Does the order of headers in an HTTP response ever matter?
Http HeadersHttp Headers Problem Overview
Is it ever meaningful whether the order of headers is
A: 1
B: 2
vs
B:2
A:1
I'm trying to figure out if I can use a dictionary to store a list of headers or if it needs to be some kind of list or ordered dictionary.
Http Headers Solutions
Solution 1 - Http Headers
No, it does not matter for headers with different names. See RFC 2616, section 4.2:
> The order in which header fields with differing field names are received is not significant. However, it is "good practice" to send general-header fields first, followed by request-header or response- header fields, and ending with the entity-header fields.
It DOES matter, however, for multiple headers with the same name:
> Multiple message-header fields with the same field-name MAY be present in a message if and only if the entire field-value for that header field is defined as a comma-separated list [i.e., #(values)]. It MUST be possible to combine the multiple header fields into one "field-name: field-value" pair, without changing the semantics of the message, by appending each subsequent field-value to the first, each separated by a comma. The order in which header fields with the same field-name are received is therefore significant to the interpretation of the combined field value, and thus a proxy MUST NOT change the order of these field values when a message is forwarded.
Solution 2 - Http Headers
The order of the headers should not matter. There might be "weaker" implementations of HTTP standard where the ordering does matter, but it shouldn't in general.
Here's a link that describes HTTP headers:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2
Solution 3 - Http Headers
HTTP Headers are independent of each other and you can use a dictionary to store them without worrying about their order.
Solution 4 - Http Headers
It could also matter when specifying set-cookie
several times for the same cookie:
"Set-Cookie: COOKIE1=VALUE1; ...
"Set-Cookie: COOKIE1=VALUE2; ...
In this case, COOKIE1
will be set to VALUE2
, and if the order is changed:
"Set-Cookie: COOKIE1=VALUE2; ...
"Set-Cookie: COOKIE1=VALUE1; ...
COOKIE1
will be set to VALUE1
Solution 5 - Http Headers
RFC 7230, section 3.2.2: Field Order addresses this question specifically. Quotes here are from that section of the specification, with emphasis added by me:
> The order in which header fields with differing field names are received is not significant.
It goes on to qualify that with a note about good practice for the sake of performance:
> However, it is good practice to send header fields that contain control data first, such as Host on requests and Date on responses, so that implementations can decide when not to handle a message as early as possible.
In certain cases it is permissible for a message to contain multiple header fields with the same name. In this case, order does matter.
> A recipient MAY combine multiple header fields with the same field name into one "field-name: field-value" pair, without changing the semantics of the message, by appending each subsequent field value to the combined field value in order, separated by a comma. The order in which header fields with the same field name are received is therefore significant to the interpretation of the combined field value.