-Platform-Version}</a> header field name.
521 *
522 * @since 30.0
523 */
524 public static final String SEC_CH_UA_PLATFORM_VERSION = "Sec-CH-UA-Platform-Version";
525 /**
526 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-full-version">{@code
527 * Sec-CH-UA-Full-Version}</a> header field name.
528 *
529 * @since 30.0
530 */
531 public static final String SEC_CH_UA_FULL_VERSION = "Sec-CH-UA-Full-Version";
532 /**
533 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-mobile">{@code
534 * Sec-CH-UA-Mobile}</a> header field name.
535 *
536 * @since 30.0
537 */
538 public static final String SEC_CH_UA_MOBILE = "Sec-CH-UA-Mobile";
539 /**
540 * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-bitness">{@code
541 * Sec-CH-UA-Bitness}</a> header field name.
542 *
543 * @since NEXT
544 */
545 public static final String SEC_CH_UA_BITNESS = "Sec-CH-UA-Bitness";
546
547 /**
548 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-Dest}</a>
549 * header field name.
550 *
551 * @since 27.1
552 */
553 public static final String SEC_FETCH_DEST = "Sec-Fetch-Dest";
554 /**
555 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-Mode}</a>
556 * header field name.
557 *
558 * @since 27.1
559 */
560 public static final String SEC_FETCH_MODE = "Sec-Fetch-Mode";
561 /**
562 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-Site}</a>
563 * header field name.
564 *
565 * @since 27.1
566 */
567 public static final String SEC_FETCH_SITE = "Sec-Fetch-Site";
568 /**
569 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-User}</a>
570 * header field name.
571 *
572 * @since 27.1
573 */
574 public static final String SEC_FETCH_USER = "Sec-Fetch-User";
575 /**
576 * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Metadata}</a>
577 * header field name.
578 *
579 * @since 26.0
580 */
581 public static final String SEC_METADATA = "Sec-Metadata";
582 /**
583 * The HTTP <a href="https://tools.ietf.org/html/draft-ietf-tokbind-https">{@code
584 * Sec-Token-Binding}</a> header field name.
585 *
586 * @since 25.1
587 */
588 public static final String SEC_TOKEN_BINDING = "Sec-Token-Binding";
589 /**
590 * The HTTP <a href="https://tools.ietf.org/html/draft-ietf-tokbind-ttrp">{@code
591 * Sec-Provided-Token-Binding-ID}</a> header field name.
592 *
593 * @since 25.1
594 */
595 public static final String SEC_PROVIDED_TOKEN_BINDING_ID = "Sec-Provided-Token-Binding-ID";
596 /**
597 * The HTTP <a href="https://tools.ietf.org/html/draft-ietf-tokbind-ttrp">{@code
598 * Sec-Referred-Token-Binding-ID}</a> header field name.
599 *
600 * @since 25.1
601 */
602 public static final String SEC_REFERRED_TOKEN_BINDING_ID = "Sec-Referred-Token-Binding-ID";
603 /**
604 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Accept}</a> header
605 * field name.
606 *
607 * @since 28.0
608 */
609 public static final String SEC_WEBSOCKET_ACCEPT = "Sec-WebSocket-Accept";
610 /**
611 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Extensions}</a>
612 * header field name.
613 *
614 * @since 28.0
615 */
616 public static final String SEC_WEBSOCKET_EXTENSIONS = "Sec-WebSocket-Extensions";
617 /**
618 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Key}</a> header
619 * field name.
620 *
621 * @since 28.0
622 */
623 public static final String SEC_WEBSOCKET_KEY = "Sec-WebSocket-Key";
624 /**
625 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Protocol}</a>
626 * header field name.
627 *
628 * @since 28.0
629 */
630 public static final String SEC_WEBSOCKET_PROTOCOL = "Sec-WebSocket-Protocol";
631 /**
632 * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Version}</a> header
633 * field name.
634 *
635 * @since 28.0
636 */
637 public static final String SEC_WEBSOCKET_VERSION = "Sec-WebSocket-Version";
638 /**
639 * The HTTP <a href="https://tools.ietf.org/html/rfc8586">{@code CDN-Loop}</a> header field name.
640 *
641 * @since 28.0
642 */
643 public static final String CDN_LOOP = "CDN-Loop";
644 }