001/*
002 * Copyright (C) 2011 The Guava Authors
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
005 * in compliance with the License. You may obtain a copy of the License at
006 *
007 * http://www.apache.org/licenses/LICENSE-2.0
008 *
009 * Unless required by applicable law or agreed to in writing, software distributed under the License
010 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
011 * or implied. See the License for the specific language governing permissions and limitations under
012 * the License.
013 */
014
015package com.google.common.net;
016
017import com.google.common.annotations.GwtCompatible;
018
019/**
020 * Contains constant definitions for the HTTP header field names. See:
021 *
022 * <ul>
023 *   <li><a href="http://www.ietf.org/rfc/rfc2109.txt">RFC 2109</a>
024 *   <li><a href="http://www.ietf.org/rfc/rfc2183.txt">RFC 2183</a>
025 *   <li><a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a>
026 *   <li><a href="http://www.ietf.org/rfc/rfc2965.txt">RFC 2965</a>
027 *   <li><a href="http://www.ietf.org/rfc/rfc5988.txt">RFC 5988</a>
028 * </ul>
029 *
030 * @author Kurt Alfred Kluever
031 * @since 11.0
032 */
033@GwtCompatible
034@ElementTypesAreNonnullByDefault
035public final class HttpHeaders {
036  private HttpHeaders() {}
037
038  // HTTP Request and Response header fields
039
040  /** The HTTP {@code Cache-Control} header field name. */
041  public static final String CACHE_CONTROL = "Cache-Control";
042  /** The HTTP {@code Content-Length} header field name. */
043  public static final String CONTENT_LENGTH = "Content-Length";
044  /** The HTTP {@code Content-Type} header field name. */
045  public static final String CONTENT_TYPE = "Content-Type";
046  /** The HTTP {@code Date} header field name. */
047  public static final String DATE = "Date";
048  /** The HTTP {@code Pragma} header field name. */
049  public static final String PRAGMA = "Pragma";
050  /** The HTTP {@code Via} header field name. */
051  public static final String VIA = "Via";
052  /** The HTTP {@code Warning} header field name. */
053  public static final String WARNING = "Warning";
054
055  // HTTP Request header fields
056
057  /** The HTTP {@code Accept} header field name. */
058  public static final String ACCEPT = "Accept";
059  /** The HTTP {@code Accept-Charset} header field name. */
060  public static final String ACCEPT_CHARSET = "Accept-Charset";
061  /** The HTTP {@code Accept-Encoding} header field name. */
062  public static final String ACCEPT_ENCODING = "Accept-Encoding";
063  /** The HTTP {@code Accept-Language} header field name. */
064  public static final String ACCEPT_LANGUAGE = "Accept-Language";
065  /** The HTTP {@code Access-Control-Request-Headers} header field name. */
066  public static final String ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers";
067  /** The HTTP {@code Access-Control-Request-Method} header field name. */
068  public static final String ACCESS_CONTROL_REQUEST_METHOD = "Access-Control-Request-Method";
069  /** The HTTP {@code Authorization} header field name. */
070  public static final String AUTHORIZATION = "Authorization";
071  /** The HTTP {@code Connection} header field name. */
072  public static final String CONNECTION = "Connection";
073  /** The HTTP {@code Cookie} header field name. */
074  public static final String COOKIE = "Cookie";
075  /**
076   * The HTTP <a href="https://fetch.spec.whatwg.org/#cross-origin-resource-policy-header">{@code
077   * Cross-Origin-Resource-Policy}</a> header field name.
078   *
079   * @since 28.0
080   */
081  public static final String CROSS_ORIGIN_RESOURCE_POLICY = "Cross-Origin-Resource-Policy";
082  /**
083   * The HTTP <a href="https://tools.ietf.org/html/rfc8470">{@code Early-Data}</a> header field
084   * name.
085   *
086   * @since 27.0
087   */
088  public static final String EARLY_DATA = "Early-Data";
089  /** The HTTP {@code Expect} header field name. */
090  public static final String EXPECT = "Expect";
091  /** The HTTP {@code From} header field name. */
092  public static final String FROM = "From";
093  /**
094   * The HTTP <a href="https://tools.ietf.org/html/rfc7239">{@code Forwarded}</a> header field name.
095   *
096   * @since 20.0
097   */
098  public static final String FORWARDED = "Forwarded";
099  /**
100   * The HTTP {@code Follow-Only-When-Prerender-Shown} header field name.
101   *
102   * @since 17.0
103   */
104  public static final String FOLLOW_ONLY_WHEN_PRERENDER_SHOWN = "Follow-Only-When-Prerender-Shown";
105  /** The HTTP {@code Host} header field name. */
106  public static final String HOST = "Host";
107  /**
108   * The HTTP <a href="https://tools.ietf.org/html/rfc7540#section-3.2.1">{@code HTTP2-Settings}
109   * </a> header field name.
110   *
111   * @since 24.0
112   */
113  public static final String HTTP2_SETTINGS = "HTTP2-Settings";
114  /** The HTTP {@code If-Match} header field name. */
115  public static final String IF_MATCH = "If-Match";
116  /** The HTTP {@code If-Modified-Since} header field name. */
117  public static final String IF_MODIFIED_SINCE = "If-Modified-Since";
118  /** The HTTP {@code If-None-Match} header field name. */
119  public static final String IF_NONE_MATCH = "If-None-Match";
120  /** The HTTP {@code If-Range} header field name. */
121  public static final String IF_RANGE = "If-Range";
122  /** The HTTP {@code If-Unmodified-Since} header field name. */
123  public static final String IF_UNMODIFIED_SINCE = "If-Unmodified-Since";
124  /** The HTTP {@code Last-Event-ID} header field name. */
125  public static final String LAST_EVENT_ID = "Last-Event-ID";
126  /** The HTTP {@code Max-Forwards} header field name. */
127  public static final String MAX_FORWARDS = "Max-Forwards";
128  /** The HTTP {@code Origin} header field name. */
129  public static final String ORIGIN = "Origin";
130  /**
131   * The HTTP <a href="https://github.com/WICG/origin-isolation">{@code Origin-Isolation}</a> header
132   * field name.
133   *
134   * @since 30.1
135   */
136  public static final String ORIGIN_ISOLATION = "Origin-Isolation";
137  /** The HTTP {@code Proxy-Authorization} header field name. */
138  public static final String PROXY_AUTHORIZATION = "Proxy-Authorization";
139  /** The HTTP {@code Range} header field name. */
140  public static final String RANGE = "Range";
141  /** The HTTP {@code Referer} header field name. */
142  public static final String REFERER = "Referer";
143  /**
144   * The HTTP <a href="https://www.w3.org/TR/referrer-policy/">{@code Referrer-Policy}</a> header
145   * field name.
146   *
147   * @since 23.4
148   */
149  public static final String REFERRER_POLICY = "Referrer-Policy";
150
151  /**
152   * Values for the <a href="https://www.w3.org/TR/referrer-policy/">{@code Referrer-Policy}</a>
153   * header.
154   *
155   * @since 23.4
156   */
157  public static final class ReferrerPolicyValues {
158    private ReferrerPolicyValues() {}
159
160    public static final String NO_REFERRER = "no-referrer";
161    public static final String NO_REFFERER_WHEN_DOWNGRADE = "no-referrer-when-downgrade";
162    public static final String SAME_ORIGIN = "same-origin";
163    public static final String ORIGIN = "origin";
164    public static final String STRICT_ORIGIN = "strict-origin";
165    public static final String ORIGIN_WHEN_CROSS_ORIGIN = "origin-when-cross-origin";
166    public static final String STRICT_ORIGIN_WHEN_CROSS_ORIGIN = "strict-origin-when-cross-origin";
167    public static final String UNSAFE_URL = "unsafe-url";
168  }
169
170  /**
171   * The HTTP <a href="https://www.w3.org/TR/service-workers/#update-algorithm">{@code
172   * Service-Worker}</a> header field name.
173   *
174   * @since 20.0
175   */
176  public static final String SERVICE_WORKER = "Service-Worker";
177  /** The HTTP {@code TE} header field name. */
178  public static final String TE = "TE";
179  /** The HTTP {@code Upgrade} header field name. */
180  public static final String UPGRADE = "Upgrade";
181  /**
182   * The HTTP <a href="https://w3c.github.io/webappsec-upgrade-insecure-requests/#preference">{@code
183   * Upgrade-Insecure-Requests}</a> header field name.
184   *
185   * @since 28.1
186   */
187  public static final String UPGRADE_INSECURE_REQUESTS = "Upgrade-Insecure-Requests";
188
189  /** The HTTP {@code User-Agent} header field name. */
190  public static final String USER_AGENT = "User-Agent";
191
192  // HTTP Response header fields
193
194  /** The HTTP {@code Accept-Ranges} header field name. */
195  public static final String ACCEPT_RANGES = "Accept-Ranges";
196  /** The HTTP {@code Access-Control-Allow-Headers} header field name. */
197  public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
198  /** The HTTP {@code Access-Control-Allow-Methods} header field name. */
199  public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
200  /** The HTTP {@code Access-Control-Allow-Origin} header field name. */
201  public static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
202  /**
203   * The HTTP <a href="https://wicg.github.io/private-network-access/#headers">{@code
204   * Access-Control-Allow-Private-Network}</a> header field name.
205   *
206   * @since 31.1
207   */
208  public static final String ACCESS_CONTROL_ALLOW_PRIVATE_NETWORK =
209      "Access-Control-Allow-Private-Network";
210  /** The HTTP {@code Access-Control-Allow-Credentials} header field name. */
211  public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";
212  /** The HTTP {@code Access-Control-Expose-Headers} header field name. */
213  public static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers";
214  /** The HTTP {@code Access-Control-Max-Age} header field name. */
215  public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age";
216  /** The HTTP {@code Age} header field name. */
217  public static final String AGE = "Age";
218  /** The HTTP {@code Allow} header field name. */
219  public static final String ALLOW = "Allow";
220  /** The HTTP {@code Content-Disposition} header field name. */
221  public static final String CONTENT_DISPOSITION = "Content-Disposition";
222  /** The HTTP {@code Content-Encoding} header field name. */
223  public static final String CONTENT_ENCODING = "Content-Encoding";
224  /** The HTTP {@code Content-Language} header field name. */
225  public static final String CONTENT_LANGUAGE = "Content-Language";
226  /** The HTTP {@code Content-Location} header field name. */
227  public static final String CONTENT_LOCATION = "Content-Location";
228  /** The HTTP {@code Content-MD5} header field name. */
229  public static final String CONTENT_MD5 = "Content-MD5";
230  /** The HTTP {@code Content-Range} header field name. */
231  public static final String CONTENT_RANGE = "Content-Range";
232  /**
233   * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-header-field">{@code
234   * Content-Security-Policy}</a> header field name.
235   *
236   * @since 15.0
237   */
238  public static final String CONTENT_SECURITY_POLICY = "Content-Security-Policy";
239  /**
240   * The HTTP <a href="http://w3.org/TR/CSP/#content-security-policy-report-only-header-field">
241   * {@code Content-Security-Policy-Report-Only}</a> header field name.
242   *
243   * @since 15.0
244   */
245  public static final String CONTENT_SECURITY_POLICY_REPORT_ONLY =
246      "Content-Security-Policy-Report-Only";
247  /**
248   * The HTTP nonstandard {@code X-Content-Security-Policy} header field name. It was introduced in
249   * <a href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the Firefox until
250   * version 23 and the Internet Explorer version 10. Please, use {@link #CONTENT_SECURITY_POLICY}
251   * to pass the CSP.
252   *
253   * @since 20.0
254   */
255  public static final String X_CONTENT_SECURITY_POLICY = "X-Content-Security-Policy";
256  /**
257   * The HTTP nonstandard {@code X-Content-Security-Policy-Report-Only} header field name. It was
258   * introduced in <a href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the
259   * Firefox until version 23 and the Internet Explorer version 10. Please, use {@link
260   * #CONTENT_SECURITY_POLICY_REPORT_ONLY} to pass the CSP.
261   *
262   * @since 20.0
263   */
264  public static final String X_CONTENT_SECURITY_POLICY_REPORT_ONLY =
265      "X-Content-Security-Policy-Report-Only";
266  /**
267   * The HTTP nonstandard {@code X-WebKit-CSP} header field name. It was introduced in <a
268   * href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the Chrome until
269   * version 25. Please, use {@link #CONTENT_SECURITY_POLICY} to pass the CSP.
270   *
271   * @since 20.0
272   */
273  public static final String X_WEBKIT_CSP = "X-WebKit-CSP";
274  /**
275   * The HTTP nonstandard {@code X-WebKit-CSP-Report-Only} header field name. It was introduced in
276   * <a href="https://www.w3.org/TR/2011/WD-CSP-20111129/">CSP v.1</a> and used by the Chrome until
277   * version 25. Please, use {@link #CONTENT_SECURITY_POLICY_REPORT_ONLY} to pass the CSP.
278   *
279   * @since 20.0
280   */
281  public static final String X_WEBKIT_CSP_REPORT_ONLY = "X-WebKit-CSP-Report-Only";
282  /**
283   * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP">{@code
284   * Cross-Origin-Embedder-Policy}</a> header field name.
285   *
286   * @since 30.0
287   */
288  public static final String CROSS_ORIGIN_EMBEDDER_POLICY = "Cross-Origin-Embedder-Policy";
289  /**
290   * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP-RO">{@code
291   * Cross-Origin-Embedder-Policy-Report-Only}</a> header field name.
292   *
293   * @since 30.0
294   */
295  public static final String CROSS_ORIGIN_EMBEDDER_POLICY_REPORT_ONLY =
296      "Cross-Origin-Embedder-Policy-Report-Only";
297  /**
298   * The HTTP Cross-Origin-Opener-Policy header field name.
299   *
300   * @since 28.2
301   */
302  public static final String CROSS_ORIGIN_OPENER_POLICY = "Cross-Origin-Opener-Policy";
303  /** The HTTP {@code ETag} header field name. */
304  public static final String ETAG = "ETag";
305  /** The HTTP {@code Expires} header field name. */
306  public static final String EXPIRES = "Expires";
307  /** The HTTP {@code Last-Modified} header field name. */
308  public static final String LAST_MODIFIED = "Last-Modified";
309  /** The HTTP {@code Link} header field name. */
310  public static final String LINK = "Link";
311  /** The HTTP {@code Location} header field name. */
312  public static final String LOCATION = "Location";
313  /**
314   * The HTTP {@code Keep-Alive} header field name.
315   *
316   * @since 31.0
317   */
318  public static final String KEEP_ALIVE = "Keep-Alive";
319  /**
320   * The HTTP <a href="https://googlechrome.github.io/OriginTrials/#header">{@code Origin-Trial}</a>
321   * header field name.
322   *
323   * @since 27.1
324   */
325  public static final String ORIGIN_TRIAL = "Origin-Trial";
326  /** The HTTP {@code P3P} header field name. Limited browser support. */
327  public static final String P3P = "P3P";
328  /** The HTTP {@code Proxy-Authenticate} header field name. */
329  public static final String PROXY_AUTHENTICATE = "Proxy-Authenticate";
330  /** The HTTP {@code Refresh} header field name. Non-standard header supported by most browsers. */
331  public static final String REFRESH = "Refresh";
332  /**
333   * The HTTP <a href="https://www.w3.org/TR/reporting/">{@code Report-To}</a> header field name.
334   *
335   * @since 27.1
336   */
337  public static final String REPORT_TO = "Report-To";
338  /** The HTTP {@code Retry-After} header field name. */
339  public static final String RETRY_AFTER = "Retry-After";
340  /** The HTTP {@code Server} header field name. */
341  public static final String SERVER = "Server";
342  /**
343   * The HTTP <a href="https://www.w3.org/TR/server-timing/">{@code Server-Timing}</a> header field
344   * name.
345   *
346   * @since 23.6
347   */
348  public static final String SERVER_TIMING = "Server-Timing";
349  /**
350   * The HTTP <a href="https://www.w3.org/TR/service-workers/#update-algorithm">{@code
351   * Service-Worker-Allowed}</a> header field name.
352   *
353   * @since 20.0
354   */
355  public static final String SERVICE_WORKER_ALLOWED = "Service-Worker-Allowed";
356  /** The HTTP {@code Set-Cookie} header field name. */
357  public static final String SET_COOKIE = "Set-Cookie";
358  /** The HTTP {@code Set-Cookie2} header field name. */
359  public static final String SET_COOKIE2 = "Set-Cookie2";
360
361  /**
362   * The HTTP <a href="http://goo.gl/Dxx19N">{@code SourceMap}</a> header field name.
363   *
364   * @since 27.1
365   */
366  public static final String SOURCE_MAP = "SourceMap";
367
368  /**
369   * The HTTP <a href="http://tools.ietf.org/html/rfc6797#section-6.1">{@code
370   * Strict-Transport-Security}</a> header field name.
371   *
372   * @since 15.0
373   */
374  public static final String STRICT_TRANSPORT_SECURITY = "Strict-Transport-Security";
375  /**
376   * The HTTP <a href="http://www.w3.org/TR/resource-timing/#cross-origin-resources">{@code
377   * Timing-Allow-Origin}</a> header field name.
378   *
379   * @since 15.0
380   */
381  public static final String TIMING_ALLOW_ORIGIN = "Timing-Allow-Origin";
382  /** The HTTP {@code Trailer} header field name. */
383  public static final String TRAILER = "Trailer";
384  /** The HTTP {@code Transfer-Encoding} header field name. */
385  public static final String TRANSFER_ENCODING = "Transfer-Encoding";
386  /** The HTTP {@code Vary} header field name. */
387  public static final String VARY = "Vary";
388  /** The HTTP {@code WWW-Authenticate} header field name. */
389  public static final String WWW_AUTHENTICATE = "WWW-Authenticate";
390
391  // Common, non-standard HTTP header fields
392
393  /** The HTTP {@code DNT} header field name. */
394  public static final String DNT = "DNT";
395  /** The HTTP {@code X-Content-Type-Options} header field name. */
396  public static final String X_CONTENT_TYPE_OPTIONS = "X-Content-Type-Options";
397  /**
398   * The HTTP <a
399   * href="https://iabtechlab.com/wp-content/uploads/2019/06/VAST_4.2_final_june26.pdf">{@code
400   * X-Device-IP}</a> header field name. Header used for VAST requests to provide the IP address of
401   * the device on whose behalf the request is being made.
402   *
403   * @since 31.0
404   */
405  public static final String X_DEVICE_IP = "X-Device-IP";
406  /**
407   * The HTTP <a
408   * href="https://iabtechlab.com/wp-content/uploads/2019/06/VAST_4.2_final_june26.pdf">{@code
409   * X-Device-Referer}</a> header field name. Header used for VAST requests to provide the {@link
410   * #REFERER} header value that the on-behalf-of client would have used when making a request
411   * itself.
412   *
413   * @since 31.0
414   */
415  public static final String X_DEVICE_REFERER = "X-Device-Referer";
416  /**
417   * The HTTP <a
418   * href="https://iabtechlab.com/wp-content/uploads/2019/06/VAST_4.2_final_june26.pdf">{@code
419   * X-Device-Accept-Language}</a> header field name. Header used for VAST requests to provide the
420   * {@link #ACCEPT_LANGUAGE} header value that the on-behalf-of client would have used when making
421   * a request itself.
422   *
423   * @since 31.0
424   */
425  public static final String X_DEVICE_ACCEPT_LANGUAGE = "X-Device-Accept-Language";
426  /**
427   * The HTTP <a
428   * href="https://iabtechlab.com/wp-content/uploads/2019/06/VAST_4.2_final_june26.pdf">{@code
429   * X-Device-Requested-With}</a> header field name. Header used for VAST requests to provide the
430   * {@link #X_REQUESTED_WITH} header value that the on-behalf-of client would have used when making
431   * a request itself.
432   *
433   * @since 31.0
434   */
435  public static final String X_DEVICE_REQUESTED_WITH = "X-Device-Requested-With";
436  /** The HTTP {@code X-Do-Not-Track} header field name. */
437  public static final String X_DO_NOT_TRACK = "X-Do-Not-Track";
438  /** The HTTP {@code X-Forwarded-For} header field name (superseded by {@code Forwarded}). */
439  public static final String X_FORWARDED_FOR = "X-Forwarded-For";
440  /** The HTTP {@code X-Forwarded-Proto} header field name. */
441  public static final String X_FORWARDED_PROTO = "X-Forwarded-Proto";
442  /**
443   * The HTTP <a href="http://goo.gl/lQirAH">{@code X-Forwarded-Host}</a> header field name.
444   *
445   * @since 20.0
446   */
447  public static final String X_FORWARDED_HOST = "X-Forwarded-Host";
448  /**
449   * The HTTP <a href="http://goo.gl/YtV2at">{@code X-Forwarded-Port}</a> header field name.
450   *
451   * @since 20.0
452   */
453  public static final String X_FORWARDED_PORT = "X-Forwarded-Port";
454  /** The HTTP {@code X-Frame-Options} header field name. */
455  public static final String X_FRAME_OPTIONS = "X-Frame-Options";
456  /** The HTTP {@code X-Powered-By} header field name. */
457  public static final String X_POWERED_BY = "X-Powered-By";
458  /**
459   * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code
460   * Public-Key-Pins}</a> header field name.
461   *
462   * @since 15.0
463   */
464  public static final String PUBLIC_KEY_PINS = "Public-Key-Pins";
465  /**
466   * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code
467   * Public-Key-Pins-Report-Only}</a> header field name.
468   *
469   * @since 15.0
470   */
471  public static final String PUBLIC_KEY_PINS_REPORT_ONLY = "Public-Key-Pins-Report-Only";
472  /**
473   * The HTTP {@code X-Request-ID} header field name.
474   *
475   * @since 30.1
476   */
477  public static final String X_REQUEST_ID = "X-Request-ID";
478  /** The HTTP {@code X-Requested-With} header field name. */
479  public static final String X_REQUESTED_WITH = "X-Requested-With";
480  /** The HTTP {@code X-User-IP} header field name. */
481  public static final String X_USER_IP = "X-User-IP";
482  /**
483   * The HTTP <a href="https://goo.gl/VKpXxa">{@code X-Download-Options}</a> header field name.
484   *
485   * <p>When the new X-Download-Options header is present with the value {@code noopen}, the user is
486   * prevented from opening a file download directly; instead, they must first save the file
487   * locally.
488   *
489   * @since 24.1
490   */
491  public static final String X_DOWNLOAD_OPTIONS = "X-Download-Options";
492  /** The HTTP {@code X-XSS-Protection} header field name. */
493  public static final String X_XSS_PROTECTION = "X-XSS-Protection";
494  /**
495   * The HTTP <a
496   * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control">{@code
497   * X-DNS-Prefetch-Control}</a> header controls DNS prefetch behavior. Value can be "on" or "off".
498   * By default, DNS prefetching is "on" for HTTP pages and "off" for HTTPS pages.
499   */
500  public static final String X_DNS_PREFETCH_CONTROL = "X-DNS-Prefetch-Control";
501  /**
502   * The HTTP <a href="http://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing">
503   * {@code Ping-From}</a> header field name.
504   *
505   * @since 19.0
506   */
507  public static final String PING_FROM = "Ping-From";
508  /**
509   * The HTTP <a href="http://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing">
510   * {@code Ping-To}</a> header field name.
511   *
512   * @since 19.0
513   */
514  public static final String PING_TO = "Ping-To";
515
516  /**
517   * The HTTP <a
518   * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#As_a_server_admin.2C_can_I_distinguish_prefetch_requests_from_normal_requests.3F">{@code
519   * Purpose}</a> header field name.
520   *
521   * @since 28.0
522   */
523  public static final String PURPOSE = "Purpose";
524  /**
525   * The HTTP <a
526   * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#As_a_server_admin.2C_can_I_distinguish_prefetch_requests_from_normal_requests.3F">{@code
527   * X-Purpose}</a> header field name.
528   *
529   * @since 28.0
530   */
531  public static final String X_PURPOSE = "X-Purpose";
532  /**
533   * The HTTP <a
534   * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#As_a_server_admin.2C_can_I_distinguish_prefetch_requests_from_normal_requests.3F">{@code
535   * X-Moz}</a> header field name.
536   *
537   * @since 28.0
538   */
539  public static final String X_MOZ = "X-Moz";
540
541  /**
542   * The HTTP <a
543   * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Device-Memory">{@code
544   * Device-Memory}</a> header field name.
545   *
546   * @since 31.0
547   */
548  public static final String DEVICE_MEMORY = "Device-Memory";
549
550  /**
551   * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Downlink">{@code
552   * Downlink}</a> header field name.
553   *
554   * @since 31.0
555   */
556  public static final String DOWNLINK = "Downlink";
557
558  /**
559   * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ECT">{@code
560   * ECT}</a> header field name.
561   *
562   * @since 31.0
563   */
564  public static final String ECT = "ECT";
565
566  /**
567   * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/RTT">{@code
568   * RTT}</a> header field name.
569   *
570   * @since 31.0
571   */
572  public static final String RTT = "RTT";
573
574  /**
575   * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Save-Data">{@code
576   * Save-Data}</a> header field name.
577   *
578   * @since 31.0
579   */
580  public static final String SAVE_DATA = "Save-Data";
581
582  /**
583   * The HTTP <a
584   * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Viewport-Width">{@code
585   * Viewport-Width}</a> header field name.
586   *
587   * @since 31.0
588   */
589  public static final String VIEWPORT_WIDTH = "Viewport-Width";
590
591  /**
592   * The HTTP <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Width">{@code
593   * Width}</a> header field name.
594   *
595   * @since 31.0
596   */
597  public static final String WIDTH = "Width";
598
599  /**
600   * The HTTP <a href="https://www.w3.org/TR/permissions-policy-1/">{@code Permissions-Policy}</a>
601   * header field name.
602   *
603   * @since 31.0
604   */
605  public static final String PERMISSIONS_POLICY = "Permissions-Policy";
606
607  /**
608   * The HTTP <a
609   * href="https://wicg.github.io/user-preference-media-features-headers/#sec-ch-prefers-color-scheme">{@code
610   * Sec-CH-Prefers-Color-Scheme}</a> header field name.
611   *
612   * <p>This header is experimental.
613   *
614   * @since 31.0
615   */
616  public static final String SEC_CH_PREFERS_COLOR_SCHEME = "Sec-CH-Prefers-Color-Scheme";
617
618  /**
619   * The HTTP <a
620   * href="https://www.rfc-editor.org/rfc/rfc8942#name-the-accept-ch-response-head">{@code
621   * Accept-CH}</a> header field name.
622   *
623   * @since 31.0
624   */
625  public static final String ACCEPT_CH = "Accept-CH";
626  /**
627   * The HTTP <a
628   * href="https://datatracker.ietf.org/doc/html/draft-davidben-http-client-hint-reliability-03.txt#section-3">{@code
629   * Critical-CH}</a> header field name.
630   *
631   * @since 31.0
632   */
633  public static final String CRITICAL_CH = "Critical-CH";
634
635  /**
636   * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua">{@code Sec-CH-UA}</a>
637   * header field name.
638   *
639   * @since 30.0
640   */
641  public static final String SEC_CH_UA = "Sec-CH-UA";
642  /**
643   * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-arch">{@code
644   * Sec-CH-UA-Arch}</a> header field name.
645   *
646   * @since 30.0
647   */
648  public static final String SEC_CH_UA_ARCH = "Sec-CH-UA-Arch";
649  /**
650   * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-model">{@code
651   * Sec-CH-UA-Model}</a> header field name.
652   *
653   * @since 30.0
654   */
655  public static final String SEC_CH_UA_MODEL = "Sec-CH-UA-Model";
656  /**
657   * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-platform">{@code
658   * Sec-CH-UA-Platform}</a> header field name.
659   *
660   * @since 30.0
661   */
662  public static final String SEC_CH_UA_PLATFORM = "Sec-CH-UA-Platform";
663  /**
664   * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-platform-version">{@code
665   * Sec-CH-UA-Platform-Version}</a> header field name.
666   *
667   * @since 30.0
668   */
669  public static final String SEC_CH_UA_PLATFORM_VERSION = "Sec-CH-UA-Platform-Version";
670  /**
671   * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-full-version">{@code
672   * Sec-CH-UA-Full-Version}</a> header field name.
673   *
674   * @deprecated Prefer {@link SEC_CH_UA_FULL_VERSION_LIST}.
675   * @since 30.0
676   */
677  @Deprecated public static final String SEC_CH_UA_FULL_VERSION = "Sec-CH-UA-Full-Version";
678  /**
679   * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-full-version-list">{@code
680   * Sec-CH-UA-Full-Version}</a> header field name.
681   *
682   * @since 31.1
683   */
684  public static final String SEC_CH_UA_FULL_VERSION_LIST = "Sec-CH-UA-Full-Version-List";
685  /**
686   * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-mobile">{@code
687   * Sec-CH-UA-Mobile}</a> header field name.
688   *
689   * @since 30.0
690   */
691  public static final String SEC_CH_UA_MOBILE = "Sec-CH-UA-Mobile";
692  /**
693   * The HTTP <a href="https://wicg.github.io/ua-client-hints/#sec-ch-ua-bitness">{@code
694   * Sec-CH-UA-Bitness}</a> header field name.
695   *
696   * @since 31.0
697   */
698  public static final String SEC_CH_UA_BITNESS = "Sec-CH-UA-Bitness";
699  /**
700   * The HTTP <a
701   * href="https://wicg.github.io/responsive-image-client-hints/#sec-ch-viewport-width">{@code
702   * Sec-CH-Viewport-Width}</a> header field name.
703   *
704   * @since NEXT
705   */
706  public static final String SEC_CH_VIEWPORT_WIDTH = "Sec-CH-Viewport-Width";
707  /**
708   * The HTTP <a
709   * href="https://wicg.github.io/responsive-image-client-hints/#sec-ch-viewport-height">{@code
710   * Sec-CH-Viewport-Height}</a> header field name.
711   *
712   * @since NEXT
713   */
714  public static final String SEC_CH_VIEWPORT_HEIGHT = "Sec-CH-Viewport-Height";
715  /**
716   * The HTTP <a href="https://wicg.github.io/responsive-image-client-hints/#sec-ch-dpr">{@code
717   * Sec-CH-DPR}</a> header field name.
718   *
719   * @since NEXT
720   */
721  public static final String SEC_CH_DPR = "Sec-CH-DPR";
722  /**
723   * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-Dest}</a>
724   * header field name.
725   *
726   * @since 27.1
727   */
728  public static final String SEC_FETCH_DEST = "Sec-Fetch-Dest";
729  /**
730   * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-Mode}</a>
731   * header field name.
732   *
733   * @since 27.1
734   */
735  public static final String SEC_FETCH_MODE = "Sec-Fetch-Mode";
736  /**
737   * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-Site}</a>
738   * header field name.
739   *
740   * @since 27.1
741   */
742  public static final String SEC_FETCH_SITE = "Sec-Fetch-Site";
743  /**
744   * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Fetch-User}</a>
745   * header field name.
746   *
747   * @since 27.1
748   */
749  public static final String SEC_FETCH_USER = "Sec-Fetch-User";
750  /**
751   * The HTTP <a href="https://w3c.github.io/webappsec-fetch-metadata/">{@code Sec-Metadata}</a>
752   * header field name.
753   *
754   * @since 26.0
755   */
756  public static final String SEC_METADATA = "Sec-Metadata";
757  /**
758   * The HTTP <a href="https://tools.ietf.org/html/draft-ietf-tokbind-https">{@code
759   * Sec-Token-Binding}</a> header field name.
760   *
761   * @since 25.1
762   */
763  public static final String SEC_TOKEN_BINDING = "Sec-Token-Binding";
764  /**
765   * The HTTP <a href="https://tools.ietf.org/html/draft-ietf-tokbind-ttrp">{@code
766   * Sec-Provided-Token-Binding-ID}</a> header field name.
767   *
768   * @since 25.1
769   */
770  public static final String SEC_PROVIDED_TOKEN_BINDING_ID = "Sec-Provided-Token-Binding-ID";
771  /**
772   * The HTTP <a href="https://tools.ietf.org/html/draft-ietf-tokbind-ttrp">{@code
773   * Sec-Referred-Token-Binding-ID}</a> header field name.
774   *
775   * @since 25.1
776   */
777  public static final String SEC_REFERRED_TOKEN_BINDING_ID = "Sec-Referred-Token-Binding-ID";
778  /**
779   * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Accept}</a> header
780   * field name.
781   *
782   * @since 28.0
783   */
784  public static final String SEC_WEBSOCKET_ACCEPT = "Sec-WebSocket-Accept";
785  /**
786   * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Extensions}</a>
787   * header field name.
788   *
789   * @since 28.0
790   */
791  public static final String SEC_WEBSOCKET_EXTENSIONS = "Sec-WebSocket-Extensions";
792  /**
793   * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Key}</a> header
794   * field name.
795   *
796   * @since 28.0
797   */
798  public static final String SEC_WEBSOCKET_KEY = "Sec-WebSocket-Key";
799  /**
800   * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Protocol}</a>
801   * header field name.
802   *
803   * @since 28.0
804   */
805  public static final String SEC_WEBSOCKET_PROTOCOL = "Sec-WebSocket-Protocol";
806  /**
807   * The HTTP <a href="https://tools.ietf.org/html/rfc6455">{@code Sec-WebSocket-Version}</a> header
808   * field name.
809   *
810   * @since 28.0
811   */
812  public static final String SEC_WEBSOCKET_VERSION = "Sec-WebSocket-Version";
813  /**
814   * The HTTP <a href="https://tools.ietf.org/html/rfc8586">{@code CDN-Loop}</a> header field name.
815   *
816   * @since 28.0
817   */
818  public static final String CDN_LOOP = "CDN-Loop";
819}