Debug Headers with GET

by jefftkjefftk1 min read17th Nov 2020No comments

9

Practical
Personal Blog

HTTP offers a convenient way to download only the headers: send a HEAD request:

$ telnet www.example.com 80
Trying 93.184.216.34...
Connected to www.example.com.
Escape character is '^]'.
HEAD / HTTP/1.1
Host: www.example.com

HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Age: 325063
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 Nov 2020 02:29:50 GMT
Etag: "3147526947"
Expires: Tue, 24 Nov 2020 02:29:50 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (dcb/7F82)
X-Cache: HIT
Content-Length: 648
Of course you wouldn't usually manually type into telnet, you'd use something like curl:
$ curl -I http://www.example.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 326121
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 Nov 2020 02:47:38 GMT
Etag: "3147526947"
Expires: Tue, 24 Nov 2020 02:47:38 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (dcb/7EC9)
X-Cache: HIT
Content-Length: 1256
It's defined in RFC 7231:
The HEAD method is identical to GET except that the server MUST NOT send a message body in the response (i.e., the response terminates at the end of the header section). The server SHOULD send the same header fields in response to a HEAD request as it would have sent if the request had been a GET, except that the payload header fields MAY be omitted.

Unfortunately, HEAD is a trap. When you are trying to debug strange server behavior, it is much safer to send GET requests and throw away the body (ex, ex). Not only is "SHOULD" just a recommendation, but even if this were a "MUST" you could bet some servers would mishandle it. Counterfactuals are hard!

While differences are rare, always debugging by requesting the body like a normal client would, and then discarding it, means one fewer way that your debug request differs from a real one:

$ curl -sS -D- -o/dev/null http://www.example.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 326124
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 Nov 2020 02:47:41 GMT
Etag: "3147526947"
Expires: Tue, 24 Nov 2020 02:47:41 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (dcb/7EC9)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 1256

Going farther in the same direction, it's even better to start with "Copy as cURL":

And then add the -sS -D- -o/dev/null to get the headers if that's all you want.

Comment via: facebook

Practical2
Personal Blog

9

New Comment