Header parameters: "Accept" and "Content-type" in a REST context
I understand that the Accept
parameter define a data type expected in a client response sent from the server, so it's used as a response header.
My question is regarding the Content-type
, it's used by a client to define the body format of a request sent, I always used it as part of a client request, so I have a client request where I set the headers with Accept
and Content-type
. And recently, I came across a project where the Content-type
is defined in the response headers (so sent by the server). So my question is: Content-type
need to be set as part of the client request header or as part of the server response header or can it be set to both ?
Solution 1:
Read the relevant RFCs. In this case 7231:
5.3.2. Accept
The "Accept" header field can be used by user agents to specify response media types that are acceptable.
3.1.1.5. Content-Type
The "Content-Type" header field indicates the media type of the associated representation
So: Accept
indicates what kind of response from the server the client can accept. Content-type
always is about the content of the current request or response.
So if your request has no payload, you don't have to use a content-type request header.
Servers may require you to provide a content-type in a request even if the request has no payload; the sever will return a 415 Unsupported Media Type
response if you omit it.
Solution 2:
Accept header is used by HTTP clients to tell the server which type of content they expect/prefer as response. Content-type can be used both by clients and servers to identify the format of the data in their request (client) or response (server) and, therefore, help the other part interpret correctly the information.
Solution 3:
TL;DR
The entity header Content-Type
is used to indicate the media type of the resource. In responses, a Content-Type
header tells the client what the content type of the returned content actually is. In requests, such as POST or PUT, the client tells the server what type of data is actually sent.
Elaborated Answer
As you correctly note, the Accept
header is used by HTTP clients to tell the server what response media types are acceptable. The server, on their turn, will then send back a response, which will include the Content-Type
header telling the client what the media type is actually returned.
Now, the Content-Type
header could be on request and responses as well. Why? Well, think about POST or PUT requests. With those request types, the client is actually sending a bunch of data to the server as part of the request, and the Content-Type
header tells the server what the data actually is and thus determines how the server will parse it.
Solution 4:
I think this is explained in MSDN very clear.
Accept
The Accept request HTTP header advertises which content types, expressed as MIME types, the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Type response header. Browsers set adequate values for this header depending on the context where the request is done: when fetching a CSS stylesheet a different value is set for the request than when fetching an image, video or a script.
Content-Type
The Content-Type representation header is used to indicate the original media type of the resource (prior to any content encoding applied for sending).
In responses, a Content-Type header tells the client what the content type of the returned content actually is. Browsers will do MIME sniffing in some cases and will not necessarily follow the value of this header; to prevent this behavior, the header X-Content-Type-Options can be set to nosniff.
In requests, (such as POST or PUT), the client tells the server what type of data is actually sent.
Solution 5:
Content negotiation: is the mechanism that is used for serving different representations of a resource at the same URI.
The Accept is Client Request-header field can be used to specify certain media types which are acceptable for the response.
The Content-Type is entity-header field indicates the media type of the entity-body sent to the recipient.
HTTP header fields provide required information about the request or response, or about the object sent in the message body. There are four types of HTTP message headers:
- General-header: These header fields have general applicability for both request and response messages.
- Client Request-header: These header fields have applicability only for request messages.
- Server Response-header: These header fields have applicability only for response messages.
- Entity-header: These header fields define meta information about the entity-body or, if no body is present, about the resource identified by the request. Source
https://www.w3.org/Protocols/HTTP/HTRQ_Headers.html
https://www.w3.org/Protocols/HTTP/Object_Headers.html