Hypertext Transfer Protocol (HTTP) Field Name Registry

Created: 2021-10-01
Last Updated: 2023-05-15
Available Formats: XML
HTML
Plain text

Registry included below

Hypertext Transfer Protocol (HTTP) Field Name Registry

Hypertext Transfer Protocol (HTTP) Field Name Registry

Registration Procedure(s)

Specification Required for Permanent registrations,
Expert Review for Provisional registrations.

Expert(s)

Mark Nottingham, Roy Fielding

Reference

[RFC9110]

Note

See Section 16.3 of [RFC9110] for more
information on defining and registering new HTTP Fields.

Note

New field names, along with changes to existing ones, can be 
requested using the [registry interface] or the mailing list
defined in [RFC9110].

Available Formats

CSV

Field Name	Template	Status	Reference	Comments
A-IM		permanent	[RFC 3229: Delta encoding in HTTP]
Accept		permanent	[RFC9110, Section 12.5.1: HTTP Semantics]
Accept-Additions		permanent	[RFC 2324: Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0)]
Accept-CH		permanent	[RFC 8942, Section 3.1: HTTP Client Hints]
Accept-Charset		deprecated	[RFC9110, Section 12.5.2: HTTP Semantics]
Accept-Datetime		permanent	[RFC 7089: HTTP Framework for Time-Based Access to Resource States -- Memento]
Accept-Encoding		permanent	[RFC9110, Section 12.5.3: HTTP Semantics]
Accept-Features		permanent	[RFC 2295: Transparent Content Negotiation in HTTP]
Accept-Language		permanent	[RFC9110, Section 12.5.4: HTTP Semantics]
Accept-Patch		permanent	[RFC 5789: PATCH Method for HTTP]
Accept-Post	perm/accept-post	permanent	[Linked Data Platform 1.0]
Accept-Ranges		permanent	[RFC9110, Section 14.3: HTTP Semantics]
Access-Control		obsoleted	[Access Control for Cross-site Requests]
Access-Control-Allow-Credentials		permanent	[Fetch]
Access-Control-Allow-Headers		permanent	[Fetch]
Access-Control-Allow-Methods		permanent	[Fetch]
Access-Control-Allow-Origin		permanent	[Fetch]
Access-Control-Expose-Headers		permanent	[Fetch]
Access-Control-Max-Age		permanent	[Fetch]
Access-Control-Request-Headers		permanent	[Fetch]
Access-Control-Request-Method		permanent	[Fetch]
Age		permanent	[RFC9111, Section 5.1: HTTP Caching]
Allow		permanent	[RFC9110, Section 10.2.1: HTTP Semantics]
ALPN		permanent	[RFC 7639, Section 2: The ALPN HTTP Header Field]
Alt-Svc		permanent	[RFC 7838: HTTP Alternative Services]
Alt-Used		permanent	[RFC 7838: HTTP Alternative Services]
Alternates		permanent	[RFC 2295: Transparent Content Negotiation in HTTP]
AMP-Cache-Transform		provisional	[AMP-Cache-Transform HTTP request header]
Apply-To-Redirect-Ref		permanent	[RFC 4437: Web Distributed Authoring and Versioning (WebDAV) Redirect Reference Resources]
Authentication-Control		permanent	[RFC 8053, Section 4: HTTP Authentication Extensions for Interactive Clients]
Authentication-Info		permanent	[RFC9110, Section 11.6.3: HTTP Semantics]
Authorization		permanent	[RFC9110, Section 11.6.2: HTTP Semantics]
C-Ext		obsoleted	[RFC 2774: An HTTP Extension Framework][status-change-http-experiments-to-historic]
C-Man		obsoleted	[RFC 2774: An HTTP Extension Framework][status-change-http-experiments-to-historic]
C-Opt		obsoleted	[RFC 2774: An HTTP Extension Framework][status-change-http-experiments-to-historic]
C-PEP		obsoleted	[PEP - an Extension Mechanism for HTTP][status-change-http-experiments-to-historic]
C-PEP-Info		deprecated	[PEP - an Extension Mechanism for HTTP][status-change-http-experiments-to-historic]
Cache-Control		permanent	[RFC9111, Section 5.2]
Cache-Status		permanent	[RFC9211: The Cache-Status HTTP Response Header Field]
Cal-Managed-ID		permanent	[RFC 8607, Section 5.1: Calendaring Extensions to WebDAV (CalDAV): Managed Attachments]
CalDAV-Timezones		permanent	[RFC 7809, Section 7.1: Calendaring Extensions to WebDAV (CalDAV): Time Zones by Reference]
Capsule-Protocol		permanent	[RFC9297]
CDN-Cache-Control		permanent	[RFC9213: Targeted HTTP Cache Control]	Cache directives targeted at content delivery networks
CDN-Loop		permanent	[RFC 8586: Loop Detection in Content Delivery Networks (CDNs)]
Cert-Not-After		permanent	[RFC 8739, Section 3.3: Support for Short-Term, Automatically Renewed (STAR) Certificates in the Automated Certificate Management Environment (ACME)]
Cert-Not-Before		permanent	[RFC 8739, Section 3.3: Support for Short-Term, Automatically Renewed (STAR) Certificates in the Automated Certificate Management Environment (ACME)]
Clear-Site-Data		permanent	[Clear Site Data]
Client-Cert		permanent	[RFC-ietf-httpbis-client-cert-field-06, Section 2]
Client-Cert-Chain		permanent	[RFC-ietf-httpbis-client-cert-field-06, Section 2]
Close		permanent	[RFC9112, Section 9.6: HTTP/1.1]	(reserved)
Configuration-Context		provisional	[OSLC Configuration Management Version 1.0. Part 3: Configuration Specification]
Connection		permanent	[RFC9110, Section 7.6.1: HTTP Semantics]
Content-Base		obsoleted	[RFC 2068: Hypertext Transfer Protocol -- HTTP/1.1][RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1]
Content-Disposition		permanent	[RFC 6266: Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP)]
Content-Encoding		permanent	[RFC9110, Section 8.4: HTTP Semantics]
Content-ID		permanent	[The HTTP Distribution and Replication Protocol]
Content-Language		permanent	[RFC9110, Section 8.5: HTTP Semantics]
Content-Length		permanent	[RFC9110, Section 8.6: HTTP Semantics]
Content-Location		permanent	[RFC9110, Section 8.7: HTTP Semantics]
Content-MD5		obsoleted	[RFC 2616, Section 14.15: Hypertext Transfer Protocol -- HTTP/1.1][RFC 7231, Appendix B: Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content]
Content-Range		permanent	[RFC9110, Section 14.4: HTTP Semantics]
Content-Script-Type		obsoleted	[HTML 4.01 Specification]
Content-Security-Policy		permanent	[Content Security Policy Level 3]
Content-Security-Policy-Report-Only		permanent	[Content Security Policy Level 3]
Content-Style-Type		obsoleted	[HTML 4.01 Specification]
Content-Type		permanent	[RFC9110, Section 8.3: HTTP Semantics]
Content-Version		obsoleted	[RFC 2068: Hypertext Transfer Protocol -- HTTP/1.1]
Cookie		permanent	[RFC 6265: HTTP State Management Mechanism]
Cookie2		obsoleted	[RFC 2965: HTTP State Management Mechanism][RFC 6265: HTTP State Management Mechanism]
Cross-Origin-Embedder-Policy		permanent	[HTML]
Cross-Origin-Embedder-Policy-Report-Only		permanent	[HTML]
Cross-Origin-Opener-Policy		permanent	[HTML]
Cross-Origin-Opener-Policy-Report-Only		permanent	[HTML]
Cross-Origin-Resource-Policy		permanent	[Fetch]
DASL		permanent	[RFC 5323: Web Distributed Authoring and Versioning (WebDAV) SEARCH]
Date		permanent	[RFC9110, Section 6.6.1: HTTP Semantics]
DAV		permanent	[RFC 4918: HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)]
Default-Style		obsoleted	[HTML 4.01 Specification]
Delta-Base		permanent	[RFC 3229: Delta encoding in HTTP]
Depth		permanent	[RFC 4918: HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)]
Derived-From		obsoleted	[RFC 2068: Hypertext Transfer Protocol -- HTTP/1.1]
Destination		permanent	[RFC 4918: HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)]
Differential-ID		permanent	[The HTTP Distribution and Replication Protocol]
Digest		permanent	[RFC 3230: Instance Digests in HTTP]
DPoP		permanent	[RFC-ietf-oauth-dpop-16: OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)]
DPoP-Nonce		permanent	[RFC-ietf-oauth-dpop-16: OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)]
Early-Data		permanent	[RFC 8470: Using Early Data in HTTP]
EDIINT-Features		provisional	[RFC 6017: Electronic Data Interchange - Internet Integration (EDIINT) Features Header Field]
ETag		permanent	[RFC9110, Section 8.8.3: HTTP Semantics]
Expect		permanent	[RFC9110, Section 10.1.1: HTTP Semantics]
Expect-CT		permanent	[RFC9163: Expect-CT Extension for HTTP]
Expires		permanent	[RFC9111, Section 5.3: HTTP Caching]
Ext		obsoleted	[RFC 2774: An HTTP Extension Framework][status-change-http-experiments-to-historic]
Forwarded		permanent	[RFC 7239: Forwarded HTTP Extension]
From		permanent	[RFC9110, Section 10.1.2: HTTP Semantics]
GetProfile		obsoleted	[Implementation of OPS Over HTTP]
Hobareg		permanent	[RFC 7486, Section 6.1.1: HTTP Origin-Bound Authentication (HOBA)]
Host		permanent	[RFC9110, Section 7.2: HTTP Semantics]
HTTP2-Settings		obsoleted	[RFC 7540, Section 3.2.1: Hypertext Transfer Protocol Version 2 (HTTP/2)]	Obsolete; see Section 11.1 of [RFC9113]
If		permanent	[RFC 4918: HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)]
If-Match		permanent	[RFC9110, Section 13.1.1: HTTP Semantics]
If-Modified-Since		permanent	[RFC9110, Section 13.1.3: HTTP Semantics]
If-None-Match		permanent	[RFC9110, Section 13.1.2: HTTP Semantics]
If-Range		permanent	[RFC9110, Section 13.1.5: HTTP Semantics]
If-Schedule-Tag-Match		permanent	[ RFC 6338: Scheduling Extensions to CalDAV]
If-Unmodified-Since		permanent	[RFC9110, Section 13.1.4: HTTP Semantics]
IM		permanent	[RFC 3229: Delta encoding in HTTP]
Include-Referred-Token-Binding-ID		permanent	[RFC 8473: Token Binding over HTTP]
Isolation	prov/isolation	provisional	[OData Version 4.01 Part 1: Protocol][OASIS][Chet_Ensign]
Keep-Alive		permanent	[RFC 2068: Hypertext Transfer Protocol -- HTTP/1.1]
Label		permanent	[RFC 3253: Versioning Extensions to WebDAV: (Web Distributed Authoring and Versioning)]
Last-Event-ID		permanent	[HTML]
Last-Modified		permanent	[RFC9110, Section 8.8.2: HTTP Semantics]
Link		permanent	[RFC 8288: Web Linking]
Location		permanent	[RFC9110, Section 10.2.2: HTTP Semantics]
Lock-Token		permanent	[RFC 4918: HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)]
Man		obsoleted	[RFC 2774: An HTTP Extension Framework][status-change-http-experiments-to-historic]
Max-Forwards		permanent	[RFC9110, Section 7.6.2: HTTP Semantics]
Memento-Datetime		permanent	[RFC 7089: HTTP Framework for Time-Based Access to Resource States -- Memento]
Meter		permanent	[RFC 2227: Simple Hit-Metering and Usage-Limiting for HTTP]
Method-Check		obsoleted	[Access Control for Cross-site Requests]
Method-Check-Expires		obsoleted	[Access Control for Cross-site Requests]
MIME-Version		permanent	[RFC9112, Appendix B.1: HTTP/1.1]
Negotiate		permanent	[RFC 2295: Transparent Content Negotiation in HTTP]
OData-EntityId	perm/odata-entityid	permanent	[OData Version 4.01 Part 1: Protocol][OASIS][Chet_Ensign]
OData-Isolation	perm/odata-isolation	permanent	[OData Version 4.01 Part 1: Protocol][OASIS][Chet_Ensign]
OData-MaxVersion	perm/odata-maxversion	permanent	[OData Version 4.01 Part 1: Protocol][OASIS][Chet_Ensign]
OData-Version	perm/odata-version	permanent	[OData Version 4.01 Part 1: Protocol][OASIS][Chet_Ensign]
Opt		obsoleted	[RFC 2774: An HTTP Extension Framework][status-change-http-experiments-to-historic]
Optional-WWW-Authenticate		permanent	[RFC 8053, Section 3: HTTP Authentication Extensions for Interactive Clients]
Ordering-Type		permanent	[RFC 3648: Web Distributed Authoring and Versioning (WebDAV) Ordered Collections Protocol]
Origin		permanent	[RFC 6454: The Web Origin Concept]
Origin-Agent-Cluster		permanent	[HTML]
OSCORE		permanent	[RFC 8613, Section 11.1: Object Security for Constrained RESTful Environments (OSCORE)]
OSLC-Core-Version		permanent	[OASIS Project Specification 01][OASIS][Chet_Ensign]
Overwrite		permanent	[RFC 4918: HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)]
P3P		obsoleted	[The Platform for Privacy Preferences 1.0 (P3P1.0) Specification]
PEP		obsoleted	[PEP - an Extension Mechanism for HTTP]
Pep-Info		obsoleted	[PEP - an Extension Mechanism for HTTP]
Permissions-Policy		provisional	[Permissions Policy]
PICS-Label		obsoleted	[PICS Label Distribution Label Syntax and Communication Protocols]
Ping-From		permanent	[HTML]
Ping-To		permanent	[HTML]
Position		permanent	[RFC 3648: Web Distributed Authoring and Versioning (WebDAV) Ordered Collections Protocol]
Pragma		deprecated	[RFC9111, Section 5.4: HTTP Caching]
Prefer		permanent	[RFC 7240: Prefer Header for HTTP]
Preference-Applied		permanent	[RFC 7240: Prefer Header for HTTP]
Priority		permanent	[RFC9218: Extensible Prioritization Scheme for HTTP]
ProfileObject		obsoleted	[Implementation of OPS Over HTTP]
Protocol		obsoleted	[PICS Label Distribution Label Syntax and Communication Protocols]
Protocol-Info		deprecated	[White Paper: Joint Electronic Payment Initiative]
Protocol-Query		deprecated	[White Paper: Joint Electronic Payment Initiative]
Protocol-Request		obsoleted	[PICS Label Distribution Label Syntax and Communication Protocols]
Proxy-Authenticate		permanent	[RFC9110, Section 11.7.1: HTTP Semantics]
Proxy-Authentication-Info		permanent	[RFC9110, Section 11.7.3: HTTP Semantics]
Proxy-Authorization		permanent	[RFC9110, Section 11.7.2: HTTP Semantics]
Proxy-Features		obsoleted	[Notification for Proxy Caches]
Proxy-Instruction		obsoleted	[Notification for Proxy Caches]
Proxy-Status		permanent	[RFC9209: The Proxy-Status HTTP Response Header Field]
Public		obsoleted	[RFC 2068: Hypertext Transfer Protocol -- HTTP/1.1]
Public-Key-Pins		permanent	[RFC 7469: Public Key Pinning Extension for HTTP]
Public-Key-Pins-Report-Only		permanent	[RFC 7469: Public Key Pinning Extension for HTTP]
Range		permanent	[RFC9110, Section 14.2: HTTP Semantics]
Redirect-Ref		permanent	[RFC 4437: Web Distributed Authoring and Versioning (WebDAV) Redirect Reference Resources]
Referer		permanent	[RFC9110, Section 10.1.3: HTTP Semantics]
Referer-Root		obsoleted	[Access Control for Cross-site Requests]
Refresh		permanent	[HTML]
Repeatability-Client-ID	prov/repeatability-client-id	provisional	[Repeatable Requests Version 1.0][OASIS][Chet_Ensign]
Repeatability-First-Sent	prov/repeatability-first-sent	provisional	[Repeatable Requests Version 1.0][OASIS][Chet_Ensign]
Repeatability-Request-ID	prov/repeatability-request-id	provisional	[Repeatable Requests Version 1.0][OASIS][Chet_Ensign]
Repeatability-Result	prov/repeatability-result	provisional	[Repeatable Requests Version 1.0][OASIS][Chet_Ensign]
Replay-Nonce		permanent	[RFC 8555, Section 6.5.1: Automatic Certificate Management Environment (ACME)]
Reporting-Endpoints		provisional	[Reporting API]
Retry-After		permanent	[RFC9110, Section 10.2.3: HTTP Semantics]
Safe		obsoleted	[RFC 2310: The Safe Response Header Field][status-change-http-experiments-to-historic]
Schedule-Reply		permanent	[RFC 6638: Scheduling Extensions to CalDAV]
Schedule-Tag		permanent	[RFC 6338: Scheduling Extensions to CalDAV]
Sec-GPC		provisional	[Global Privacy Control (GPC)]
Sec-Purpose		permanent	[Fetch]	Intended to replace the (not registered) Purpose and x-moz headers.
Sec-Token-Binding		permanent	[RFC 8473: Token Binding over HTTP]
Sec-WebSocket-Accept		permanent	[RFC 6455: The WebSocket Protocol]
Sec-WebSocket-Extensions		permanent	[RFC 6455: The WebSocket Protocol]
Sec-WebSocket-Key		permanent	[RFC 6455: The WebSocket Protocol]
Sec-WebSocket-Protocol		permanent	[RFC 6455: The WebSocket Protocol]
Sec-WebSocket-Version		permanent	[RFC 6455: The WebSocket Protocol]
Security-Scheme		obsoleted	[RFC 2660: The Secure HyperText Transfer Protocol][status-change-http-experiments-to-historic]
Server		permanent	[RFC9110, Section 10.2.4: HTTP Semantics]
Server-Timing		permanent	[Server Timing]
Set-Cookie		permanent	[RFC 6265: HTTP State Management Mechanism]
Set-Cookie2		obsoleted	[RFC 2965: HTTP State Management Mechanism][RFC 6265: HTTP State Management Mechanism]
SetProfile		obsoleted	[Implementation of OPS Over HTTP]
SLUG		permanent	[RFC 5023: The Atom Publishing Protocol]
SoapAction		permanent	[Simple Object Access Protocol (SOAP) 1.1]
Status-URI		permanent	[RFC 2518: HTTP Extensions for Distributed Authoring -- WEBDAV]
Strict-Transport-Security		permanent	[RFC 6797: HTTP Strict Transport Security (HSTS)]
Sunset		permanent	[RFC 8594: The Sunset HTTP Header Field]
Surrogate-Capability		permanent	[Edge Architecture Specification]
Surrogate-Control		permanent	[Edge Architecture Specification]
TCN		permanent	[RFC 2295: Transparent Content Negotiation in HTTP]
TE		permanent	[RFC9110, Section 10.1.4: HTTP Semantics]
Timeout		permanent	[RFC 4918: HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)]
Timing-Allow-Origin	prov/timing-allow-origin	provisional	[Resource Timing Level 1]
Topic		permanent	[RFC 8030, Section 5.4: Generic Event Delivery Using HTTP Push]
Traceparent		permanent	[Trace Context]
Tracestate		permanent	[Trace Context]
Trailer		permanent	[RFC9110, Section 6.6.2: HTTP Semantics]
Transfer-Encoding		permanent	[RFC9112, Section 6.1: HTTP Semantics]
TTL		permanent	[RFC 8030, Section 5.2: Generic Event Delivery Using HTTP Push]
Upgrade		permanent	[RFC9110, Section 7.8: HTTP Semantics]
Urgency		permanent	[RFC 8030, Section 5.3: Generic Event Delivery Using HTTP Push]
URI		obsoleted	[RFC 2068: Hypertext Transfer Protocol -- HTTP/1.1]
User-Agent		permanent	[RFC9110, Section 10.1.5: HTTP Semantics]
Variant-Vary		permanent	[RFC 2295: Transparent Content Negotiation in HTTP]
Vary		permanent	[RFC9110, Section 12.5.5: HTTP Semantics]
Via		permanent	[RFC9110, Section 7.6.3: HTTP Semantics]
Want-Digest		permanent	[RFC 3230: Instance Digests in HTTP]
Warning		obsoleted	[RFC9111, Section 5.5: HTTP Caching]
WWW-Authenticate		permanent	[RFC9110, Section 11.6.1: HTTP Semantics]
X-Content-Type-Options		permanent	[Fetch]
X-Frame-Options		permanent	[HTML]
*		permanent	[RFC9110, Section 12.5.5: HTTP Semantics]	(reserved)

Contact Information

ID	Name	Contact URI	Last Updated
[Chet_Ensign]	Chet Ensign	mailto:chet.ensign&oasis-open.org	2020-09-01
[OASIS]	OASIS	https://www.oasis-open.org