Content-Length header with HEAD requests?

HttpRestHttp Headers

Http Problem Overview

The http spec says about the HEAD request:

> The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response. The metainformation contained in the HTTP headers in response to a HEAD request SHOULD be identical to the information sent in response to a GET request.

Should the response to a HEAD request contain a Content-Length header? Should it be the value which would be returned on a GET request, even if there is no response body? Or should the Content-Length be 0?

Http Solutions

Solution 1 - Http

To me it looks like the HTTP 1.1 RFC is pretty specific:
> The Content-Length > entity-header field indicates the size of the entity-body, in decimal > number of OCTETs, sent to the recipient or, in the case of the HEAD > method, the size of the entity-body that would have been sent had > the request been a GET.

Solution 2 - Http

Section 14.13 of the HTTP/1.1 spec detailed the Content-Length header, and says this:

> Applications SHOULD use this field to > indicate the transfer-length of the > message-body, unless this is > prohibited by the rules in section > 4.4.

The word 'SHOULD' has a very specific meaning in RFCs:

> 3. SHOULD This word, or the adjective "RECOMMENDED", mean that there may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course.

So, you may not always see a Content-Length. Typically you might not see it for any content which is dynamically generated, since that might be too expensive to service an exploratory HEAD request. For example, a HEAD request to Apache for a static file will have a Content-Length, but a request for a PHP script may not.

For example, try this very website...

telnet stackoverflow.com 80

HEAD / HTTP/1.0
Host:stackoverflow.com

HTTP/1.1 200 OK
Date: Mon, 11 Jan 2016 10:58:25 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: __cfduid=c2eb4742a1e02d89cab0402220736c0bd1452509905; expires=Tue, 10-Jan-17 10:58:25 GMT; path=/; domain=.stackoverflow.com; HttpOnly
Cache-Control: public, no-cache="Set-Cookie", max-age=36
Expires: Mon, 11 Jan 2016 10:59:02 GMT
Last-Modified: Mon, 11 Jan 2016 10:58:02 GMT
Vary: *
X-Frame-Options: SAMEORIGIN
X-Request-Guid: 487e80bc-3783-4cfd-d883-a3bc84253234
Set-Cookie: prov=8dc24306-c067-45eb-bf5d-cffa855c2b03; domain=.stackoverflow.com; expires=Fri, 01-Jan-2055 00:00:00 GMT; path=/; HttpOnly
Server: cloudflare-nginx
CF-RAY: 26303c15f8e035a2-LHR

No content-length there.

Solution 3 - Http

Yes, the Content-Length of a HEAD response SHOULD, but not always does (see @Paul's answer) include the Content-Length value of a GET response:

Stack Overflow does:

> telnet stackoverflow.com 80
HEAD / HTTP/1.1
Host: stackoverflow.com


HTTP/1.1 200 OK
Cache-Control: public, max-age=60
Content-Length: 362245                           <--------
Content-Type: text/html; charset=utf-8
Expires: Mon, 04 Oct 2010 11:51:49 GMT
Last-Modified: Mon, 04 Oct 2010 11:50:49 GMT
Vary: *
Date: Mon, 04 Oct 2010 11:50:49 GMT

Google doesn't:

> telnet www.google.com 80
HEAD / HTTP/1.1
Host: www.google.ie


HTTP/1.1 200 OK
Date: Mon, 04 Oct 2010 11:55:36 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Server: gws
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked

Solution 4 - Http

The HTTP-spec at W3C states:

> If the new field values indicate that the cached entity differs from the current entity (as would be indicated by a change in Content-Length, ...

Which (to me) means it should hold the "correct" value as you would in a GET response.

Solution 5 - Http

Contra the accepted answer, section 4.3.2 of RFC 7231 states:

> The server SHOULD send the same header fields in response to a HEAD request as it would have sent if the request had been a GET, except that the payload header fields (Section 3.3)

—which is to say, Content-Length, Content-Range, Trailer, and Transfer-Encoding—

> MAY be omitted.

This is even weaker than the note on SHOULD in Paul Dixon's answer:

> 5. MAY This word, or the adjective "OPTIONAL", mean that an item is truly optional. One vendor may choose to include the item because a particular marketplace requires it or because the vendor feels that it enhances the product while another vendor may omit the same item.

So the real answer is, you don't need to include Content-Length, but if you do, you should give the correct value.

Categories
Recommended Http Solutions
Recommended Rest Solutions
Recommended Http Headers Solutions

Previous Solution:

SQLite Insert very slow?

C#Sqlitesystem.data.sqlite

Next Solution:

Check if an executable exists in the Windows path

C#.NetFile

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestiondeamonView Question on Stackoverflow
Solution 1 - HttpnietakiView Answer on Stackoverflow
Solution 2 - HttpPaul DixonView Answer on Stackoverflow
Solution 3 - HttpDaniel VassalloView Answer on Stackoverflow
Solution 4 - HttpMichael BanzonView Answer on Stackoverflow
Solution 5 - HttpDavid MolesView Answer on Stackoverflow