Debug Headers with GET

 November 17th, 2020
tech
HTTP offers a convenient way to download only the headers: send a HEAD request: 
$ telnet www.example.com 80
Trying 93.184.216.34...
Connected to www.example.com.
Escape character is '^]'.
HEAD / HTTP/1.1
Host: www.example.com

HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Age: 325063
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 Nov 2020 02:29:50 GMT
Etag: "3147526947"
Expires: Tue, 24 Nov 2020 02:29:50 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (dcb/7F82)
X-Cache: HIT
Content-Length: 648
Of course you wouldn't usually manually type into telnet, you'd use something like curl: 
$ curl -I http://www.example.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 326121
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 Nov 2020 02:47:38 GMT
Etag: "3147526947"
Expires: Tue, 24 Nov 2020 02:47:38 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (dcb/7EC9)
X-Cache: HIT
Content-Length: 1256
It's defined in RFC 7231:
The HEAD method is identical to GET except that the server MUST NOT send a message body in the response (i.e., the response terminates at the end of the header section). The server SHOULD send the same header fields in response to a HEAD request as it would have sent if the request had been a GET, except that the payload header fields MAY be omitted.

Unfortunately, HEAD is a trap. When you are trying to debug strange server behavior, it is much safer to send GET requests and throw away the body (ex, ex). Not only is "SHOULD" just a recommendation, but even if this were a "MUST" you could bet some servers would mishandle it. Counterfactuals are hard!

While differences are rare, always debugging by requesting the body like a normal client would, and then discarding it, means one fewer way that your debug request differs from a real one: 

$ curl -sS -D- -o/dev/null http://www.example.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 326124
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 Nov 2020 02:47:41 GMT
Etag: "3147526947"
Expires: Tue, 24 Nov 2020 02:47:41 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (dcb/7EC9)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 1256

Going farther in the same direction, it's even better to start with "Copy as cURL":

And then add the -sS -D- -o/dev/null to get the headers if that's all you want.

Comment via: facebook, lesswrong, substack

Recent posts on blogs I like:

Elixir's Last Dance

On May 18th, the contra dance band Elixir had their last gig ever. The dance was packed: there were three hundred people. It was the only dance BIDA has ever done where they sold tickets. People flew from across the country just to hear Elixir play one la…

via Lily Wise's Blog Posts June 5, 2025

Body Language For Trans People

When I first came out as trans, resources for trans people were full of advice about body language.

via Thing of Things June 2, 2025

Workshop House case study

Lauren Hoffman interviewed me about Workshop House and wrote this post about a community I’m working on building in DC.

via Home April 30, 2025

more     (via openring)