Home/Developer Tools/HTTP Reference Tools
HTTP Reference Tools

HTTP Headers Dashboard

Look up any common HTTP header to understand its purpose, applicability and security relevance privately in your browser.

HTTP Header Reference

Look up any common HTTP header to understand its purpose, applicability and security relevance - backed by deterministic local reference data.

This dashboard runs entirely from local reference data in your browser. Nothing you type is transmitted, stored, or used to make network requests.
40
Total headers
16
Security-relevant
19
Request headers
29
Response headers
Content & Negotiation
Content & Negotiation

Content-Type

Indicates the media type of the message body, so the recipient knows how to parse it.

Request & ResponseSecurity-relevantStandard
Example value
Content-Type: application/json; charset=utf-8
Common use cases
Declaring JSON/HTML/form-encoded bodies on requests, and the representation type of a response.
Common mistakes
Omitting Content-Type on a request body, or sending a body whose actual bytes don't match the declared type.
Recommended developer action
Always set an accurate Content-Type on any message with a body, and pair it with X-Content-Type-Options: nosniff on responses to stop browsers guessing the type themselves.
Standard reference
RFC 9110 §8.3
Notes
Security-relevant because an incorrect or missing Content-Type can lead browsers to MIME-sniff a response as something more dangerous (for example executable HTML) than intended.

Related headers

Search and filter

Search by header name (for example “cache”) or by phrase (for example “clickjacking” or “cors”).

Applies to

Browse by category

Header library

Common headers

12 of 40 headers