PHP is a commonly used server-side scripting language used for dynamic web pages, website development and server management. In PHP, you can use the header() function to set HTTP response headers, control certain HTTP protocol parameters, and achieve functional enhancements and security guarantees.
This article will introduce you how to use PHP's header() function to set HTTP response headers, including several commonly used HTTP headers (such as Content-Type, Location, Cache-Control, X-XSS-Protection, etc. ), and give specific code examples.
1. Content-Type response header
The Content-Type response header specifies the content type in the HTTP response and tells the browser how to parse the returned content. Setting this header prevents the browser from guessing the content type of the response, ensuring correct rendering.
PHP code example:
header("Content-Type: text/html; charset=UTF-8");
Here the content type is set to text/html (text/HTML) and the character set is specified as UTF-8. Other common content types include application/json (JSON data), application/xml (XML file), image/png (PNG picture), etc. You can set them as needed.
2. Location response header
The Location response header is often used in HTTP redirection to indicate which URL the resource requested by the client should jump to. This header is a necessary condition for redirection, which allows the browser to jump to the specified page and display relevant content.
PHP code example:
header("Location: https://www.example.com/page.php");
Here the redirected URL is set to https://www.example.com/page.php. By setting this header, the browser will automatically jump to the specified page and display the corresponding content.
3. Cache-Control response header
The Cache-Control response header is used to control caching behavior and instructs the browser how to cache response content from the server. Proper use of this header can effectively reduce website bandwidth consumption and improve access speed and user experience.
PHP code example:
header("Cache-Control: max-age=3600, public");
Here the maximum cache period is set to 3600 seconds (1 hour) and specifies that the response can be cached by all caches. Other common instructions include no-cache (forcing the cache to send a request to the server every time), no-store (prohibiting the cache from caching response content), etc. You can set them according to actual needs.
4. X-XSS-Protection response header
security and protect users’ private information.
PHP code example:
header("X-XSS-Protection: 1; mode=block");
Here X-XSS-Protection is set to 1, indicating that the feature to prevent cross-site scripting attacks is enabled, and "mode=block" is specified to indicate that if an attack is found Then stop loading the page. For other setting methods, please refer to the W3C document (https://www.w3.org/TR/2011/WD-xss-filtering-20111129/#xss-request-headers).
Summary
This article introduces you how to use PHP's header() function to set HTTP response headers, including Content-Type, Location, Cache-Control, X-XSS-Protection and other commonly used ones. Header settings, and specific code examples. In actual development, reasonable use of HTTP response headers can effectively enhance the functionality and security of the website, and improve user experience and trust.
The above is the detailed content of PHP header() function: How to set HTTP response headers. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
