Deprecated: This feature is no longer recommended. Though some browsers might still support it, it may have already been removed from the relevant web standards, may be in the process of being dropped, or may only be kept for compatibility purposes. Avoid using it, and update existing code if possible; see the compatibility table at the bottom of this page to guide your decision. Be aware that this feature may cease to work at any time.

Non-standard: This feature is non-standard and is not on a standards track. Do not use it on production sites facing the Web: it will not work for every user. There may also be large incompatibilities between implementations and the behavior may change in the future.

Note: This header was removed from the specification in draft 8. Use Content-Digest instead. For id-* digest algorithms, use Repr-Digest.

The Digest response or request HTTP header provides the other side with a digest of the Content-Encoding-encoded selected representation. It can be requested by using the Want-Digest header.

Representations are different forms of a particular resource that might be returned from a request: for example, the same resource might be formatted in a particular media type such as XML or JSON, localized to a particular written language or geographical region, and/or compressed or otherwise encoded for transmission. The selected representation is the actual format of a resource that is returned following content negotiation, and can be determined from the response's Representation headers.

The digest applies to the whole representation of a resource, not to a particular message. It can be used to verify that the representation data has not been modified during transmission.

Note: While a representation may be fully contained in the message body of a single response, it can also be sent using multiple messages in response to a range request, or omitted altogether in response to a HEAD request.

Header type Response header
Forbidden header name no


Digest: <digest-algorithm>=<digest-value>
Digest: <digest-algorithm>=<digest-value>,<digest-algorithm>=<digest-value>



Digest algorithm values are defined in 6. Digest Algorithm Values.

  • Permitted digest algorithm values are: sha-512 and sha-256
  • Permitted insecure digest algorithm values are: md5, sha, unixsum, unixcksum, adler32 and crc32c
  • Deprecated digest algorithm values include: id-sha-256, id-sha-512

The result of applying the digest algorithm to the resource representation and encoding the result (for non-id-* digest algorithm values). The choice of digest algorithm also determines the encoding to use: for example SHA-256 uses base64 encoding, whilst unixsum is represented by a decimal integer.


Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=,unixsum=30637
Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=,id-sha-256=0KJL0PvNLH5UbYZLTT7DBFuSyxKpnjyadrWx5E90E/z=


No specification found

No specification data found for http.headers.Digest.
Check for problems with this page or contribute a missing spec_url to mdn/browser-compat-data. Also make sure the specification is included in w3c/browser-specs.

Browser compatibility

BCD tables only load in the browser

See also