Instruction by web server containing the intended location of a web page.
HTTP
Persistence
Compression
HTTPS
QUIC
Request methods
OPTIONS
GET
HEAD
POST
PUT
DELETE
TRACE
CONNECT
PATCH
Header fields
Cookie
ETag
Location
HTTP referer
DNT
X-Forwarded-For
Response status codes
301 Moved Permanently
302 Found
303 See Other
403 Forbidden
404 Not Found
451 Unavailable for Legal Reasons
Security access control methods
Basic access authentication
Digest access authentication
Security vulnerabilities
HTTP header injection
HTTP request smuggling
HTTP response splitting
HTTP parameter pollution
v
t
e
The HTTP Location header field is returned in responses from an HTTP server under two circumstances:
To ask a web browser to load a different web page (URL redirection). In this circumstance, the Location header should be sent with an HTTP status code of 3xx. It is passed as part of the response by a web server when the requested URI has:
Moved temporarily;
Moved permanently; or
Processed a request, e.g. a POSTed form, and is providing the result of that request at a different URI
To provide information about the location of a newly created resource. In this circumstance, the Location header should be sent with an HTTP status code of 201 or 202.[1]
An obsolete version of the HTTP 1.1 specifications (IETF RFC 2616) required a complete absolute URI for redirection.[2] The IETF HTTP working group found that the most popular web browsers tolerate the passing of a relative URL[3] and, consequently, the updated HTTP 1.1 specifications (IETF RFC 7231) relaxed the original constraint, allowing the use of relative URLs in Location headers.[4]
^Richardson, Leonard (2007). RESTful Web Services. Sebastopol: O'Reilly. pp. 228–230. ISBN 978-0-596-52926-0.
^"Location". Hypertext Transfer Protocol -- HTTP/1.1. IETF. June 1999. sec. 14.30. doi:10.17487/RFC2616. RFC 2616.
^IETF HTTPbis Working Group Ticket 185
^"Location". Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content. IETF. June 2014. sec. 7.1.2. doi:10.17487/RFC7231. RFC 7231.
The HTTPLocation header field is returned in responses from an HTTP server under two circumstances: To ask a web browser to load a different web page...
Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over...
Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is...
communications, the HTTP 404, 404 not found, 404, 404 error, page not found, or file not found error message is a hypertext transfer protocol (HTTP) standard response...
This is a list of Hypertext Transfer Protocol (HTTP) response status codes. Status codes are issued by a server in response to a client's request made...
HTTP 403 is an HTTP status code meaning access to the requested resource is forbidden. The server understood the request, but will not fulfill it, if...
device in a hidden location outside the visitor's web browser's dedicated cookie storage location, and that automatically recreates a HTTP cookie as a regular...
Temporarily" rather than "Found". An HTTP response with this status code will additionally provide a URL in the header field Location. This is an invitation to the...
the Location: header. A HTTP response with the 301 "moved permanently" redirect looks like this: HTTP/1.1 301 Moved Permanently Location: https://www...
an address on the Web, is a reference to a resource that specifies its location on a computer network and a mechanism for retrieving it. A URL is a specific...
provided in the Location field, included with the response. The 301 redirect is considered a best practice for upgrading users from HTTP to HTTPS. RFC 2616...
a website is accessed from a HTTP Secure (HTTPS) connection and a link points to anywhere except another secure location, then the referrer field is not...
the target resource that can be transferred by the server over HTTP. However, the Location field value refers to a resource that is descriptive of the target...
e., location-based uniform resource identifier or URI) that is used to redirect to the location of the requested web resource. PURLs redirect HTTP clients...
HTTP persistent connection, also called HTTP keep-alive, or HTTP connection reuse, is the idea of using a single TCP connection to send and receive multiple...
HTTP header fields are a list of strings sent and received by both the client program and server on every HTTP request and response. These headers are...
hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web...
metadata is encoded in HTTP header fields and/or in an XML file with extension .meta4 or .metalink. The duplicate download locations provide reliability...
HTTP compression is a capability that can be built into web servers and web clients to improve transfer speed and bandwidth utilization. HTTP data is...
The ETag or entity tag is part of HTTP, the protocol for the World Wide Web. It is one of several mechanisms that HTTP provides for Web cache validation...
HTTP pipelining is a feature of HTTP/1.1, which allows multiple HTTP requests to be sent over a single TCP connection without waiting for the corresponding...
IPFS hosts. IPFS can among others replace the location based hypermedia server protocols HTTP and HTTPS to distribute the World Wide Web. IPFS allows...
In computer networking, HTTP 451 Unavailable For Legal Reasons is a proposed standard error status code of the HTTP protocol to be displayed when the...
HTTP Message Body is the data bytes transmitted in an HTTP transaction message immediately following the headers if there are any (in the case of HTTP/0...
generic solution is to URL-encode strings before inclusion into HTTP headers such as Location or Set-Cookie. Typical examples of sanitization include casting...