classafButter::HttpResponseHeaders
sys::Obj afButter::HttpResponseHeaders
A wrapper for HTTP response headers with accessors for commonly used headings. Accessors return null if the header doesn't exist, or isn't encoded properly.
@see https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
- cacheControl
Str? cacheControl { private set }Tells all caching mechanisms from server to client whether they may cache this object. It is measured in seconds.
Cache-Control: max-age=3600
- contentDisposition
Str? contentDisposition { private set }Usually used to direct the client to display a
save asdialog.Content-Disposition: Attachment; filename=example.html
- contentEncoding
Str? contentEncoding { private set }The type of encoding used on the data.
Content-Encoding: gzip
- contentLength
Int? contentLength { private set }The length of the response body in octets (8-bit bytes).
Content-Length: 348
- contentSecurityPolicy
[Str:Str]? contentSecurityPolicy { private set }Mitigates XSS attacks by telling browsers to restrict where content can be loaded from.
Content-Security-Policy: default-src 'self'; font-src 'self' https://fonts.googleapis.com/; object-src 'none'
- contentSecurityPolicyReportOnly
[Str:Str]? contentSecurityPolicyReportOnly { private set }Similar to contentSecurityPolicy only violations aren't blocked, just reported. Useful for development / testing.
Content-Security-Policy-Report-Only: default-src 'self'; font-src 'self' https://fonts.googleapis.com/; object-src 'none'
- contentType
MimeType? contentType { private set }The MIME type of this content.
Content-Type: text/html; charset=utf-8
- eTag
Str? eTag { private set }An identifier for a specific version of a resource, often a message digest.
ETag: "737060cd8c284d8af7ad3082f209582d"
- each
Iterates over the headers.
- expires
DateTime? expires { private set }Gives the date/time after which the response is considered stale.
Expires: Thu, 01 Dec 1994 16:00:00 GMT
- getAll
Returns all header with the given name. (case-insensitive)
- getFirst
@Operator
Str? getFirst(Str name)Returns the first header with the given name. (case-insensitive)
- lastModified
DateTime? lastModified { private set }The last modified date for the requested object, in RFC 2822 format.
Last-Modified: Tue, 15 Nov 1994 12:45:26 +0000
- location
Uri? location { private set }Used in redirection, or when a new resource has been created.
Location: http://www.w3.org/pub/WWW/People.html
- make
new make(|This in)it-block ctor.
- makeFromInStream
new makeFromInStream(InStream in)Parses headers from the given InStream.
- makeFromMap
new makeFromMap([Str:Str]? headers := null)Creates
HttpResponseHeaderscopying over values in the given map.- pragma
Str? pragma { private set }Implementation-specific headers.
Pragma: no-cache
- referrerPolicy
Str? referrerPolicy { private set }Tells browsers how and when to transmit the HTTP
Referer(sic) header.Referrer-Policy: same-origin
- setCookies
Cookie[]? setCookies { private set }HTTP cookies previously sent by the server with
Set-Cookie.Set-Cookie: UserID=JohnDoe; Max-Age=3600
- strictTransportSecurity
Str? strictTransportSecurity { private set }Tells browsers to always use HTTPS.
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
- val
Returns a read-only case insensitive map of the headers.
- wwwAuthenticate
Str? wwwAuthenticate { private set }WWW-Authenticate header to indicate supported authentication mechanisms.
WWW-Authenticate: SCRAM hash=SHA-256
- xContentTypeOptions
Str? xContentTypeOptions { private set }Tells browsers to trust the
Content-Typeheader.X-Content-Type-Options: nosniff
- xFrameOptions
Str? xFrameOptions { private set }Clickjacking protection, set to:
deny- no rendering within a frame,sameorigin- no rendering if origin mismatch
X-Frame-Options: deny
- xXssProtection
Str? xXssProtection { private set }Cross-site scripting (XSS) filter.
X-XSS-Protection: 1; mode=block