HTTP reference

This page lists HTTP reference documentation on MDN.

HTTP headers: HTTP headers let the client and the server pass additional information with a message in a request or response. In HTTP/1.X, a header is a case-insensitive name followed by a colon, then optional whitespace which will be ignored, and finally by its value (for example: Allow: POST). In HTTP/2 and above, headers are displayed in lowercase when viewed in developer tools (accept: */*), and prefixed with a colon for a special group of pseudo-headers (:status: 200). You can find more information on the syntax in each protocol version in the HTTP messages page.
HTTP request methods: HTTP defines a set of request methods to indicate the purpose of the request and what is expected if the request is successful. Although they can also be nouns, these request methods are sometimes referred to as HTTP verbs. Each request method has its own semantics, but some characteristics are shared across multiple methods, specifically request methods can be Safe/HTTP, idempotent, or cacheable.
HTTP resources and specifications: HTTP was first specified in the early 1990s. Designed with extensibility in mind, it has seen numerous additions over the years; this lead to its specification being scattered through numerous specification documents (in the midst of experimental abandoned extensions). This page lists relevant resources about HTTP.
HTTP response status codes: HTTP response status codes indicate whether a specific HTTP request has been successfully completed. Responses are grouped in five classes:

The following subsections are also notable:

CSP directives: The Content-Security-Policy (CSP) response header allows website administrators to specify which resources the user agent is allowed to load for a given page. This section lists directives that can be used in a CSP header, with individual documentation pages that describe how the directives work and how to use them.
Permissions-Policy directives: The Permissions-Policy response header provides a mechanism to allow or deny the use of browser features in a document or within any <iframe> element in the document. This section lists directives that can be used in a Permissions-Policy header, with individual documentation pages that describe how the directives work and how to use them.