什麼是 HTTP Header ？

HTTP Header 是客戶端與伺服器在 HTTP 請求和回應過程中以鍵值對格式交換資料的一種方式，是 HTTP 協定的重要組成部分。

HTTP Header 不僅可以讓客戶端和網站伺服器更有效地進行通信，還能影響它們的行為。例如，定義快取、身分認證、會話管理、連線狀態、編碼解碼等。

HTTP Header 線上偵測工具可以做什麼？

HTTP Header 線上偵測工具是一個 HTTP 回應頭分析工具，用於查看網站伺服器回應的 Header 資訊。檢測工具支援 GET、POST、HEAD、PUT、PATCH、DELETE、CONNECT、OPTIONS、TRACE 請求，也支援查看 Response Debug 資訊。

輸入要偵測的網域名稱、IP 位址或 URL 之後，偵測工具發出 GET / POST / HEAD / OPTIONS / PUT / PATCH / DELETE / CONNECT / TRACE 請求，取得來自網站伺服器的回應，並對 Header 進行分析。

常用的 HTTP Header 列表

WWW-Authenticate Authorization Proxy-Authenticate Proxy-Authorization Age Cache-Control Clear-Site-Data Expires Pragma Warning Accept-CH Save-Data Last-Modified ETag If-Match If-None-Match If-Modified-Since If-Unmodified-Since Vary Delta-Base Connection Keep-Alive Accept Accept-Encoding Accept-Language A-IM IM Expect Max-Forwards Cookie Set-Cookie Access-Control-Allow-Origin Access-Control-Allow-Credentials Access-Control-Allow-Headers Access-Control-Expose-Headers Access-Control-Max-Age Access-Control-Request-Headers Access-Control-Request-Method Timing-Allow-Origin Content-Disposition Content-Length Content-Type Content-Encoding Content-Language Content-Location Forwarded X-Forwarded-For X-Forwarded-Host X-Forwarded-Proto Via Location From Host Referer Referrer-Policy User-Agent Allow Server Accept-Ranges Range If-Range Content-Range Cross-Origin-Embedder-Policy Cross-Origin-Opener-Policy Cross-Origin-Resource-Policy Content-Security-Policy Content-Security-Policy-Report-Only Expect-CT Strict-Transport-Security Upgrade-Insecure-Requests X-Content-Type-Options X-Frame-Options X-Powered-By X-XSS-Protection Sec-Fetch-Site Sec-Fetch-Mode Sec-Fetch-User Sec-Fetch-Dest NEL Transfer-Encoding TE Trailer Sec-Websocket-Accept Alt-Svc Date Link Retry-After Server-Timing Sourcemap Upgrade X-DNS-Prefetch-Control X-Request-ID X-Robots-Tag X-UA-Compatible