Search completed in 1.06 seconds.
Headers - Web APIs
the
headers interface of the fetch api allows you to perform various actions on http request and response
headers.
... these actions include retrieving, setting, adding to, and removing
headers from the list of the request's
headers.
... a
headers object has an associated header list, which is initially empty and consists of zero or more name and value pairs.
...And 20 more matches
HTTP headers - HTTP
http
headers let the client and the server pass additional information with an http request or response.
... custom proprietary
headers have historically been used with an x- prefix, but this convention was deprecated in june 2012 because of the inconveniences it caused when nonstandard fields became standard in rfc 6648; others are listed in an iana registry, whose original content was defined in rfc 4229.
... iana also maintains a registry of proposed new http
headers.
...And 18 more matches
Access-Control-Allow-Headers - HTTP
the access-control-allow-
headers response header is used in response to a preflight request which includes the access-control-request-
headers to indicate which http
headers can be used during the actual request.
... this header is required if the request has an access-control-request-
headers header.
... header type response header forbidden header name no syntax access-control-allow-
headers: <header-name>[, <header-name>]* access-control-allow-
headers: * directives <header-name> the name of a supported request header.
...And 8 more matches
Installing headers using EXPORTS
public
headers and idl files are copied during the export phase of the build.
... this is accomplished by setting make variables telling the build system which module the
headers are for (since
headers are organized by module under <tt>dist/include</tt>), and which
headers need to be created from idl files by xpidl.
... for all <tt>makefile.in</tt>s which export public
headers, you should set module to the module name where the files should be copied to in <tt>dist/include</tt>.
...And 6 more matches
XMLHttpRequest.getAllResponseHeaders() - Web APIs
the xmlhttprequest method getallresponse
headers() returns all the response
headers, separated by crlf, as a string, or returns null if no response has been received.
... note: for multipart requests, this returns the
headers from the current part of the request, not from the original channel.
... syntax var
headers = xmlhttprequest.getallresponse
headers(); parameters none.
...And 6 more matches
Headers.get() - Web APIs
the get() method of the
headers interface returns a byte string of all the values of a header within a
headers object with a given name.
... if the requested header doesn't exist in the
headers object, it returns null.
... for security reasons, some
headers can only be controlled by the user agent.
...And 4 more matches
Headers.getAll() - Web APIs
the getall() method of the
headers interface used to return an array of all the values of a header within a
headers object with a given name; in newer versions of the fetch spec, it has been deleted, and
headers.get() has been updated to fetch all header values instead of only the first one.
... if the requested header doesn't exist in the
headers object, it returns an empty array.
... for security reasons, some
headers can only be controller by the user agent.
...And 4 more matches
Headers.set() - Web APIs
the set() method of the
headers interface sets a new value for an existing header inside a
headers object, or adds the header if it does not already exist.
... the difference between set() and
headers.append is that if the specified header already exists and accepts multiple values, set() overwrites the existing value with the new one, whereas
headers.append appends the new value to the end of the set of values.
... for security reasons, some
headers can only be controller by the user agent.
...And 4 more matches
Headers() - Web APIs
the
headers() constructor creates a new
headers object.
... syntax var my
headers = new
headers(init); parameters init optional an object containing any http
headers that you want to pre-populate your
headers object with.
... this can be a simple object literal with bytestring values; or an existing
headers object.
...And 3 more matches
Headers.append() - Web APIs
the append() method of the
headers interface appends a new value onto an existing header inside a
headers object, or adds the header if it does not already exist.
... for security reasons, some
headers can only be controlled by the user agent.
... these
headers include the forbidden header names and forbidden response header names.
...And 3 more matches
Access-Control-Expose-Headers - HTTP
the access-control-expose-
headers response header indicates which
headers can be exposed as part of the response by listing their names.
... by default, only the 7 cors-safelisted response
headers are exposed: cache-control content-language content-length content-type expires last-modified pragma if you want clients to be able to access other
headers, you have to list them using the access-control-expose-
headers header.
... header type response header forbidden header name no syntax access-control-expose-
headers: <header-name>, <header-name>, ...
...And 3 more matches
customDBHeaders Preference
the mailnews.customdb
headers preference will be our focus.
...in addition to the preference outlined in setting up extension development environment, you'll want to add the following preferences: // this allows you to add extra
headers while composing messages user_pref("mail.compose.other.header", "x-superfluous,x-other,x-whatever"); // this enables the preservation of custom
headers as incoming mail is processed user_pref( "mailnews.customdb
headers", "x-superfluous,x-other"); important: please pay careful attention to the case of the mailnews.customdb
headers preference.
... because comparisons are case-insensitive, all of the custom
headers get set to lowercase when the data gets migrated to the message database.
...And 2 more matches
Headers.delete() - Web APIs
the delete() method of the
headers interface deletes a header from the current
headers object.
... for security reasons, some
headers can only be controller by the user agent.
... these
headers include the forbidden header names and forbidden response header names.
...And 2 more matches
Headers.has() - Web APIs
the has() method of the
headers interface returns a boolean stating whether a
headers object contains a certain header.
... for security reasons, some
headers can only be controlled by the user agent.
... these
headers include the forbidden header names and forbidden response header names.
...And 2 more matches
Request.headers - Web APIs
the
headers read-only property of the request interface contains the
headers object associated with the request.
... syntax var my
headers = request.
headers; value a
headers object.
... example in the following snippet, we create a new request using the request.request() constructor (for an image file in the same directory as the script), then save the request
headers in a variable: var myrequest = new request('flowers.jpg'); var my
headers = myrequest.
headers; //
headers {} to add a header to the
headers object we use
headers.append; we then create a new request along with a 2nd init parameter, passing
headers in as an init option: var my
headers = new
headers(); my
headers.append('content-type', 'image/jpeg'); var myinit = { method: 'get',
headers: my
headers, mode: 'cors', cache: 'default' }; var myrequest = new request('flowers.jpg', myinit); mycontenttype = myrequest.
headers.get('content-type'); // returns 'image/jpeg' specifications specification ...
... status comment fetchthe definition of '
headers' in that specification.
Response.headers - Web APIs
the
headers read-only property of the response interface contains the
headers object associated with the response.
... syntax var my
headers = response.
headers; value a
headers object.
... note that at the top of the fetch() block we log the response
headers value to the console.
... var myimage = document.queryselector('img'); var myrequest = new request('flowers.jpg'); fetch(myrequest).then(function(response) { console.log(response.
headers); // returns a
headers{} object response.blob().then(function(myblob) { var objecturl = url.createobjecturl(myblob); myimage.src = objecturl; }); }); specifications specification status comment fetchthe definition of '
headers' in that specification.
Reason: invalid token ‘xyz’ in CORS header ‘Access-Control-Allow-Headers’ - HTTP
reason reason: invalid token ‘xyz’ in cors header ‘access-control-allow-
headers’ what went wrong?
... the response to the cors request that was sent by the server includes an access-control-allow-
headers header which includes at least one invalid header name.
... the access-control-allow-
headers header is sent by the server in response to a preflight request; it lets the client know which http
headers are permitted in cors requests.
... this is a problem that most likely can only be fixed on the server side, by modifying the server's configuration to no longer send the invalid or unknown header name with the access-control-allow-
headers header.
Reason: missing token ‘xyz’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel - HTTP
reason reason: missing token ‘xyz’ in cors header ‘access-control-allow-
headers’ from cors preflight channel what went wrong?
... the access-control-allow-
headers header is sent by the server to let the client know which
headers it supports for cors requests.
... the value of access-control-allow-
headers should be a comma-delineated list of header names, such as "x-custom-information" or any of the standard but non-basic header names (which are always allowed).
... this error occurs when attempting to preflight a header that is not expressly allowed (that is, it's not included in the list specified by the access-control-allow-
headers header sent by the server).
Access-Control-Request-Headers - HTTP
the access-control-request-
headers request header is used by browsers when issuing a preflight request, to let the server know which http
headers the client might send when the actual request is made.
... header type request header forbidden header name yes syntax access-control-request-
headers: <header-name>, <header-name>, ...
... directives <header-name> a comma-delimited list of http
headers that are included in the request.
... examples access-control-request-
headers: x-pingother, content-type specifications specification status comment fetchthe definition of 'access-control-request-
headers' in that specification.
nsIMimeHeaders
nsimime
headers mailnews/mime/public/nsimime
headers.idlscriptable ???
...as a service: var mime
headers = components.classes["@mozilla.org/????????????????????????????"] .createinstance(components.interfaces.nsimime
headers); method overview string extractheader([const] in string headername, in boolean getallofthem); void initialize([const] in string all
headers, in long all
headerssize); attributes attribute type description all
headers string read only.
... methods extractheader() string extractheader( [const] in string headername, in boolean getallofthem ); parameters headername missing description getallofthem missing description return value missing description exceptions thrown missing exception missing description initialize() void initialize( [const] in string all
headers, in long all
headerssize ); parameters all
headers insert the complete message content all
headerssize length of the passed in content exceptions thrown missing exception missing description remarks see also ...
Headers.entries() - Web APIs
the
headers.entries() method returns an iterator allowing to go through all key/value pairs contained in this object.
... syntax
headers.entries(); return value returns an iterator.
... example // create a test
headers object var my
headers = new
headers(); my
headers.append('content-type', 'text/xml'); my
headers.append('vary', 'accept-language'); // display the key/value pairs for (var pair of my
headers.entries()) { console.log(pair[0]+ ': '+ pair[1]); } the result is: content-type: text/xml vary: accept-language ...
Headers.keys() - Web APIs
the
headers.keys() method returns an iterator allowing to go through all keys contained in this object.
... syntax
headers.keys(); return value returns an iterator.
... example // create a test
headers object var my
headers = new
headers(); my
headers.append('content-type', 'text/xml'); my
headers.append('vary', 'accept-language'); // display the keys for(var key of my
headers.keys()) { console.log(key); } the result is: content-type vary ...
Headers.values() - Web APIs
the
headers.values() method returns an iterator allowing to go through all values contained in this object.
... syntax
headers.values(); return value returns an iterator.
... example // create a test
headers object var my
headers = new
headers(); my
headers.append('content-type', 'text/xml'); my
headers.append('vary', 'accept-language'); // display the values for (var value of my
headers.values()) { console.log(value); } the result is: text/xml accept-language ...
Setting HTTP request headers
in addition to the actual content, some important information is passed with http
headers for both http requests and responses.
... you can add your own http
headers to any request the application makes, whether the request is initiated by your code explicitly opening an http channel, because of xmlhttprequest activity, an <img> element in content, or even from css.
WebRequest.jsm
usage to import webrequest, use code like: let {webrequest} = cu.import("resource://gre/modules/webrequest.jsm", {}); the webrequest object has the following properties, each of which corresponds to a specific stage in executing a web request: onbeforerequest onbeforesend
headers onsend
headers on
headersreceived onresponsestarted oncompleted each of these objects defines two functions: addlistener(callback, filter, opt_extrainfospec) removelistener(callback) adding listeners use addlistener to add a listener to a particular event.
... there are four things you can do with a request: cancel it redirect it modify request
headers modify response
headers.
... redirect onbeforesend
headers redirecturl string set to the url to redirect the request to.
...And 39 more matches
Cross-Origin Resource Sharing (CORS) - HTTP
cross-origin resource sharing (cors) is a mechanism that uses additional http
headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin.
...this means that a web application using those apis can only request resources from the same origin the application was loaded from unless the response from other origins includes the right cors
headers.
...modern browsers handle the client side of cross-origin sharing, including
headers and policy enforcement.
...And 28 more matches
HTTP Index - HTTP
on top of these basic concepts, numerous extensions have appeared over the years, adding new functionality and new semantics by creating new http methods or
headers.
... 20 cross-origin resource sharing (cors) ajax, cors, cross-origin resource sharing, fetch, fetch api, http, http access controls, same-origin policy, security, xmlhttprequest, l10n:priority cross-origin resource sharing (cors) is a mechanism that uses additional http
headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin.
... 34 reason: invalid token ‘xyz’ in cors header ‘access-control-allow-
headers’ cors, corsinvalidallowheader, cross-origin, error, http, https, messages, reasons, security, console, troubleshooting the response to the cors request that was sent by the server includes an access-control-allow-
headers header which includes at least one invalid header name.
...And 26 more matches
Index - Web APIs
this may come from http
headers or other sources of mime information, and might be affected by automatic type conversions performed by either the browser or extensions.
... 1300 fetch basic concepts api, fetch, fetch api, xmlhttprequest, concepts, guard, request at the heart of fetch are the interface abstractions of http requests, responses,
headers, and body payloads, along with a global fetch method for initiating asynchronous resource requests.
... 1937 htmltablesectionelement api, html dom, interface, reference the htmltablesectionelement interface provides special properties and methods (beyond the htmlelement interface it also has available to it by inheritance) for manipulating the layout and presentation of sections, that is
headers, footers and bodies, in an html table.
...And 24 more matches
nsIHttpChannel
netwerk/protocol/http/nsihttpchannel.idlscriptable this interface allows for the modification of http request parameters and the inspection of the resulting http response status and
headers when they become available.
... redirectto(in nsiuri anewuri); void setemptyrequestheader(in acstring aheader); void setreferrerwithpolicy(in nsiuri referrer, in unsigned long referrerpolicy); void setrequestheader(in acstring aheader, in acstring avalue, in boolean amerge); void setresponseheader(in acstring header, in acstring value, in boolean merge); void visitoriginalresponse
headers(in nsihttpheadervisitor avisitor); void visitrequest
headers(in nsihttpheadervisitor avisitor); void visitresponse
headers(in nsihttpheadervisitor avisitor); constants constant description referrer_policy_no_referrer_when_downgrade default; indicates not to pass on the referrer when downgrading from https to http referrer_policy_no_referre...
... ns_error_failure if used for setting referrer during visitrequest
headers().
...And 22 more matches
Using Fetch - Web APIs
set-cookie
headers from other sites are silently ignored.
... mode: 'cors', // no-cors, *cors, same-origin cache: 'no-cache', // *default, no-cache, reload, force-cache, only-if-cached credentials: 'same-origin', // include, *same-origin, omit
headers: { 'content-type': 'application/json' // 'content-type': 'application/x-www-form-urlencoded', }, redirect: 'follow', // manual, *follow, error referrerpolicy: 'no-referrer', // no-referrer, *no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url body: json.stringify(data) // body data type m...
...ust match "content-type" header }); return response.json(); // parses json response into native javascript objects } postdata('https://example.com/answer', { answer: 42 }) .then(data => { console.log(data); // json data parsed by `data.json()` call }); note that mode: "no-cors" only allows a limited set of
headers in the request: accept accept-language content-language content-type with a value of application/x-www-form-urlencoded, multipart/form-data, or text/plain sending a request with credentials included to cause browsers to send a request with credentials included, even for a cross-origin call, add credentials: 'include' to the init object you pass to the fetch() method.
...And 16 more matches
HTTP Messages - HTTP
an optional set of http
headers specifying the request, or describing the body included in the message.
...the presence of the body and its size is specified by the start-line and http
headers.
... the start-line and http
headers of the http message are collectively known as the head of the requests, whereas its payload is known as the body.
...And 15 more matches
Index - MDN Web Docs Glossary: Definitions of Web-related terms
48 cors glossary, infrastructure, security cors (cross-origin resource sharing) is a system, consisting of transmitting http
headers, that determines whether browsers block frontend javascript code from accessing responses for cross-origin requests.
... 49 cors-safelisted request header cors, fetch a cors-safelisted request header is one of the following http
headers: 50 cors-safelisted response header cors, fetch, glossary, http a cors-safelisted response header is an http header which has been safelisted so that it will not be filtered when responses are processed by cors, since they're considered safe (as the
headers listed in access-control-expose-
headers).
...
headers like content-length, content-language, content-encoding are entities
headers.
...And 14 more matches
HTML table advanced features and accessibility - Learn web development
put the obvious
headers row inside a <thead> element, the "sum" row inside a <tfoot> element, and the rest of the content inside a <tbody> element.
...to understand its information we make visual associations between the data in this table and its column and/or row
headers.
... using column and row
headers screenreaders will identify all
headers and use them to make programmatic associations between those
headers and the cells they relate to.
...And 13 more matches
Network request details - Firefox Developer Tools
the tabs at the top of this pane enable you to switch between the following pages:
headers messages (only for websocket items) cookies params response cache timings security (only for secure pages) stack trace (only when the request has a stack trace, e.g.
...
headers tab the
headers tab has a toolbar, followed by three main sections.
... http response
headers http request
headers each section has a disclosure triangle to expand the section to show more information.
...And 13 more matches
Index - HTTP
found 122 pages: # page tags and summary 1 http
headers http, http header, networking, overview, reference http
headers allow the client and the server to pass additional information with the request or the response.
... 8 access-control-allow-
headers cors, http, reference, header the access-control-allow-
headers response header is used in response to a preflight request which includes the access-control-request-
headers to indicate which http
headers can be used during the actual request.
... 11 access-control-expose-
headers cors, http, reference, header the access-control-expose-
headers response header indicates which
headers can be exposed as part of the response by listing their names.
...And 12 more matches
Building accessible custom components in XUL - Archive of obsolete content
we define the grid, then define the
headers for each row (numbered 1 through 7), then define the column header and cells for each column.
...note: the row and column
headers are denoted by description elements, and individual cells are denoted by label elements.
... <caption>it looks like a cell, but it's not</caption> assistive technologies also have no idea that our row
headers and column
headers are really
headers.
...And 8 more matches
HTML table basics - Learn web development
information is easily interpreted by making visual associations between row and column
headers.
...you can find the answer by associating the relevant row and column
headers.
... adding
headers with <th> elements now let's turn our attention to table
headers — special cells that go at the start of a row or column and define the type of data that row or column contains (as an example, see the "person" and "age" cells in the first example shown in this article).
...And 8 more matches
HTTP conditional requests - HTTP
principles http conditional requests are requests that are executed differently, depending on the value of specific
headers.
... these
headers define a precondition, and the result of the request will be different if the precondition is matched or not.
... the different behaviors are defined by the method of the request used, and by the set of
headers used for a precondition: for safe methods, like get, which usually tries to fetch a document, the conditional request can be used to send back the document, if relevant only.
...And 8 more matches
Content negotiation - HTTP
the determination of the best suited representation is made through one of two mechanisms: specific http
headers by the client (server-driven negotiation or proactive negotiation), which is the standard way of negotiating a specific kind of resource.
... server-driven content negotiation in server-driven content negotiation, or proactive content negotiation, the browser (or any other kind of user-agent) sends several http
headers along with the url.
... these
headers describe the preferred choice of the user.
...And 8 more matches
Evolution of HTTP - HTTP
<html> a very simple html page </html> unlike subsequent evolutions, there were no http
headers, meaning that only html files could be transmitted, but no other type of documents.
...xtended it to be more versatile: versioning information is now sent within each request (http/1.0 is appended to the get line) a status code line is also sent at the beginning of the response, allowing the browser itself to understand the success or failure of the request and to adapt its behavior in consequence (like in updating or using its local cache in a specific way) the notion of http
headers has been introduced, both for the requests and the responses, allowing metadata to be transmitted and making the protocol extremely flexible and extensible.
... with the help of the new http
headers, the ability to transmit other documents than plain html files has been added (thanks to the content-type header).
...And 6 more matches
Index
73 setting http request
headers add-ons, extensions, http, xul, xulrunner http is one of the core technologies behind the web.
... in addition to the actual content, some important information is passed with http
headers for both http requests and responses.
...for example, queryinterfacing to nsihttpchannel allows response
headers to be retrieved for the corresponding http transaction.
...And 5 more matches
Web Console remoting - Firefox Developer Tools
the client can request further network event details - like response body or request
headers.
... send http requests starting with firefox 25 you can send an http request using the console actor: { "to": "conn0.console9", "type": "sendhttprequest", "request": { "url": "http://localhost", "method": "get", "
headers": [ { name: "header-name", value: "header value", }, // ...
...examples: { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "request
headers", "
headers": 10, "
headerssize": 425 }, { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "requestcookies", "cookies": 0 }, { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "requestpostdata", "datasize": 1024, "discardrequestbody": false }, { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "respons...
...And 5 more matches
nss tech note5
encrypt/decrypt include
headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") choose a cipher mechanism.
... you can also look at a sample program illustrating encryption hash / digest include
headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") <big>create digest context</big>.
...); s = pk11_digestop(digestcontext, data, sizeof data); s = pk11_digestfinal(digestcontext, digest, &len, sizeof digest); /* now, digest contains the 'digest', and len contains the length of the digest */</big> clean up pk11_destroycontext(digestcontext, pr_true); you can also look at a sample program illustrating this hash / digest with secret key included include
headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") choose a digest mechanism.
...And 4 more matches
An overview of HTTP - HTTP
http is extensible introduced in http/1.0, http
headers make this protocol easy to extend and experiment with.
...though such constraint is a burden to the server, http
headers can relax this strict separation on the server side, allowing a document to become a patchwork of information sourced from different domains; there could even be security-related reasons to do so.
...basic authentication may be provided by http, either using the www-authenticate and similar
headers, or by setting a specific session using http cookies.
...And 4 more matches
request - Archive of obsolete content
headers object an unordered collection of name/value pairs representing
headers to send with the request.
...tin-1, use overridemimetype: var request = require("sdk/request").request; var quijote = request({ url: "http://www.latin1files.org/quijote.txt", overridemimetype: "text/plain; charset=latin1", oncomplete: function (response) { console.log(response.text); } }); quijote.get(); anonymous boolean if true, the request will be sent without cookies or authentication
headers.
...optionally the user may specify a collection of
headers and content to send alongside the request and a callback which will be executed once the request completes.
...And 3 more matches
HTTP header - MDN Web Docs Glossary: Definitions of Web-related terms
headers are case-insensitive, begins at the start of a line and are immediately followed by a ':' and a value depending of the header itself.
... traditionally,
headers are classed in categories, though this classification is no more part of any specification: general header:
headers applying to both requests and responses but with no relation to the data eventually transmitted in the body.
... request header:
headers containing more information about the resource to be fetched or about the client itself.
...And 3 more matches
Request header - MDN Web Docs Glossary: Definitions of Web-related terms
request
headers, like accept, accept-*, or if-* allow to perform conditional requests; others like cookie, user-agent, or referer precise the context so that the server can tailor the answer.
... not all
headers appearing in a request are request
headers.
...however, these entity
headers are often called request
headers in such a context.
...And 3 more matches
Eclipse CDT
express setup for the eclipse indexer to work well you must first build mozilla, so that it includes
headers from the objdir etc.
...
headers are only parsed once for performance reasons, eclipse only processes header files that have include guards once, using the compiler options for the first source file it encounters that includes that header (eclipse bug 380511).
... this "parse once" strategy can also cause "unresolved inclusion" errors in
headers if the first time eclipse sees the header is while indexing a file for which it doesn't have any build output parser data.
...And 3 more matches
nsIPluginHost
void parsepostbuffertofix
headers(in string ainpostdata, in unsigned long ainpostdatalen, out string aoutpostdata, out unsigned long aoutpostdatalen); native code only!
... (corresponds to npn_geturl and npn_geturlnotify.) posts to a url with post data and/or post
headers.
... void newpluginnativewindow( out nspluginnativewindowptr apluginnativewindow ); parameters apluginnativewindow native code only!parsepostbuffertofix
headers this method parses post buffer to find out case insensitive "content-length" string and cr or lf some where after that, then it assumes there is http
headers in the input buffer and continue to search for end of
headers (crlfcrlf or lflf).
...And 3 more matches
nsIWebNavigation
method overview void goback void goforward void gotoindex( in long index ) void loaduri(in wstring uri , in unsigned long loadflags , in nsiuri referrer , in nsiinputstream postdata, in nsiinputstream
headers) void reload(in unsigned long reloadflags) void stop(in unsigned long stopflags) constants load flags constant value description load_flags_mask 65535 this flag defines the range of bits that may be specified.
... void loaduri( wstring uri, unsigned long loadflags, nsiuri referrer, nsiinputstream postdata, nsiinputstream
headers ); parameters uri the uri string to load.
... postdata if the uri corresponds to a http request, then this stream is appended directly to the http request
headers.
...And 3 more matches
Protocol upgrade mechanism - HTTP
this means that a typical request that includes upgrade would look something like: get /index.html http/1.1 host: www.example.com connection: upgrade upgrade: example/1, foo/2 other
headers may be required depending on the requested protocol; for example, websocket upgrades allow additional
headers to configure details about the websocket connection as well as to offer a degree of security in opening the connection.
...after creating the initial http/1.1 session, you need to request the upgrade by adding to a standard request the upgrade and connection
headers, as follows: connection: upgrade upgrade: websocket websocket-specific
headers the following
headers are involved in the websocket upgrade process.
... other than the upgrade and connection
headers, the rest are generally optional or handled for you by the browser and server when they're talking to each other.
...And 3 more matches
Planned changes to shared memory - JavaScript
for top-level documents, two
headers will need to be set: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) with these two
headers set, postmessage() will no longer throw for sharedarraybuffer objects and shared memory across threads is therefore available.
...direct access between two top-level window contexts will essentially only work if they are same-origin and carry the same two
headers with the same two values.
... sharedarraybuffer objects are in principle always available, but unfortunately the constructor on the global object is hidden, unless the two
headers mentioned above are set, for compatibility with web content.
...And 3 more matches
jspage - Archive of obsolete content
or(var d=0,c=1;1;d+=c,c/=2){if(f>=(7-4*d)/11){e=c*c-math.pow((11-6*d-11*f)/4,2); break;}}return e;},elastic:function(b,a){return math.pow(2,10*--b)*math.cos(20*b*math.pi*(a[0]||1)/3);}});["quad","cubic","quart","quint"].each(function(b,a){fx.transitions[b]=new fx.transition(function(c){return math.pow(c,[a+2]); });});var request=new class({implements:[chain,events,options],options:{url:"",data:"",
headers:{"x-requested-with":"xmlhttprequest",accept:"text/javascript, text/html, application/xml, text/xml, */*"},async:true,format:false,method:"post",link:"ignore",issuccess:null,emulation:true,urlencoded:true,encoding:"utf-8",evalscripts:false,evalresponse:false,nocache:false},initialize:function(a){this.xhr=new browser.request(); this.setoptions(a);this.options.issuccess=this.options.issuccess||this.
...issuccess;this.
headers=new hash(this.options.
headers);},onstatechange:function(){if(this.xhr.readystate!=4||!this.running){return; }this.running=false;this.status=0;$try(function(){this.status=this.xhr.status;}.bind(this));this.xhr.onreadystatechange=$empty;if(this.options.issuccess.call(this,this.status)){this.response={text:this.xhr.responsetext,xml:this.xhr.responsexml}; this.success(this.response.text,this.response.xml);}else{this.response={text:null,xml:null};this.failure();}},issuccess:function(){return((this.status>=200)&&(this.status<300)); },processscripts:function(a){if(this.options.evalresponse||(/(ecma|java)script/).test(this.getheader("content-type"))){return $exec(a);}return a.stripscripts(this.options.evalscripts); },success:function(b,a){this.onsuccess(this.processscripts(b),a);},...
...onsuccess:function(){this.fireevent("complete",arguments).fireevent("success",arguments).callchain(); },failure:function(){this.onfailure();},onfailure:function(){this.fireevent("complete").fireevent("failure",this.xhr);},setheader:function(a,b){this.
headers.set(a,b); return this;},getheader:function(a){return $try(function(){return this.xhr.getresponseheader(a);}.bind(this));},check:function(){if(!this.running){return true; }switch(this.options.link){case"cancel":this.cancel();return true;case"chain":this.chain(this.caller.bind(this,arguments));return false;}return false;},send:function(k){if(!this.check(k)){return this; }this.running=true;var i=$type(k);if(i=="string"||i=="element"){k={data:k};}var d=this.options;k=$extend({data:d.data,url:d.url,method:d.method},k);var g=k.data,b=string(k.url),...
...And 2 more matches
Microsummary topics - Archive of obsolete content
controlling the frequency of microsummary requests when firefox downloads content in order to update a microsummary, it honors cache-related http response
headers.
...for example, you might include the following header in your response to prevent firefox from making another microsummary-related request for one hour: cache-control: max-age=3600 note: because of a technical limitation (bug 346820), firefox uses the same cache for both microsummary-related requests and user-initiated requests, so the cache
headers you return apply to both.
... thus if your cache
headers tell firefox not to refresh a page on your site more than once per hour, and the user reloads the page within that time period, the user will see the cached version of your page, which may not be what you want.
...And 2 more matches
NPStream - Archive of obsolete content
syntax typedef struct _npstream { void* pdata; /* plug-in private data */ void* ndata; /* netscape private data */ const char* url; uint32 end; uint32 lastmodified; void* notifydata; const char *
headers; } npstream; fields the data structure has the following fields: plug-in-private value that the plug-in can use to store a pointer to private data associated with the instance; not modified by the browser.
...
headers the response
headers from the host.
... this field is only available if the np version is greater than or equal to npvers_has_response_
headers.
...And 2 more matches
CORS - MDN Web Docs Glossary: Definitions of Web-related terms
cors (cross-origin resource sharing) is a system, consisting of transmitting http
headers, that determines whether browsers block frontend javascript code from accessing responses for cross-origin requests.
... learn more general knowledge cross-origin resource sharing (cors) on mdn cross-origin resource sharing on wikipedia cors
headers access-control-allow-origin indicates whether the response can be shared.
... access-control-allow-
headers used in response to a preflight request to indicate which http
headers can be used when making the actual request.
...And 2 more matches
Makefile - variables
exports_namespaces exported package include directory: dist/include/${namespace} exports_${namespace} a list of exports/
headers that should be copied into the exported namespace directory.
... module instructs the build system where to install exported
headers.
... xpidlsrcs internal: a list of .idl files to generate exported
headers from.
...And 2 more matches
PR_TransmitFile
syntax #include <prio.h> print32 pr_transmitfile( prfiledesc *networksocket, prfiledesc *sourcefile, const void *
headers, print32 hlen, prtransmitfileflags flags, printervaltime timeout); parameters the function has the following parameters: networksocket a pointer to a prfiledesc object representing the connected socket to send data over.
...
headers a pointer to the buffer holding the
headers to be sent before sending data.
... hlen length of the
headers buffer in bytes.
...And 2 more matches
NSS Developer Tutorial
symbol export lists the manifest.mn file, in a directory in the nss source tree, specifies which
headers are public, and which
headers are private.
... public
headers are in the exports variable.
... private
headers,which may be included by files in other directories, are in the private_exports variable.
...And 2 more matches
Observer Notifications
http requests these are the topics that you can observe during a http request (see setting http request
headers and creating sandboxed http connections).
...the channel is available to allow you to modify
headers and such.
...
headers are available on the channel.
...And 2 more matches
nsIHttpHeaderVisitor
netwerk/protocol/http/nsihttpheadervisitor.idlscriptable this interface is used to view http request and response
headers.
... inherits from: nsisupports last changed in gecko 1.7 method overview void visitheader(in acstring aheader, in acstring avalue); methods visitheader() called by the nsihttpchannel implementation when visiting request and response
headers.
... this method can throw an exception to terminate enumeration of the channel's
headers.
...And 2 more matches
URLs - Plugins
for protocols in which the
headers must be distinguished from the body, such as http, the buffer or file should contain the
headers, followed by a blank line, then the body.
... if no custom
headers are required, simply add a blank line ('\n') to the beginning of the file or buffer.
... note: you cannot use npn_posturl to specify
headers (even a blank line) in a memory buffer.
...And 2 more matches
Network request list - Firefox Developer Tools
regexp:\d{5} regexp:mdn|mozilla for example, to find all 404, not found, errors, you can type "404" into the search and auto-complete suggests "status-code:404" so you'll end up with something like this: search in requests use the search panel to run a full-text search on
headers and content.
...the search results area below the search field displays the requests that contain that string in the request or response
headers or in the content of the response.
... copy > copy request
headers copies the request's header to the clipboard.
...And 2 more matches
Cache - Web APIs
note: the caching api doesn't honor http caching
headers.
... // (see /docs/web/api/request/clone) return fetch(event.request.clone()).then(function(response) { console.log(' response for %s from network is: %o', event.request.url, response); if (response.status < 400 && response.
headers.has('content-type') && response.
headers.get('content-type').match(/^font\//i)) { // this avoids caching responses that we know are errors (i.e.
... // note that for opaque filtered responses (https://fetch.spec.whatwg.org/#concept-filtered-response-opaque) // we can't access to the response
headers, so this check will always fail and the font won't be cached.
...And 2 more matches
Fetch basic concepts - Web APIs
in a nutshell at the heart of fetch are the interface abstractions of http requests, responses,
headers, and body payloads, along with a global fetch method for initiating asynchronous resource requests.
... guard guard is a feature of
headers objects, with possible values of immutable, request, request-no-cors, response, or none, depending on where the header is used.
... when a new
headers object is created using the
headers() constructor, its guard is set to none (the default).
...And 2 more matches
Writing WebSocket servers - Web APIs
the client will send a pretty standard http request with
headers that looks like this (the http version must be 1.1 or greater, and the method must be get): get /chat http/1.1 host: example.com:8000 upgrade: websocket connection: upgrade sec-websocket-key: dghlihnhbxbszsbub25jzq== sec-websocket-version: 13 the client can solicit extensions and/or subprotocols here; see miscellaneous for details.
... also, common
headers like user-agent, referer, cookie, or authentication
headers might be there as well.
...once the server sends these
headers, the handshake is complete and you can start swapping data!
...And 2 more matches
HTTP response status codes - HTTP
head: the entity
headers are in the message body.
... 204 no content there is no content to send for this request, but the
headers may be useful.
... the user-agent may update its cached
headers for this resource with the new ones.
...And 2 more matches
HTTP
this article describes different methods of caching and how to use http
headers to control them.
... http
headers http message
headers are used to describe a resource, or the behavior of the server or the client.
... custom proprietary
headers can be added using the x- prefix; others in an iana registry, whose original content was defined in rfc 4229.
...And 2 more matches
Assessment: Structuring planet data - Learn web development
add a row to the table header containing all the column
headers.
... add attributes to make the row and column
headers unambiguously associated with the rows, columns, or rowgroups that they act as headings for.
... add a black border just around the column that contains all the planet name row
headers.
... one way of associating
headers with their rows/columns is a lot easier than the other way.
Handling common accessibility problems - Learn web development
if you instead look at our punk-bands-complete.html example (live, source), you can see a few accessibility aids at work here, such as table
headers (<th> and scope attributes), <caption> element, etc.
... vo + r + r (two rs in succession) (when inside a table) read the entire current row, including the
headers that correspond to each cell.
... screenreader testing now you've gotten used to using a screenreader, we'd like you to use it to do some quick accessibility tests, to get an idea of how screenreaders deal with good and bad webpage features: look at good-semantics.html, and note how the
headers are found by the screenreader and available to use for navigation.
... look at our punk-bands-complete.html example, and see how the screenreader is able to associate columns and rows of content and read them out all together because we've defined
headers properly.
AsyncTestUtils extended framework
keep in mind that the class is not magic and will lose track of the message
headers if you manipulate them without referencing the message set.
... accessing synthetic messages and
headers synmessages [attribute] the js list of syntheticmessages held in the set.
... xpcomhdrarray [getter] return an nsimutablearray of the message
headers that have been injected into folders.
...namely, if you use async_move_messages / async_trash_messages on the resulting set, the original sets won't know the messages moved and will get confused if you try and access
headers via them again.
NSS API Guidelines
the public
headers is a list of header files that contain types, and functions, that are publicly available to higer-level apis.
... library description layer directory public
headers certdb provides all certificate handling functions and types.
... "friend"
headers are for things that we really wish weren't used by non-nss code, but which are.
... "module"
headers are for things used only within a specific subset of nss; things which would have been "static" if we had combined separate c source files together.
nsIMsgSearchSession
p, in nsimsgsearchvalue value); long countsearchscopes(); void getnthsearchscope(in long which,out nsmsgsearchscopevalue scopeid, out nsimsgfolder folder); void addscopeterm(in nsmsgsearchscopevalue scope, in nsimsgfolder folder); void adddirectoryscopeterm(in nsmsgsearchscopevalue scope); void clearscopes(); [noscript] boolean scopeusescustom
headers(in nsmsgsearchscopevalue scope, in voidptr selection, in boolean forfilters); boolean isstringattribute(in nsmsgsearchattribvalue attrib); void addallscopes(in nsmsgsearchscopevalue attrib); void search(in nsimsgwindow awindow); void interruptsearch(); void pausesearch(); void resumesearch(); [noscript] nsmsgsearchtype setsearchparam(...
... void addscopeterm(in nsmsgsearchscopevalue scope, in nsimsgfolder folder); parameters scope folder adddirectoryscopeterm() void adddirectoryscopeterm(in nsmsgsearchscopevalue scope); parameters scope clearscopes() void clearscopes(); scopeusescustom
headers() call this function everytime the scope changes!
...fes should not display the custom header dialog if custom
headers are not supported.
... [noscript] boolean scopeusescustom
headers(in nsmsgsearchscopevalue scope, in voidptr selection, in boolean forfilters); parameters scope selection could be a folder or server based on scope forfilters isstringattribute() use this to determine if your attribute is a string attribute.
Index
things appear confusing for several reasons: 45 message interfaces interfaces, interfaces:scriptable, needscontent, xpcom api reference, thunderbird nsimsghdr - this interface describes
headers for all mail messages.
... initially, the training.dat file is empty (there was discussion of shipping with a default file) on spam detection, the user can choose to move spam to a special "junk" folder the user can configure junk mail can be automatically purged from the "junk" folder to analyze a message for spam, we need the entire message, not just the
headers.
...the customdb
headers preference article provides information on a preference setting that exposes custom header data for use in a custom column within thunderbird's main view.
... 112 customdb
headers preference developing a custom column to display a 'superfluous' column within thunderbird's main view.
HTMLTableCellElement - Web APIs
this alternate label can be used in other contexts, such as when describing the
headers that apply to a data cell.
... htmltablecellelement.
headers read only is a domsettabletokenlist describing a list of id of <th> elements that represents
headers associated with the cell.
... it reflects the
headers attribute.
... the
headers property is now read-only and contains a domsettabletokenlist rather than a mere domstring.
Request() - Web APIs
headers: any
headers you want to add to your request, contained within a
headers object or an object literal with bytestring values.
...flowers.jpg'); fetch(myrequest).then(function(response) { return response.blob(); }).then(function(response) { var objecturl = url.createobjecturl(response); myimage.src = objecturl; }); in our fetch request with init example (see fetch request init live) we do the same thing except that we pass in an init object when we invoke fetch(): var myimage = document.queryselector('img'); var my
headers = new
headers(); my
headers.append('content-type', 'image/jpeg'); var myinit = { method: 'get',
headers: my
headers, mode: 'cors', cache: 'default' }; var myrequest = new request('flowers.jpg',myinit); fetch(myrequest).then(function(response) { ...
...}); you can also use an object literal as
headers in init.
... var myinit = { method: 'get',
headers: { 'content-type': 'image/jpeg' }, mode: 'cors', cache: 'default' }; var myrequest = new request('flowers.jpg', myinit); you may also pass a request object to the request() constructor to create a copy of the request (this is similar to calling the clone() method.) var copy = new request(myrequest); note: this last usage is probably only useful in serviceworkers.
Response.type - Web APIs
it can be one of the following: basic: normal, same origin response, with all
headers exposed except “set-cookie” and “set-cookie2″.
...certain
headers and the body may be accessed.
...the response’s status is 0,
headers are empty and immutable.
...the response's status is 0,
headers are empty, body is null and trailer is empty.
Using Service Workers - Web APIs
the matching is done via url and vary
headers, just like with normal http requests.
...in this case, we are just returning a simple text string: new response('hello from your friendly neighbourhood service worker!'); this more complex response below shows that you can optionally pass a set of
headers in with your response, emulating standard http response
headers.
... here we are just telling the browser what the content type of our synthetic response is: new response('<p>hello from your friendly neighbourhood service worker!</p>', {
headers: { 'content-type': 'text/html' } }); if a match wasn’t found in the cache, you could tell the browser to simply fetch the default network request for that resource, to get the new resource from the network if it is available: fetch(event.request); if a match wasn’t found in the cache, and the network isn’t available, you could just match the request with some kind of default fallback page as a response using match(), like this: caches.match('./fallback.html'); you can retrieve a lot of information about each request by calling parameters of the request object returned by the fetchevent: ...
... event.request.url event.request.method event.request.
headers event.request.body recovering failed requests so caches.match(event.request) is great when there is a match in the service worker cache, but what about cases when there isn’t a match?
WindowOrWorkerGlobalScope.fetch() - Web APIs
headers any
headers you want to add to your request, contained within a
headers object or an object literal with bytestring values.
...status: ${response.status}`); } return response.blob(); }) .then(function(response) { let objecturl = url.createobjecturl(response); myimage.src = objecturl; }); in the fetch with init then request example (see fetch request init live), we do the same thing except that we pass in an init object when we invoke fetch(): const myimage = document.queryselector('img'); let my
headers = new
headers(); my
headers.append('content-type', 'image/jpeg'); const myinit = { method: 'get',
headers: my
headers, mode: 'cors', cache: 'default' }; let myrequest = new request('flowers.jpg'); fetch(myrequest, myinit).then(function(response) { // ...
... }); you could also pass the init object in with the request constructor to get the same effect: let myrequest = new request('flowers.jpg', myinit); you can also use an object literal as
headers in init.
... const myinit = { method: 'get',
headers: { 'content-type': 'image/jpeg' }, mode: 'cors', cache: 'default' }; let myrequest = new request('flowers.jpg', myinit); specifications specification status comment fetchthe definition of 'fetch()' in that specification.
XMLHttpRequest.getResponseHeader() - Web APIs
if there are multiple response
headers with the same name, then their values are returned as a single concatenated string, where each value is separated from the previous one by a pair of comma and space.
... if you need to get the raw string of all of the
headers, use the getallresponse
headers() method, which returns the entire raw header string.
... example in this example, a request is created and sent, and a readystatechange handler is established to look for the readystate to indicate that the
headers have been received; when that is the case, the value of the content-type header is fetched.
... var client = new xmlhttprequest(); client.open("get", "unicorns-are-teh-awesome.txt", true); client.send(); client.onreadystatechange = function() { if(this.readystate == this.
headers_received) { var contenttype = client.getresponseheader("content-type"); if (contenttype != my_expected_type) { client.abort(); } } } specifications specification status comment xmlhttprequestthe definition of 'getresponseheader()' in that specification.
XMLHttpRequest.readyState - Web APIs
2
headers_received send() has been called, and
headers and status are available.
...during this state, the request
headers can be set using the setrequestheader() method and the send() method can be called which will initiate the fetch.
...
headers_received send() has been called and the response
headers have been received.
...instead of unsent, opened,
headers_received, loading and done, the names readystate_uninitialized (0), readystate_loading (1), readystate_loaded (2), readystate_interactive (3) and readystate_complete (4) are used.
XMLHttpRequest.setRequestHeader() - Web APIs
for security reasons, some
headers can only be controlled by the user agent.
... these
headers include the forbidden header names and forbidden response header names.
... note: for your custom fields, you may encounter a "not allowed by access-control-allow-
headers in preflight response" exception when you send requests across domains.
... in this situation, you need to set up the access-control-allow-
headers in your response header at server side.
ARIA: row role - Accessibility
a row contains one or more cells, grid cells or column
headers, and possibly a row header, within a grid, table or treegrid, and optionally within a rowgroup.
...an role="cell">finland</span> <span role="cell">5.5 million</span> </div> <div role="row"> <span role="cell">france</span> <span role="cell">67 million</span> </div> </div> </div> description the element role="row" is a row within a grid, table or treegrid, and optionally within a rowgroup, that is a container for one or more cells, gridcells, column
headers, or row
headers within a static tabular structure.
...these cells can be of different types, depending on whether they are column or row
headers, or grid or regular cells.
...the header row, alone in a header rowgroup, has two column
headers.
ARIA: rowgroup role - Accessibility
a rowgroup contains one or more rows of cells, grid cells, column
headers, or row
headers within a grid, table or treegrid.
...these cells can be of different types, depending on whether they are column or row
headers, or plain or grid cells.
...a row contains one or more cells, gridcell, or column
headers, and sometimes a row header.
...the header row, alone in a header rowgroup, has two column
headers.
HTTP authentication - HTTP
as both resource authentication and proxy authentication can coexist, a different set of
headers and status codes is needed.
... www-authenticate and proxy-authenticate
headers the www-authenticate and proxy-authenticate response
headers define the authentication method that should be used to gain access to a resource.
... the syntax for these
headers is the following: www-authenticate: <type> realm=<realm> proxy-authenticate: <type> realm=<realm> here, <type> is the authentication scheme ("basic" is the most common scheme and introduced below).
... authorization and proxy-authorization
headers the authorization and proxy-authorization request
headers contain the credentials to authenticate a user agent with a (proxy) server.
Connection - HTTP
except for the standard hop-by-hop
headers (keep-alive, transfer-encoding, te, connection, trailer, upgrade, proxy-authorization and proxy-authenticate), any hop-by-hop
headers used by the message must be listed in the connection header, so that the first proxy knows it has to consume them and not forward them further.
... standard hop-by-hop
headers can be listed too (it is often the case of keep-alive, but this is not mandatory).
... any comma-separated list of http
headers [usually keep-alive only] indicates that the client would like to keep the connection open.
...the list of
headers are the name of the header to be removed by the first non-transparent proxy or cache in-between: these
headers define the connection between the emitter and the first entity, not the destination node.
OPTIONS - HTTP
the access-control-request-
headers header tells the server that when the actual request is sent, it will have the x-pingother and content-type
headers.
... options /resources/post-here/ http/1.1 host: bar.example accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-us,en;q=0.5 accept-encoding: gzip,deflate connection: keep-alive origin: https://foo.example access-control-request-method: post access-control-request-
headers: x-pingother, content-type the server now can respond if it will accept a request under these circumstances.
...(this header is similar to the allow response header, but used only for cors.) access-control-allow-
headers any script inspecting the response is permitted to read the values of the x-pingother and content-type
headers.
... http/1.1 204 no content date: mon, 01 dec 2008 01:15:39 gmt server: apache/2.0.61 (unix) access-control-allow-origin: https://foo.example access-control-allow-methods: post, get, options access-control-allow-
headers: x-pingother, content-type access-control-max-age: 86400 vary: accept-encoding, origin keep-alive: timeout=2, max=100 connection: keep-alive specifications specification title rfc 7231, section 4.3.7: options hypertext transfer protocol (http/1.1): semantics and content ...
A typical HTTP session - HTTP
these http
headers form a block which ends with an empty line.
...as there is no content-length provided in an http header, this data block is presented empty, marking the end of the
headers, allowing the server to process the request the moment it receives this empty line.
... subsequent lines represent specific http
headers, giving the client information about the data sent (e.g.
...similarly to the block of http
headers for a client request, these http
headers form a block ending with an empty line.
431 Request Header Fields Too Large - HTTP
the http 431 request header fields too large response status code indicates that the server refuses to process the request because the request’s http
headers are too long.
... the request may be resubmitted after reducing the size of the request
headers.
... 431 can be used when the total size of request
headers is too large, or when a single header field is too large.
... to help those running into this error, indicate which of the two is the problem in the response body — ideally, also include which
headers are too large.
Getting started - SVG: Scalable Vector Graphics
for normal svg files, servers should send the http
headers: content-type: image/svg+xml vary: accept-encoding for gzip-compressed svg files, servers should send the http
headers: content-type: image/svg+xml content-encoding: gzip vary: accept-encoding you can check that your server is sending the correct http
headers with your svg files by using the network monitor panel or a site such as websniffer.cc.
... submit the url of one of your svg files and look at the http response
headers.
... if you find that your server is not sending the
headers with the values given above, then you should contact your web host.
...if your server is not configured to send the correct
headers with the svg files it serves, then firefox will most likely show the markup of the files as text or encoded garbage, or even ask the viewer to choose an application to open them.
Intercepting Page Loads - Archive of obsolete content
the channel is available to allow you to modify
headers and such.
...
headers are available on the channel.
... asubject.cancel(components.results.ns_binding_aborted); } } } this example shows how you can obtain the url for the request, analyze it using regular expressions, and perform actions on it such as modifying http
headers, or even canceling the request.
Inner-browsing extending the browser navigation paradigm - Archive of obsolete content
webmail application the flexibility to easily access and manage all message
headers in mail applications (like netscape mail or eudora) is probably one of the useful features when compared with web-based mail applications.
...you receive a new page with the next block of message
headers.
...with inner browsing, a simple request to retrieve the next set of message
headers that replace the currently viewed message
headers can dramatically improve user experience.
Hidden prefs - Archive of obsolete content
mail composition "other header" pref ("mail.compose.other.header") the format for this a comma delimited list of mail
headers, like "approved,x-no-archive" an example for your prefs.js would be: user_pref("mail.compose.other.header", "approved"); this will cause "approved" to show up in the compose window address picker, under to:, cc:, bcc:, newsgroup:, etc.
... for example: when that mail gets sent, approved: test@test.com will be in the message in the
headers.
...| mail & newsgroups | addressing" "other compose header" pref from mailnews.js: // you can specify a comma delimited list of optional
headers // this will show up in the address picker in the compose window // examples: "x-face" or "approved" pref("mail.compose.other.header", "approved,x-no-archive"); ...
Message Summary Database - Archive of obsolete content
message
headers the message header object implements the nsimsgdbhdr interface.
... this includes a set of per-message flags, the more commonly used
headers (e.g., subject, sender, from, to, cc, date, etc), and a few other attributes, e.g., keywords.
... there are a set of generic property methods so that core code and extensions can set attributes on msg
headers without changing nsimsghdr.idl.msg threads we store thread information persistently in the database and expose these object through the [nsimsgthread interface.
NPN_PostURL - Archive of obsolete content
you cannot use npn_posturl to specify
headers (even a blank line) in a memory buffer.
...for protocols in which the
headers must be distinguished from the body, such as http, the buffer or file should contain the
headers, followed by a blank line, then the body.
... if no custom
headers are required, simply add a blank line ('\n') to the beginning of the file or buffer.
CORS-safelisted request header - MDN Web Docs Glossary: Definitions of Web-related terms
a cors-safelisted request header is one of the following http
headers: accept, accept-language, content-language, content-type.
... when containing only these
headers (and values that meet the additional requirements laid out below), a requests doesn't need to send a preflight request in the context of cors.
... you can safelist more
headers using the access-control-allow-
headers header and also list the above
headers there to circumvent the following additional restrictions: additional restrictions cors-safelisted
headers must also fulfill the following requirements in order to be a cors-safelisted request header: for accept-language and content-language: can only have values consisting of 0-9, a-z, a-z, space or *,-.;=.
Client hints - MDN Web Docs Glossary: Definitions of Web-related terms
accept-ch: dpr, width, viewport-width, downlink and / or <meta http-equiv="accept-ch" content="dpr, width, viewport-width, downlink"> when a client receives the accept-ch header, if supported, it appends client hint
headers that match the advertised field-values.
... for example, based on accept-ch example above, the client could append dpr, width, viewport-width, and downlink
headers to all subsequent requests.
... example varying response: vary: accept, dpr, width, viewport-width, downlink see also client hints
headers vary http header ...
Entity header - MDN Web Docs Glossary: Definitions of Web-related terms
headers like content-length, content-language, content-encoding are entities
headers.
... even if they are neither request, nor response
headers, entity
headers are often included in such terms.
... a few request
headers after a get request: in the following example, content-length is an entity header, while host and user-agent are requests
headers: post /myform.html http/1.1 host: developer.mozilla.org user-agent: mozilla/5.0 (macintosh; intel mac os x 10.9; rv:50.0) gecko/20100101 firefox/50.0 content-length: 128 learn more technical knowledge list of all http
headers ...
Fetch metadata request header - MDN Web Docs Glossary: Definitions of Web-related terms
these header names are prefixed with sec- and thus they are forbidden header names so
headers can not be modified from javascript.
... fetch metadata request
headers provide the server with additional information about where the request originated from, enabling it to ignore potentially malicious requests.
... the following are fetch metadata request
headers: sec-fetch-site sec-fetch-mode sec-fetch-user sec-fetch-dest ...
Forbidden header name - MDN Web Docs Glossary: Definitions of Web-related terms
modifying such
headers is forbidden because the user agent retains full control over them.
... names starting with `sec-` are reserved for creating new
headers safe from apis using fetch that grant developers control over
headers, such as xmlhttprequest.
... forbidden header names start with proxy- or sec-, or are one of the following names: accept-charset accept-encoding access-control-request-
headers access-control-request-method connection content-length cookie cookie2 date dnt expect feature-policy host keep-alive origin proxy- sec- referer te trailer transfer-encoding upgrade via note: the user-agent header is no longer forbidden, as per spec — see forbidden header name list (this was implemented in firefox 43) — it can now be set in a fetch
headers object, or via xhr setrequestheader().
Preflight request - MDN Web Docs Glossary: Definitions of Web-related terms
a cors preflight request is a cors request that checks to see if the cors protocol is understood and a server is aware using specific methods and
headers.
... it is an options request, using three http request
headers: access-control-request-method, access-control-request-
headers, and the origin header.
... for example, a client might be asking a server if it would allow a delete request, before sending a delete request, by using a preflight request: options /resource/foo access-control-request-method: delete access-control-request-
headers: origin, x-requested-with origin: https://foo.bar.org if the server allows it, then it will respond to the preflight request with an access-control-allow-methods response header, which lists delete: http/1.1 204 no content connection: keep-alive access-control-allow-origin: https://foo.bar.org access-control-allow-methods: post, get, options, delete access-control-max-age: 86400 the preflight...
Eclipse CDT Manual Setup
that object directory is needed to resolve include paths to the various
headers that the build process generates/copies there.
...(see the
headers are only parsed once section below to understand why this step is important for people who have their object directory outside their source tree.) getting code assistance working you're now ready to get code assistance working.
... to improve code assistance even more, see the
headers are only parsed once subsection of the known issues section.
Gecko SDK
the gecko sdk, also known as the xulrunner sdk, is a set of xpidl files,
headers and tools to develop xpcom components which can then in turn e.g.
... the gecko sdk contains all of the necessary tools and
headers for making scriptable npapi plugins including the xpidl compiler/linker and the latest npapi.h.
... get the sdk updates there is no need to download or rebuild the gecko sdk corresponding to security updates of mozilla (e.g., mozilla 1.7.3) since the
headers and glue libs in the gecko sdk are usually not changed as a result of security updates.
Creating a New Protocol
building the new protocol to build the new protocol declaration and generate
headers, make in ipc/ipdl: make -c objdir/ipc/ipdl if there are any protocol-level errors, the ipdl compiler will print the relevant error messages and stop.
... to view the generated
headers, look in objdir/ipc/ipdl/_ipdl
headers .
...the method signatures can be read from the generated pnewprotocolparent.h and pnewprotocolchild.h
headers.
Http.jsm
httprequest supports the following parameters: name meaning
headers an array of
headers postdata this can be: a string: send it as is an array of parameters: encode as form values null/undefined: no post data.
...
headers or post data are given as an array of arrays, for each inner array the first value is the key and the second is the value.
...in this case, the content type may be set through the
headers parameter.
Creating localizable web applications
you can use one or more of the following techniques: http accept-language
headers, the ua string, ip geolocation.
...for example, if not all the pages of your website are going to be localized, you may consider removing links to the english-only pages from the navigation (
headers, footers, sidebars) in the localized versions.
...might be also helpful for
headers and footers, if you're not using templates to display them.
Enc Dec MAC Output Public Key as CSR
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include #include #include #include #include #include #include #include #include #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define ...
...; case lab: header = lab_header; trailer = lab_trailer; break; default: pr_close(file); return secfailure; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ char *trail = null; if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { ...
... *trail = '\0'; } else { pr_fprintf(pr_stderr, "input has header but no trailer\n"); port_free(filedata.data); return secfailure; } } else { /*
headers didn't exist */ body = nonbody; if (body) { trail = strstr(++body, trailer); if (trail != null) { pr_fprintf(pr_stderr, "input has no header but has trailer\n"); port_free(filedata.data); return secfailure; } } } cleanup: pr_close(file); atob_convertasciitoitem(item, body); return secsuccess; } /* * generate the private key */ seckeyprivatekey * generateprivatekey(keytype keytype, pk11slotinfo *slot, int size, int publ...
Enc Dec MAC Using Key Wrap CertReq PKCS10 CSR
*/ /* nspr
headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* nss
headers */ #include <keyhi.h> #include <pk11priv.h> /* our samples utilities */ #include "util.h" /* constants */ #define blocksize 32 #define modblocksize 128 #define default_key_bits 1024 /* header fi...
... header = ns_sig_header; trailer = ns_sig_trailer; break; default: rv = secfailure; goto cleanup; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0...
...'; } else { pr_fprintf(pr_stderr, "input has header but no trailer\n"); port_free(filedata.data); rv = secfailure; goto cleanup; } } else { /*
headers didn't exist */ char *trail = null; body = nonbody; if (body) { trail = strstr(++body, trailer); if (trail != null) { pr_fprintf(pr_stderr, "input has no header but has trailer\n"); port_free(filedata.data); rv = secfailure; goto cleanup; } } } hextobuf(body, item, ishexdata); cleanup: if (file) { pr_close(file); } return rv; } /* * generate the private key */ seckeyprivatekey * ...
NSS Sample Code Sample_3_Basic Encryption and MACing
sample code 3 /* nspr
headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* nss
headers */ #include <keyhi.h> #include <pk11priv.h> /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header "-----begin aeskey ckaid-----" #define enckey_trailer "-----end aeskey ckaid-----" #def...
...*/ /* nspr
headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* * gather a cka_id */ secstatus gathercka_id(pk11symkey* key, secitem* buf) { secstatus rv = pk11_readrawattribute(pk11_typesymkey, key, cka_id, buf); if (rv != secsuccess) { pr_fprintf(pr_stderr, "pk11_readrawattribute returned (%...
... strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; ...
sample2
*/ /* nspr
headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* nss
headers */ #include <cryptohi.h> #include <keyhi.h> #include <pk11priv.h> #include <cert.h> #include <base64.h> #include <secerr.h> #include <secport.h> #include <secoid.h> #include <secmodt.h> #include <secoidt.h> #include <sechash.h> /* our samples utilities */ #include "util.h" /* constants */ #define blocksize 32 #define modblocksize 128 #define default_key_bits 1024 /* header file constants */ #define enckey_hea...
..._trailer; break; case certvfy: header = ns_cert_vfy_header; trailer = ns_cert_vfy_trailer; break; case sig: header = ns_sig_header; trailer = ns_sig_trailer; break; default: rv = secfailure; goto cleanup; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; } else { pr_fprintf(pr_stderr, "input has header but no trailer\n"); port_free(filedata.data); ...
...rv = secfailure; goto cleanup; } } else { /*
headers didn't exist */ char *trail = null; body = nonbody; if (body) { trail = strstr(++body, trailer); if (trail != null) { pr_fprintf(pr_stderr, "input has no header but has trailer\n"); port_free(filedata.data); rv = secfailure; goto cleanup; } } } hextobuf(body, item, ishexdata); cleanup: if (file) { pr_close(file); } return rv; } /* * generate the private key */ seckeyprivatekey * generateprivatekey(keytype keytype, pk11slotinfo *slot, int size, int publicexponent, const char *noise, seckeypublickey **pubkeyp, const char *pqgfile, secupwdata *pwdata) { ck_mechanism_type mechanism; secoidtag algtag; pk11rsagenparams rsaparams; void *params; seckeyprivatekey *privkey = null; secstatus rv; unsigned char randbuf[blocksize + 1]; rv = generaterandom(ra...
SpiderMonkey Build Documentation
try configuring like so: cc=clang cxx=clang++ ../configure it is also possible that baldrdash may fail to compile with /usr/local/cellar/llvm/7.0.1/lib/clang/7.0.1/include/inttypes.h:30:15: fatal error: 'inttypes.h' file not found /usr/local/cellar/llvm/7.0.1/lib/clang/7.0.1/include/inttypes.h:30:15: fatal error: 'inttypes.h' file not found, err: true this is because, starting from mohave,
headers are no longer installed in /usr/include.
... refer the release notes under command line tools -> new features the release notes also states that this compatibility package will no longer be provided in the near future, so the build system on macos will have to be adapted to look for
headers in the sdk until then, the following should help, open /library/developer/commandlinetools/packages/macos_sdk_
headers_for_macos_10.14.pk this builds an executable named js in the directory build-release/dist/bin.
...you cannot use
headers built for one version/configuration of jsapi to create object files which will be linked against another.
Finishing the Component
grab the right
headers, use the component or service manager to access the interface you want, and the xpcom object(s) that implement that interface will do your bidding.
...copy the
headers and idl files that you need from the content/base/public source directory of the gecko build into this new directory.
... (for weblock, all you need are the
headers for nsicontentpolicy and the nsicontentpolicy.idl.) then, using the same steps you used to create the weblock.h, create a header from this idl file using the xpidl compiler.
Setting up the Gecko SDK
downloading and setting the sdk the gecko sdk provides all of the tools,
headers, and libraries that you need to build xpcom components.
...for example, the
headers for networking are all located in the necko directory, and the
headers that xpcom requires are in the xpcom directory.
... application name description of functionality regxpcom.exe registers or unregisters components with xpcom xpidl.exe generates typelib and c++
headers from xpidl xpt_dump.exe prints out information about a given typelib xpt_link.exe combines multiple typelibs into a single typelib library name description of functionality xpcomglue.lib xpcom glue library to be used by xpcom components.
nsIDocShell
pal, in domstring documenturi, in boolean create); nsidomstorage getsessionstorageforuri(in nsiuri uri, in domstring documenturi); void historypurged(in long numentries); void internalload(in nsiuri auri, in nsiuri areferrer, in nsisupports aowner, in pruint32 aflags, in wstring awindowtarget, in string atypehint, in nsiinputstream apostdatastream, in nsiinputstream a
headersstream, in unsigned long aloadflags, in nsishentry ashentry, in boolean firstparty, out nsidocshell adocshell, out nsirequest arequest); native code only!
...void internalload( in nsiuri auri, in nsiuri areferrer, in nsisupports aowner, in pruint32 aflags, in wstring awindowtarget, in string atypehint, in nsiinputstream apostdatastream, in nsiinputstream a
headersstream, in unsigned long aloadflags, in nsishentry ashentry, in boolean firstparty, out nsidocshell adocshell, out nsirequest arequest ); parameters auri the uri to load.
... apostdatastream post data stream (if posting) a
headersstream stream containing "extra" request
headers.
nsIMsgDBView
method overview void open(in nsimsgfolder folder, in nsmsgviewsorttypevalue sorttype, in nsmsgviewsortordervalue sortorder, in nsmsgviewflagstypevalue viewflags, out long count); void openwithhdrs(in nsisimpleenumerator a
headers, in nsmsgviewsorttypevalue asorttype, in nsmsgviewsortordervalue asortorder, in nsmsgviewflagstypevalue aviewflags, out long acount); void close(); void init(in nsimessenger amessengerinstance, in nsimsgwindow amsgwindow, in nsimsgdbviewcommandupdater acommandupdater); void sort(in nsmsgviewsorttypevalue sorttype, in nsmsgviewsortordervalue sortorder); void doc...
... openwithhdrs() opens the view with a set of specified
headers.
... void openwithhdrs(in nsisimpleenumerator a
headers, in nsmsgviewsorttypevalue asorttype, in nsmsgviewsortordervalue asortorder, in nsmsgviewflagstypevalue aviewflags, out long acount); parameters a
headers a list of
headers to open, arranged in an nsisimpleenumerator.
nsIMsgMessageService
iurllistener aurllistener, out nsiuri aurl); void search(in nsimsgsearchsession asearchsession, in nsimsgwindow amsgwindow, in nsimsgfolder amsgfolder, in string asearchuri); nsiuri streammessage(in string amessageuri, in nsisupports aconsumer, in nsimsgwindow amsgwindow, in nsiurllistener aurllistener, in boolean aconvertdata, in string aadditionalheader); nsiuri stream
headers(in string amessageuri, in nsistreamlistener aconsumer, in nsiurllistener aurllistener [optional] in boolean alocalonly); boolean ismsginmemcache(in nsiuri aurl, in nsimsgfolder afolder, out nsicacheentrydescriptor acacheentry); nsimsgdbhdr messageuritomsghdr(in string uri); methods copymessage() pass in the uri for the message you want to have copied.
...nput.queryinterface(components.interfaces.nsiscriptableinputstream); scriptinputstream.init(consumer); try { msgservice.streammessage(messageuri, msgstream, msgwindow, null, false, null); } catch (ex) { alert("error: "+ex) } scriptinputstream .available(); while (scriptinputstream .available()) { content = content + scriptinputstream .read(512); } alert(content stream
headers() this method streams a message's
headers to the passed in consumer.
... nsiuri streammessage(in string amessageuri, in nsistreamlistener aconsumer, in nsiurllistener aurllistener, in boolean alocalonly); parameters amessageuri uri of message to stream aconsumer nsistreamlistener generally, a stream listener listening to the message
headers.
nsIUploadChannel2
1.0 66 introduced gecko 1.9.2 inherits from: nsisupports last changed in gecko 1.9.2 (firefox 3.6 / thunderbird 3.1 / fennec 1.0) method overview void explicitsetuploadstream(in nsiinputstream astream, in acstring acontenttype, in long long acontentlength, in acstring amethod, in boolean astreamhas
headers); methods explicitsetuploadstream() sets a stream to be uploaded by this channel with the specified content-type and content-length header values.
... void explicitsetuploadstream( in nsiinputstream astream, in acstring acontenttype, in long long acontentlength, in acstring amethod, in boolean astreamhas
headers ); parameters astream the stream to be uploaded by this channel.
...astreamhas
headers true if the stream already contains
headers for the http request.
nsIWebBrowserPersist
n nsichannel achannel, in nsisupports afile); void savedocument(in nsidomdocument adocument, in nsisupports afile, in nsisupports adatapath, in string aoutputcontenttype, in unsigned long aencodingflags, in unsigned long awrapcolumn); void saveuri(in nsiuri auri, in nsisupports acachekey, in nsiuri areferrer, in long areferrerpolicy, in nsiinputstream apostdata, in string aextra
headers, in nsisupports afile, in nsiloadcontext aprivacycontext); void saveprivacyawareuri(in nsiuri auri, in nsisupports acachekey, in nsiuri areferrer, in long areferrerpolicy, in nsiinputstream apostdata, in string aextra
headers, in nsisupports afile, in boolean aisprivate); attributes attribute type description currentstate unsigned long current state o...
... void saveuri( in nsiuri auri, in nsisupports acachekey, in nsiuri areferrer, in long areferrerpolicy, in nsiinputstream apostdata, in string aextra
headers, in nsisupports afile, in nsiloadcontext aprivacycontext ); parameters auri uri to save to file.
... aextra
headers additional
headers to supply with an http request or nsnull.
pyxpidl
the pyxpidl tool suite has been built to replace the older xpidl tool which, in the past, was used to turn xpidl files into c++
headers and xpcom typelibs (xpt files).
...unlike xpidl, which combined all the functions into a single utility, pyxpidl is comprised of two utilities: header.py, which generates c++
headers from idl, and typelib.py, which generates xpt files.
... generating c++
headers to generate c++
headers, use the header.py utility: sdkdir/sdk/bin/header.py --cachedir=<path> -o <outputfilename.h> <filename.idl> generating typelibs generating typelib files is done using the typelib.py utility: sdkdir/sdk/bin/typelib.py --cachedir=<path> -o <outputfilename.xpt> <filename.idl> comparing pyxpidl to xpidl this table provides a mapping of old xpidl options to pyxpidl.
Main Windows
two are stacked showing either a brief or expanded view of the
headers.
...menus, toolbar buttons, and
headers are all taken from exactly the same overlays listed above though.
...two are stacked showing either a brief or expanded view of the
headers.
WebIDL bindings
there are various helper objects and utility methods in dom/bindings that are also all in the mozilla::dom namespace and whose
headers are all exported into mozilla/dom (placed in $objdir/dist/include by the build process).
... if you do use it, you will need to make sure your header includes all the
headers needed for your func annotations.
... binding code will include the
headers necessary for a [func], unless the interface is using a non-deafault heder file.
Console messages - Firefox Developer Tools
the x-content-security-policy and x-content-security-report-only
headers will be deprecated in the future.
... please use the content-security-policy and content-security-report-only
headers with csp spec compliant syntax instead.
... the web console decodes these
headers and displays them.
Request.mode - Web APIs
no-cors — prevents the method from being anything other than head, get or post, and the
headers from being anything other than simple
headers.
... if any serviceworkers intercept these requests, they may not add or override any
headers except for those that are simple
headers.
...only a limited set of
headers are exposed in the response, but the body is readable.
XMLHttpRequest - Web APIs
xmlhttprequest.withcredentials is a boolean that indicates whether or not cross-site access-control requests should be made using credentials such as cookies or authorization
headers.
...if true, the request will be sent without cookie and authentication
headers.
... xmlhttprequest.getallresponse
headers() returns all the response
headers, separated by crlf, as a string, or null if no response has been received.
ARIA Test Cases - Accessibility
basic grid -- single select grid in an application -- single select illinois grid example -- multi select expected at behavior: screen reader should read column and row
headers as the grid is traversed with arrow keys (in forms mode).
...for example, while in the grid in forms mode, the user should be able to configure the screen reader to read row
headers only.
...verse a list of landmarks or next/prev landmark keys screen readers should support nested landmarks, and multiple landmarks of the same time screen readers should announce the number of landmarks at page load, if they exist on the page screen readers should announce landmarks as users navigate into them (test in all screen reader modes) 8 (jg) are their any landmark role equivalents with html
headers like role=main~h1??
<table>: The Table element - HTML: Hypertext Markup Language
mdn tables for visually impaired users tables with two
headers • tables • w3c wai web accessibility tutorials tables with irregular
headers • tables • w3c wai web accessibility tutorials h63: using the scope attribute to associate header cells and data cells in data tables | w3c techniques for wcag 2.0 complicated tables assistive technology such as screen readers may have difficulty parsing tables that are so complex that header cells can’t b...
... if the table cannot be broken apart, use a combination of the id and
headers attributes to programmatically associate each table cell with the header(s) the cell is associated with.
... mdn tables for visually impaired users tables with multi-level
headers • tables • w3c wai web accessibility tutorials h43: using id and
headers attributes to associate data cells with header cells in data tables | techniques for w3c wcag 2.0 specifications specification status comment html living standardthe definition of 'table element' in that specification.
<tr>: The Table Row element - HTML: Hypertext Markup Language
note the use of rowspan on to make the "name", "id", and "balance"
headers occupy two rows instead of just one, and the use of colspan to make the "membership dates" header cell span across two columns.
...note the use of rowspan on to make the "name", "id", and "balance"
headers occupy two rows instead of just one, and the use of colspan to make the "membership dates" header cell span across two columns.
... the "joined" and "canceled"
headers let's style these two header cells with green and red hues to represent the "good" of a new member and the "bummer" of a canceled membership.
Using the application cache - HTML: Hypertext Markup Language
section header section
headers specify which section of the cache manifest is being manipulated.
... there are three possible section
headers: section header description cache: switches to the explicit section of the cache manifest (this is the default section).
... it's a good idea to set expires
headers on your web server for *.appcache files to expire immediately.
HTTP caching - HTTP
here is an example of this process with a shared cache proxy: the freshness lifetime is calculated based on several
headers.
...the latter response can also include
headers that update the expiration time of the cached document.
... varying responses the vary http response header determines how to match future request
headers to decide whether a cached response can be used rather than requesting a fresh one from the origin server.
Using HTTP cookies - HTTP
creating cookies after receiving an http request, a server can send one or more set-cookie
headers with the response.
... the set-cookie and cookie
headers the set-cookie http response header sends cookies from the server to the user agent.
... a simple cookie is set like this: set-cookie: <cookie-name>=<cookie-value> this shows the server sending
headers to tell the client to store a pair of cookies: http/2.0 200 ok content-type: text/html set-cookie: yummy_cookie=choco set-cookie: tasty_cookie=strawberry [page content] then, with every subsequent request to the server, the browser sends back all previously stored cookies to the server using the cookie header.
DPR - HTTP
the dpr header is a client hints
headers which represents the client device pixel ratio (dpr), which is the the number of physical device pixels corresponding to every css pixel.
...server has to opt in to receive dpr header from the client by sending accept-ch and accept-ch-lifetime response
headers.
... syntax dpr: <number> examples server first needs to opt in to receive dpr header by sending the response
headers accept-ch containing dpr and accept-ch-lifetime.
HTTP Public Key Pinning (HPKP) - HTTP
this requires mod_
headers enabled.
...this requires the ngx_http_
headers_module.
... <httpprotocol> <custom
headers> <add name="public-key-pins" value="pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includesubdomains" /> </custom
headers> </httpprotocol> ...
Migrating from Internal Linkage to Frozen Linkage - Archive of obsolete content
f promiseflatstring: nsstring firststring = somestring; nsstring secondstring = someotherstring; - nsstring combostring = firststring + secondstring; + nsstring combostring = firststring;+ combostring += secondstring; // or: combostring.append(secondstring); - nsresult rv = somefunc(promiseflatstring(combostring)); + nsresult rv = somefunc(combostring); removing the nsreadableutils.h from the
headers list also means that we would not have access to appendutf16toutf8 kind of functions.
...instead of passing getter_copies(astring) to a method expecting a character pointer out parameter, you will need to use a temporary variable and copy the result.missing
headers some
headers are included from idl files only when mozilla_internal_api is defined (actually, they shouldn't be there at all).
Promises - Archive of obsolete content
"post" : "get"; if (options.mimetype) xhr.overridemimetype(params.options); xhr.open(options.method || defaultmethod, url); if (options.responsetype) xhr.responsetype = options.responsetype; for (let header of object.keys(options.
headers || {})) xhr.setrequestheader(header, options.
headers[header]); let data = options.data; if (data && object.getprototypeof(data).constructor.name == "object") { options.data = new formdata; for (let key of object.keys(data)) options.data.append(key, data[key]); } xhr.send(options.data); }); } example usage: ...
... task.spawn(function* () { let request = yield request("http://example.com/", { method: "put", mimetype: "application/json",
headers: { "x-species": "hobbit" }, data: { foo: new file(path), thing: "stuff" }, responsetype: "json" }); console.log(request.response["json-key"]); }); ...
Compiling The npruntime Sample Plugin in Visual Studio - Archive of obsolete content
add the npapi sdk include path (example : c:\npapi-sdk\
headers) to project properties|(all configurations)|c++|general|additional include directories.
... add the following preprocessor definitions to project properties|(all configurations)|c++|preprocessor|preprocessor definitions: win32;_windows;xp_win32;xp_win;_x86_;npsimple_exports disable precompiled
headers using project properties|(all configurations)|c++|precompiled
headers|create/use precompiled header.
Installing Dehydra - Archive of obsolete content
mkdir gcc-objdir mkdir gcc-dist cd gcc-objdir ../gcc-4.5.3/configure --disable-bootstrap --enable-languages=c,c++ --prefix=$pwd/../gcc-dist make make install building dehydra and treehydra building dehydra requires spidermonkey development
headers from the previous step.
...(obsolete dehydra releases can be found on the mozilla ftp site.) hg clone http://hg.mozilla.org/rewriting-and-analysis/dehydra/ cd dehydra export cxx=/usr/bin/g++ ./configure \ --js-
headers=$home/obj-js/dist/include \ --js-libs=$home/obj-js make # run dehydra and treehydra tests make check usage dehydra checking can be performed directly within the mozilla build.
New Security Model for Web Services - Archive of obsolete content
for example: <wsa:allow type="soapv" from="http://www.mozilla.org"/> this command allows soap requests with verification
headers from scripts loaded from the domain www.mozilla.org.
... <wsa:allow type="soapv" from="http://*.mozilla.org"/> this command allows soap requests with verification
headers from scripts loaded from the domain with host name containing mozilla.org.
Using XPInstall to Install Plugins - Archive of obsolete content
when serving xpi packages from servers to clients, make sure that xpi packages are served with this mime type in the http
headers.
...when serving xpi packages from servers to clients, make sure that xpi packages are served with this mime type in the http
headers.
Sorting Results - Archive of obsolete content
the user can change the sort column and direction by clicking the column
headers, however, you can programmatically change the sort as well.
...the tree will change both attributes as necessary automatically when the column
headers are clicked or the tree is sorted by other means.
Trees - Archive of obsolete content
both can be used to create tables of data with multiple rows and columns, and both may contain column
headers.
... in this case we haven't specified a view to supply the tree's data, so we'll only see column
headers and an empty tree body.
XUL accessibility guidelines - Archive of obsolete content
the column picker and column
headers in xul trees are not keyboard accessible, consistent with the standard tree behavior on most contemporary operating systems.
...because column
headers and the column picker, in the upper right hand corner of the tree, can not receive focus, they are not operable with a keyboard.
Accessibility/XUL Accessibility Reference - Archive of obsolete content
erow> <treecell label="<!--aramis-->" /> </treerow> </treeitem> <treeitem> <treerow> <treecell label="<!--fergus-->" /> </treerow> </treeitem> </treechildren> </treeitem> </treechildren> </tree> there is no keyboard access to the column picker (the widget visually to the right of the column
headers) or the column
headers themselves (for sorting by column).
... jaws 7.10 can not read the column
headers.
tree - Archive of obsolete content
enablecolumndrag type: boolean when set to true, the user may drag the column
headers around to change the order in which they are displayed.
... enablecolumndrag type: boolean when set to true, the user may drag the column
headers around to change the order in which they are displayed.
CORS-safelisted response header - MDN Web Docs Glossary: Definitions of Web-related terms
a cors-safelisted response header is an http header which has been safelisted so that it will not be filtered when responses are processed by cors, since they're considered safe (as the
headers listed in access-control-expose-
headers).
... by default, the safelist includes the following response
headers: cache-control content-language content-type expires last-modified pragma examples extending the safelist you can extend the list of cors-safelisted response
headers by using the access-control-expose-
headers header: access-control-expose-
headers: x-custom-header, content-length ...
Sending form data - Learn web development
we'll discuss these
headers later on.
... select "network" select "all" select "foo.com" in the "name" tab select "
headers" you can then get the form data, as shown in the image below.
Index - Learn web development
228 html table advanced features and accessibility accessibility, advanced, article, beginner, codingscripting, html,
headers, learn, caption, nesting, scope, sumary, table, tbody, tfoot, thead there are a few other things you could learn about table html, but we have really given all you need to know at this moment in time.
... 323 sending form data beginner, codingscripting, files, forms, guide, html, http,
headers, security, web as we'd alluded to above, sending form data is easy, but securing an application can be tricky.
Website security - Learn web development
as a defense, your site can prevent itself from being embedded in an iframe in another site by setting the appropriate http
headers.
...this includes, but is not limited to data in url parameters of get requests, post requests, http
headers and cookies, and user-uploaded files.
Mozilla’s UAAG evaluation report
html: scope attribute (table): available through dom html:
headers attribute (table): available through dom html: axis attribute (table): available through dom html: tabindex attribute: yes, can be used to order sequential navigation html: accesskey attribute: supported with alt-{key}, menu key conflict favor the accesskey?
...(p1) ni we don't make use of scope,
headers, axis, or any other table accessibility features we have nothing under properties, or anywhere else, to orient users reading a table 10.2 highlight selection and content focus.
HTTP logging
logging only http request and response
headers there are two ways to do this: replace moz_log=nshttp:5 with moz_log=nshttp:3 in the commands above.
... there's a handy extension for firefox called http header live that you can use to capture just the http request and response
headers.
Makefile - targets
compile firefox, thunderbird, etc check standalone shell unit test invoked directly by make configure launch the configure program to define
headers and and attributes for the target build machine.
... export generate and install exported
headers: exports makefiles target used to only regenerate makefiles package generate a package tarball clean targets clean remove object files, binaries and generated content clobber alias for clean distclean clean + configure cleanup ...
How Mozilla's build system works
this naming, however, can be misleading because all three sub-tiers are part of the build: export is used to do things like copy
headers into place.
... makefile examples standard makefile header installing
headers using exports compiling interfaces using xpidlsrcs installing a javascript component building a component dll building a static library building a dynamic library makefiles - best practices and suggestions makefile - targets makefile - variables, values makefile - *.mk files & user config building libraries there are three main types of libraries that are built in mozilla: componen...
IPDL Tutorial
the ipdl compiler generates several c++
headers from each ipdl protocol.
... generated c++ code when pplugin.ipdl is compiled, the
headers ppluginparent.h, and ppluginchild.h will be generated in the ipc/ipdl/_ipdl
headers/ directory of the build tree.
Mozilla Web Developer FAQ
you can see the http
headers sent by the server by using the livehttp
headers extension or by using the web sniffer.
...the fonts have to be served from the same origin (protocol, host, port) as the content that uses them unless the fonts are served with the appropriate cross-origin resource sharing http
headers.
Encrypt Decrypt MAC Keys As Session Objects
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header ...
... strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; ...
Encrypt and decrypt MAC using token
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header ...
... strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; ...
Index
/* nspr
headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> #include <prprf.h> /* nss
headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5"...
... -h num generate email
headers with info about cms message (decode only).
Encrypt Decrypt_MAC_Using Token
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header ...
... strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them.
EncDecMAC using token object - sample 3
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header "-----begin aesk...
...eader, iv_header); strcpy(trailer, iv_trailer); break; case mac: strcpy(header, mac_header); strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; } else { pr_fprintf(pr_stderr, "input has header but no trailer\n"); port_free(filedata.data); ...
Installation guide
our makefiles also have an "install" target, but it has a different meaning: our "install" means installing the
headers, libraries, and programs in the appropriate directories under mozilla/dist.
... so right now you need to manually install the
headers, libraries, and programs in the directories you want.
NSS_3.12.3_release_notes.html
s ec private key as an orphan bug 453234: support for seed cipher suites to tls rfc4010 bug 453364: improve pk11_cipherop error reporting (was: pk11_createcontextbysymkey returns null bug 456406: slot list leaks in symkeyutil bug 461085: rfe: export function cert_comparecerts bug 462293: crash on fork after softoken is dlclose'd on some unix platforms in nss 3.12 bug 463342: move some
headers to freebl/softoken bug 463452: sql db creation does not set files protections to 0600 bug 463678: need to add rpath to 64-bit libraries on hp-ux bug 464088: option to build nss without dbm (handy for wince) bug 464223: certutil didn't accept certificate request to sign.
... bug 484425: need accessor function to retrieve symkey handle bug 484466: sec_error_invalid_args with nss_enable_pkix_verify=1 bug 485127: bltest crashes when attempting rc5_cbc or rc5_ecb bug 485140: wrong command line flags used to build intel-aes.s with solaris gas for x86_64 bug 485370: crash bug 485713: files added by red hat recently have missing texts in license
headers.
Necko walkthrough
but the interface for clients of necko is important to consider: send request uri helps creates channel setup channel (
headers, request data, response callback...) channel->asyncopen.
...channel checks if we're proxying or not fires off the dns prefetch request (dispatched to dns thread pool) some other things nshttpchannel::connect might to a speculativeconnect (pre open tcp socket) nshttpchannel::continueconnect some cache stuff nshttpchannel::setuptransaction creates new nshttptransaction, and inits it with mrequesthead (the request
headers) and muploadstream (which was created from the request data in channel setup) gets an nsiasyncinputstream (for the response; corresponds to the nspipeinputstream for the response stream pipe) passes it to nsinputstreampump nshttpchannel::ghttphandler->initiatetransaction (called from connect) this is the global nshttphandler object, which adds the transaction to the nshttpconnec...
Parser API
all binding forms (such as function parameters, variable declarations, and catch block
headers) accept array and object destructuring patterns in addition to plain identifiers.
...in binding positions (such as function parameters, variable declarations, and catch
headers), patterns can only be identifiers in the base case, not arbitrary expressions.
XPCOM glue
compiling or linking against xpcom
headers there are three ways to compile/link against xpcom
headers/libraries: frozen linkage: dependent glue (dependent on xpcom.dll) xpcom modules, i.e.
... sample compiler/linker flags code compiled using xpcom
headers should always #include "xpcom-config.h" from the sdk, to ensure that xpcom #defines are correct.
Creating the Component Code
for example, mozilla_strict_api is a variable that shields you from certain private, non-xpcom
headers.
... for example, including nsicomponentmanager.idl without mozilla_strict_api defined will include the following
headers, which are not supported across versions (unfrozen): nscomponentmanagerutils.h nscomponentmanagerobsolete.h these variables are picked up by files that do not specify themselves as mozilla_strict_api.
Mozilla internal string guide
the
headers and implementation are in the xpcom/string directory.
...used for http
headers and for size-optimized storage in text node and spidermonkey strings.
IAccessibleTable
columnheader() returns the column
headers as an iaccessibletable object.
...rowheader() returns the row
headers as an iaccessibletable object.
IAccessibleTableCell
columnheadercells() returns the column
headers as an array of cell accessibles.
...rowheadercells() returns the row
headers as an array of cell accessibles.
nsIAccessibleRole
role_table 24 represents a table that contains rows and columns of cells, and optionally, row
headers and column
headers.
...it is used for xul tree column
headers, html:th, role="colheader".
nsIMimeConverter
the nsimimeconverter service allows you to convert
headers into and out of mime format.
... structured whether or not this string may contain <> blocks which should not be encoded (e.g., the from and to
headers).
nsIMsgDBHdr
the nsimsgdbhdr interface describes
headers for mail messages.
...
headers are backed by the database: a call to these functions directly modifies the state of the database, although it is not saved until the database is committed.
nsIMsgFilterList
defined in comm-central/ mailnews/ base/ search/ public/ nsimsgfilterlist.idl attributes folder attribute nsimsgfolder nsimsgfilterlist::folder version readonly attribute short nsimsgfilterlist::version arbitrary
headers readonly attribute acstring nsimsgfilterlist::arbitrary
headers shoulddownloadall
headers readonly attribute boolean nsimsgfilterlist::shoulddownloadall
headers filtercount readonly attribute unsigned long nsimsgfilterlist::filtercount loggingenabled attribute boolean nsimsgfilterlist::loggingenabled defaultfile attribute nsilocalfile nsimsgfilterlist::defaultfile logstream attribute nsioutputstream nsimsgfilterlist::logstream logurl readonly attribute acstring nsimsgfilterlist::logurl methods getfilterat() nsimsgfilter nsimsgfilterlist::getfilterat (in unsigned lo...
...terlist::parsecondition ( in nsimsgfilter afilter, in string condition ) savetodefaultfile() void nsimsgfilterlist::savetodefaultfile ( ) applyfilterstohdr() void nsimsgfilterlist::applyfilterstohdr ( in nsmsgfiltertypetype filtertype, in nsimsgdbhdr msghdr, in nsimsgfolder folder, in nsimsgdatabase db, in string
headers, in unsigned long
headersize, in nsimsgfilterhitnotify listener, in nsimsgwindow msgwindow, in nsilocalfile amessagefile ) writeinattr() void nsimsgfilterlist::writeintattr ( in nsmsgfilterfileattribvalue attrib, in long value, in nsioutputstream stream ) writestrattr() void nsimsgf...
nsIMsgFolder
many
headerstodownload boolean readonly: used to determine if it will take a long time to download all the
headers in this folder - so that we can do folder notifications synchronously instead of asynchronously.
... methods startfolderloading() void startfolderloading(); endfolderloading() void endfolderloading(); updatefolder() get new
headers for the database.
nsIMsgHeaderParser
usernames); astring makefulladdress(in astring aname, in astring aaddress); string makefulladdressstring(in string aname, in string aaddress); wstring makefulladdresswstring(in wstring name, in wstring addr); obsolete since gecko 1.9 void parseheaderaddresses(in string line, out string names, out string addresses, out pruint32 numaddresses); void parse
headerswitharray(in wstring aline, [array, size_is(count)] out wstring aemailaddresses, [array, size_is(count)] out wstring anames, [array, size_is(count)] out wstring afullnames, [retval] out unsigned long count); void reformatheaderaddresses(in string line, out string reformattedaddress); wstring reformatunquotedaddresses(in wstring line); void removeduplicateaddresses(in str...
... exceptions thrown missing exception missing description parse
headerswitharray() void parse
headerswitharray( in wstring aline, [array, size_is(count)] out wstring aemailaddresses, [array, size_is(count)] out wstring anames, [array, size_is(count)] out wstring afullnames, [retval] out unsigned long count ); parameters aline the header line to parse.
nsIUploadChannel
history here is that we need to support both streams that already have
headers (for example, content-type and content-length) information prepended to the stream (by plugins) as well as clients (composer, uploading application) that want to upload data streams without any knowledge of protocol specifications.
...acontenttype if acontenttype is empty, the protocol will assume that no content
headers are to be added to the uploaded stream and that any required
headers are already encoded in the stream.
XPCOM
unless otherwise noted you register for the topics using the nsiobserverservice.setting http request
headershttp is one of the core technologies behind the web.
... in addition to the actual content, some important information is passed with http
headers for both http requests and responses.storagestorage is a sqlite database api.
MailNews Filters
for imap, we tend to initiate the urls synchronously, but because we don't run two urls simultaneously on the same folder, the urls don't run until we've finished downloading
headers.
... after the fact filters these are one or more filters run on one or more folders *after* the
headers have been downloaded.
Message Interfaces
nsimsghdr nsimsghdr - this interface describes
headers for all mail messages.
...nsimsgdbhdr nsimsgdbhdr - this interface describes
headers for mail messages.
Tips - Firefox Developer Tools
when a request is selected click "edit and resend" to modify its
headers and send it again.
... storage inspector right-click the column
headers to open a menu allowing to toggle the display of the columns.
Fetch API - Web APIs
set-cookie
headers from other sites are silently ignored.
...
headers represents response/request
headers, allowing you to query them and take different actions depending on the results.
ProgressEvent() - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not
headers and other overhead.
...when downloading a resource using http, this only represent the content itself, not
headers and other overhead.
ProgressEvent.initProgressEvent() - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not
headers and other overhead.
...when downloading a resource using http, this only represent the content itself, not
headers and other overhead.
ProgressEvent - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not
headers and other overhead.
...when downloading a resource using http, this only represent the content itself, not
headers and other overhead.
RTCIceCandidatePairStats.bytesReceived - Web APIs
the rtcicecandidatepairstats property bytesreceived indicates the total number of payload bytes—that is, bytes which aren't overhead such as
headers or padding—that hve been received to date on the connection described by the candidate pair.
...only data bytes are counted; overhead such as padding,
headers, and the like are not included in this count.
RTCIceCandidatePairStats.bytesSent - Web APIs
the rtcicecandidatepairstats property bytessent indicates the total number of payload bytes—that is, bytes which aren't overhead such as
headers or padding—that hve been sent so far on the connection described by the candidate pair.
...only data bytes are counted; overhead such as padding,
headers, and the like are not included in this count.
RTCIceCandidatePairStats - Web APIs
bytesreceieved optional the total number of payload bytes received (that is, the total number of bytes received minus any
headers, padding, or other administrative overhead) on this candidate pair so far.
... bytessent optional the total number of payload bytes sent (that is, the total number of bytes sent minus any
headers, padding, or other administrative overhead) so far on this candidate pair.
ReadableStream.cancel() - Web APIs
var searchterm = "service workers"; // chars to show either side of the result in the match var contextbefore = 30; var contextafter = 30; var caseinsensitive = true; var url = 'https://html.spec.whatwg.org/'; console.log(`searching '${url}' for '${searchterm}'`); fetch(url).then(response => { console.log('received
headers'); var decoder = new textdecoder(); var reader = response.body.getreader(); var tomatch = caseinsensitive ?
...does the response lack cors
headers?"); throw err; }); specifications specification status comment streamsthe definition of 'cancel()' in that specification.
Request.cache - Web APIs
fetch("some.json", {cache: "reload"}) .then(function(response) { /* consume the response */ }); // download a resource with cache busting when dealing with a // properly configured server that will send the correct etag // and date
headers and properly handle if-modified-since and // if-none-match request
headers, therefore we can rely on the // validation to guarantee a fresh response.
... ({status: 504}) : // workaround for chrome; which simply fails with a typeerror promise.reject(e)) .then(res => { if (res.status === 504) { controller.abort() controller = new abortcontroller(); return fetch("some.json", {cache: "force-cache", mode: "same-origin", signal: controller.signal}) } const date = res.
headers.get("date"), dt = date ?
Response - Web APIs
properties response.
headers read only the
headers object associated with the response.
... response.trailers a promise resolving to a
headers object, associated with the response with response.
headers for values of the http trailer header.
Using XMLHttpRequest - Web APIs
get last modified date function getheadertime () { console.log(this.getresponseheader("last-modified")); /* a valid gmtstring date or null */ } var oreq = new xmlhttprequest(); oreq.open("head" /* use head if you only need the
headers!
...h)); var nlastmodif = date.parse(this.getresponseheader("last-modified")); if (isnan(nlastvisit) || nlastmodif > nlastvisit) { window.localstorage.setitem('lm_' + this.filepath, date.now()); isfinite(nlastvisit) && this.callback(nlastmodif, nlastvisit); } } function ifhaschanged(surl, fcallback) { var oreq = new xmlhttprequest(); oreq.open("head" /* use head - we only need the
headers!
XMLHttpRequest.withCredentials - Web APIs
the xmlhttprequest.withcredentials property is a boolean that indicates whether or not cross-site access-control requests should be made using credentials such as cookies, authorization
headers or tls client certificates.
...the third-party cookies obtained by setting withcredentials to true will still honor same-origin policy and hence can not be accessed by the requesting script through document.cookie or from response
headers.
ARIA: table role - Accessibility
role="row" a row within the table, and optionally within a rowgroup, that is a container for one or more cells, column
headers, or row
headers.
...the columns are sortable, but not currently sorted, as indicated by the aria-sort property on the column
headers.
WAI-ARIA Roles - Accessibility
a row contains one or more cells, grid cells or column
headers, and possibly a row header, within a grid, table or treegrid, and optionally within a rowgroup.aria: rowgroup rolean element with role="rowgroup" is a group of rows within a tabular structure.
... a rowgroup contains one or more rows of cells, grid cells, column
headers, or row
headers within a grid, table or treegrid.aria: search rolethe search landmark role is used to identify a section of the page used to search the page, site, or collection of sites.aria: suggestion rolethe suggestion landmark role semantically denotes a single proposed change to an editable document.
Accessibility documentation index - Accessibility
a row contains one or more cells, grid cells or column
headers, and possibly a row header, within a grid, table or treegrid, and optionally within a rowgroup.
...a rowgroup contains one or more rows of cells, grid cells, column
headers, or row
headers within a grid, table or treegrid.
Viewport concepts - CSS: Cascading Style Sheets
sticky
headers or footers, with the following styles, will stick to the top and bottom of the layout viewport respectively.
... sticky
headers or footers, as discussed above, stick to the top and bottom of the layout viewport, and therefore remain in view when we zoom in with the keyboard.
<th> - HTML: Hypertext Markup Language
the exact nature of this group is defined by the scope and
headers attributes.
...
headers this attribute contains a list of space-separated strings, each corresponding to the id attribute of the <th> elements that apply to this element.
MIME types (IANA media types) - HTTP
each part is its own entity with its own http
headers, content-disposition, and content-type for file uploading fields.
... content-type: multipart/form-data; boundary=aboundarystring (other
headers associated with the multipart document as a whole) --aboundarystring content-disposition: form-data; name="myfile"; filename="img.jpg" content-type: image/jpeg (data) --aboundarystring content-disposition: form-data; name="myfield" (data) --aboundarystring (more subparts) --aboundarystring-- the following <form>: <form action="http://localhost:8000/" method="post" enctype="multipart/form-data"> <label>name: <input name="mytextfield" value="test"></label> <label><input type="checkbox" name="mycheckbox"> check</label> <label>upload file: <input type="file" name="myfile" value="test.txt"></label> <button>send the file</button> </form> will send this message: post / http/1.1 host: localhost:8000 user-agent: ...
Basics of HTTP - HTTP
on top of these basic concepts, numerous extensions have been developed over the years that add updated functionality and semantics with new http methods or
headers.
... content negotiation http introduces a set of
headers, starting with accept as a way for a browser to announce the format, language, or encoding it prefers.
Reason: CORS header 'Access-Control-Allow-Origin' missing - HTTP
to allow any site to make cors requests without using the * wildcard (for example, to enable credentials), your server must read the value of the request's origin header and use that value to set access-control-allow-origin, and must also set a vary: origin header to indicate that some
headers are being set dynamically depending on the origin.
... the exact directive for setting
headers depends on your web server.
Content Security Policy (CSP) - HTTP
this article explains how to construct such
headers properly, and provides examples.
...the policy specified in content-security-policy
headers is enforced while the content-security-policy-report-only policy generates reports but is not enforced.
Accept-CH-Lifetime - HTTP
the accept-ch-lifetime header is set by the server to specify the persistence of accept-ch header value that specifies for which client hints
headers client should include in subsequent requests.
...accept-ch and accept-ch-lifetime
headers should be persisted for all secure requests to ensure client hints are sent reliably.
Accept-CH - HTTP
the accept-ch header is set by the server to specify which client hints
headers a client should include in subsequent requests.
...accept-ch and accept-ch-lifetime
headers should be persisted for all secure requests to ensure client hints are sent reliably.
Device-Memory - HTTP
server has to opt in to receive device-memory header from the client by sending accept-ch and accept-ch-lifetime response
headers.
... device-memory: <number> examples server first needs to opt in to receive device-memory header by sending the response
headers accept-ch containing device-memory and accept-ch-lifetime.
Link - HTTP
the http link entity-header field provides a means for serialising one or more links in http
headers.
...k: https://bad.example; rel="preconnect" specifying multiple links you can specify multiple links separated by commas, for example: link: <https://one.example.com>; rel="preconnect", <https://two.example.com>; rel="preconnect", <https://three.example.com>; rel="preconnect" specifications specification status comments rfc 8288, section 3: link serialisation in http
headers ietf rfc rfc 5988, section 5: the link header field ietf rfc initial definition ...
Vary - HTTP
the vary http response header determines how to match future request
headers to decide whether a cached response can be used rather than requesting a fresh one from the origin server.
... it is used by the server to indicate which
headers it used when selecting a representation of a resource in a content negotiation algorithm.
X-Content-Type-Options - HTTP
the x-content-type-options response http header is a marker used by the server to indicate that the mime types advertised in the content-type
headers should not be changed and be followed.
...make sure to set both
headers correctly.
HEAD - HTTP
the http head method requests the
headers that would be returned if the head request's url was instead requested with the http get method.
...if it has one anyway, that body must be ignored: any entity
headers that might describe the erroneous body are instead assumed to describe the response which a similar get request would have received.
Proxy servers and tunneling - HTTP
a common way to disclose this information is by using the following http
headers: the standardized header: forwarded contains information from the client-facing side of proxy servers that is altered or lost when a proxy is involved in the path of the request.
... via added by proxies, both forward and reverse proxies, and can appear in the request
headers and the response
headers.
406 Not Acceptable - HTTP
the hypertext transfer protocol (http) 406 not acceptable client error response code indicates that the server cannot produce a response matching the list of acceptable values defined in the request's proactive content negotiation
headers, and that the server is unwilling to supply a default representation.
... proactive content negotiation
headers include: accept accept-charset accept-encoding accept-language in practice, this error is very rarely used.
412 Precondition Failed - HTTP
this happens with conditional requests on methods other than get or head when the condition defined by the if-unmodified-since or if-none-match
headers is not fulfilled.
... status 412 precondition failed examples etag: "33a64df551425fcc55e4d42a148795d9f25f89d4" etag: w/"0815" avoiding mid-air collisions with the help of the etag and the if-match
headers, you can detect mid-air edit collisions.
How to make PWAs re-engageable using Notifications and Push - Progressive web apps (PWAs)
fetch('./register', { method: 'post',
headers: { 'content-type': 'application/json' }, body: json.stringify({ subscription: subscription }), }); then the globaleventhandlers.onclick function on the subscribe button is defined: document.getelementbyid('doit').onclick = function() { const payload = document.getelementbyid('notification-payload').value; const delay = document.getelementbyid('notification-de...
...lay').value; const ttl = document.getelementbyid('notification-ttl').value; fetch('./sendnotification', { method: 'post',
headers: { 'content-type': 'application/json' }, body: json.stringify({ subscription: subscription, payload: payload, delay: delay, ttl: ttl, }), }); }; when the button is clicked, fetch asks the server to send the notification with the given parameters: payload is the text that to be shown in the notification, delay defines a delay in seconds until the notification will be shown, and ttl is the time-to-live setting that keeps the notification available on the server for a specified amount of time, also defined in seconds.
page-worker - Archive of obsolete content
for example, this add-on loads a page from wikipedia, and runs a content script in it to send all the
headers back to the main add-on code: var pageworkers = require("sdk/page-worker"); // this content script sends header titles from the page to the add-on: var script = "var elements = document.queryselectorall('h2 > span'); " + "for (var i = 0; i < elements.length; i++) { " + " postmessage(elements[i].textcontent) " + "}"; // create a page worker that loads wik...
tabs - Archive of obsolete content
this may come from http
headers or other sources of mime information, and might be affected by automatic type conversions performed by either the browser or extensions.
In-Depth - Archive of obsolete content
button, checkbox-container, checkbox, dialog, dualbutton, dualbutton-dropdown, listbox, menu, menulist-textfield, menulist-button, menulist, menulist-text, progressbar, progresschunk, radio-container, radio, resizer, resizerpanel, separator, scrollbar, statusbar, statusbarpanel, toolbarbutton, toolbox, toolbar, treeheadercell, tree
headersortarrow, treeview, treeitem, treetwisty, treetwistyopen, tooltip, textfield, tabpanels, tab, tab-left-edge, tab-right-edge, scrollbartrack-horizontal, scrollbartrack-vertical, scrollbarthumb-vertical, scrollbarthumb-horizontal, scrollbarbutton-right, scrollbarbutton-down, scrollbarbutton-left, scrollbarbutton-up, scrollbargripper-vertical, scrollbargripper-horizontal -moz-border-bottom-colors def...
Using SOAP in XULRunner 1.9 - Archive of obsolete content
< req.setrequestheader("soapserver", soapclient.soapserver); < req.setrequestheader("soapaction", soapreq.action); < } < }); --- > var xhr = new xmlhttprequest(); > xhr.mozbackgroundrequest = true; > xhr.open('post', soapclient.proxy, true); > xhr.onreadystatechange = function() { > if (4 != xhr.readystate) { return; } > getresponse(xhr); > }; > var
headers = { > 'method': 'post', > 'content-type': soapclient.contenttype + '; charset="' + > soapclient.charset + '"', > 'content-length': soapclient.contentlength, > 'soapserver': soapclient.soapserver, > 'soapaction': soapreq.action > }; > for (var h in
headers) { xhr.setrequestheader(h,
headers[h]); } > xhr.send(content); ...
NSPR Release Engineering Guide - Archive of obsolete content
ub_release_x_y_z_beta beta release checkout a whole new tree using the tag from above build all targets, debug and optimized on all platforms using the command: gmake release mdist=<dir>/mdist build_number=vx.y.z [build_opt=1 | use_debug_rtl=1] copy the bits from mdist to /share/builds/components/nspr20/.vx.y.z 1 run explode.pl run the test suite on all targets, using binaries &
headers from shipped bits resolve testing anomalies tag the tree with nsprpub_release_x_y[_z] release candidate checkout a whole new tree using tag (including fixes) tag the treey with nsprpub_release_x_y_z build all targets, debug and optimized on all platforms using the command: gmake release mdist=<dir>/mdist build_number=vx.y.z [build_opt=1 | use_debug_rtl=1] copy the bits from ...
Obsolete: XPCOM-based scripting for NPAPI plugins - Archive of obsolete content
the following html code will do the job:</p> this should be changed, we shouldn't advocate embed <embed type="application/plugin-mimetype"> <script language="javascript"> var embed = document.embeds[0]; embed.nativemethod(); </script> how to build and install having the built mozilla tree is probably not necessary, but building the plugin with a scriptable instance interface will require mozilla
headers and the xpcom compatible idl compiler -- xpidl.exe.
Gecko FAQ - Gecko Redirect 1
by the end of calendar year 2000, gecko is expected to support the following recommended open internet standards fully except for the areas noted below and open bugs documented in bugzilla: html 4.0 - full support except for: elements: bdo, basefont attributes: shape attribute on the a element, abbr, axis,
headers, scope-row, scope-col, scope-rowgroup, scope-colgroup, charoff, datasrc, datafld, dataformat, datapagesize, summary, event, dir, align on table columns, label attribute of option, alternate text of area elements, longdesc various metadata attributes: cite, datetime, lang, hreflang bidirectional text layout, which is only used in hebrew and arabic (ibm has begun work to add bidi support in a...
Prefetch - MDN Web Docs Glossary: Definitions of Web-related terms
the prefetch hints are sent in http
headers: link: ; rel=dns-prefetch, ; as=script; rel=preload, ; rel=prerender, ; as=style; rel=preload prefetch attribute value browsers will prefetch content when the prefetch <link> tag directs it to, giving the developer control over what resources should be prefetched.
Introduction to CSS layout - Learn web development
table layout html tables are fine for displaying tabular data, but many years ago — before even basic css was supported reliably across browsers — web developers used to also use tables for entire web page layouts — putting their
headers, footers, different columns, etc.
Sending forms through JavaScript - Learn web development
something went wrong.' ); } ); // set up our request xhr.open( 'post', 'https://example.com/cors.php' ); // send our formdata object; http
headers are set automatically xhr.send( fd ); } btn.addeventlistener( 'click', function() { senddata( {test:'ok'} ); } ) here's the live result: using formdata bound to a form element you can also bind a formdata object to an <form> element.
Command line crash course - Learn web development
let's also look at the
headers that developer.mozilla.org returns using curl's -i flag, and print all the location redirects it sends to the terminal, by piping the output of curl into grep (we will ask grep to return all the lines that contain the word "location").
Gecko info for Windows accessibility vendors
unique features role_table html: <table> dhtml: role="wairole:grid" (in this case state_focusable is set) accname is supported via <caption> first child of table or summary attribute role_columnheader xul: tree column
headers html: <th> dhtml: role="wairole:colheader" role_rowheader dhtml: role="wairole:rowheader" role_column not supported.
Creating Sandboxed HTTP Connections
in order to manipulate cookies, the nsichannel needs to be converted into a nsihttpchannel by using queryinterface (qi): var httpchannel = asubject.queryinterface(components.interfaces.nsihttpchannel); cookies are actually part of the http header, nsihttpchannel provides four methods for working with
headers: two for getting and setting request
headers, and two for getting and setting response
headers.
Old Thunderbird build
to build on windows, please read the prerequisites so you don't skip preparing the mapi
headers needed to compile thunderbird.
Simple Thunderbird build
windows build prerequisites gnu/linux build prerequisites macos build prerequisites mapi
headers on windows: check that the mapi header files from https://www.microsoft.com/en-us/download/details.aspx?id=12905 are installed because the mapi header files (except mapi.h) are not bundled with visual studio 2017 (windows sdk 10).
Embedding Tips
for example, if you wanted to check the server response
headers, you might check onstatechange for state_start | state_is_request flags, and from the nsirequest argument qi fornsihttpchanne and call methods on that to determine response codes and other information from the server.
Mozilla Web Services Security Model
soap soap requests without verification
headers soapv soap requests with verification
headers the from attribute the from attribute on the allow element says which calling sites the allow element applies to.
NSPR Contributor Guide
generally useful platform abstractions you agree to sustain, bug fix may rely on the nspr api may not rely on any other library api new platform ports all nspr api items must be implemented platform specific
headers in pr/include/md/_platformname.[h!cfg] platform specific code in pr/src/md/platform/*.c make rules in config/_platform.mk documentation the files for nspr's documentation are maintained using a proprietary word processing system [don't ask].
Logging
to enable nspr logging and/or the debugging aids in your application, compile using the nspr debug build
headers and runtime.
Function_Name
syntax #include <
headers.h> returntype function_name( paramtype paramname, paramtype paramname, ); parameters paramname sample: in pointer to a certcertdbhandle representing the certificate database to look in paramname sample: in pointer to an secitem whose type must be sidercertbuffer and whose data contains a der-encoded certificate description long description of this function, what it does, and why you would use it.
NSS_3.12.1_release_notes.html
ed pkcs#11 object attribute values bug 434187: fix the gcc compiler warnings in nss/lib bug 434398: libpkix cannot find issuer cert immediately after checking it with ocsp bug 434808: certutil -b deadlock when importing two or more roots bug 434860: coverity 1150 - dead code in ocsp_createcertid bug 436428: remove unneeded assert from sec_pkcs7encryptlength bug 436430: make nss public
headers compilable with no_nspr_10_support defined bug 436577: uninitialized variable in sec_pkcs5createalgorithmid bug 438685: libpkix doesn't try all the issuers in a bridge with multiple certs bug 438876: signtool is still using static libraries.
NSS 3.12.6 release notes
x_hash throws a null-argument exception on empty strings bug 530907: the peerid argument to ssl_setsockpeerid should be declared const bug 531188: decompression failure with https://livechat.merlin.pl/ bug 532417: build problem with spaces in path names bug 534943: clean up the makefiles in lib/ckfw/builtins bug 534945: lib/dev does not need to include
headers from lib/ckfw bug 535669: move common makefile code in if and else to the outside bug 536023: der_utctimetotime and der_generalizedtimetotime ignore all bytes after an embedded null bug 536474: add support for logging pre-master secrets bug 537356: implement new safe ssl3 & tls renegotiation bug 537795: nss_initcontext does not work with nss_registersh...
NSS_3.12_release_notes.html
7: libpkix does not use user defined revocation checkers bug 407064: pkix_pl_ldapcertstore_buildcrllist should not fail if a crl fails to be decoded bug 421216: libpkix test nss_thread leaks a test certificate bug 301259: signtool usage message is unhelpful bug 389781: nss should be built size-optimized in browser builds on linux, windows, and mac bug 90426: use of obsolete typedefs in public nss
headers bug 113323: the first argument to pk11_findcertfromnickname should be const.
NSS Sample Code Sample_1_Hashing
sample code 1 /* nspr
headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> /* nss
headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha1 }, { "sha256", sec_oid_sha256 }, { "sha384", sec_oid_sha384 }, { "sha512", sec_oid_sha512 } }; /* * maps a hash name to a secoidtag.
NSS Sample Code Sample_2_Initialization of NSS
sample code 1 /* nspr
headers */ #include <prthread.h> #include <plgetopt.h> #include <prprf.h> /* nss
headers */ #include <nss.h> #include <pk11func.h> #include "util.h" /* print a usage message and exit */ static void usage(const char *progname) { fprintf(stderr, "\nusage: %s -d <dbdirpath> [-p <plainpasswc>]" " [-f <passwdffile>]\n\n", progname); fprintf(stderr, "%-15s specify a db directory path\n\n", "-d <dbdirpath>"); fprintf(stderr, "%-15s specify a plaintext password\n\n", "-p <plainpasswc>"); fprintf(stderr, "%-15s specify a password file\n\n",...
NSS Sample Code Utilities_1
ii) { /* first convert ascii to binary */ secitem filedata; char *asc, *body; /* read in ascii data */ rv = filetoitem(&filedata, infile); asc = (char *)filedata.data; if (!asc) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(asc, "-----begin")) != null) { char *trailer = null; asc = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(asc, '\r'); /* maybe this is a mac file */ if (body) trailer = strstr(++body, "-----end"); if (trailer != nul...
Hashing - sample 1
*/ /* nspr
headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> /* nss
headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> #include <nss.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha...
Utilities for nss samples
ii) { /* first convert ascii to binary */ secitem filedata; char *asc, *body; /* read in ascii data */ rv = filetoitem(&filedata, infile); asc = (char *)filedata.data; if (!asc) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(asc, "-----begin")) != null) { char *trailer = null; asc = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(asc, '\r'); /* maybe this is a mac file */ if (body) trailer = strstr(++body, "-----end"); if (trailer != nul...
sample1
/* nspr
headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> #include <prprf.h> /* nss
headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha1 }, { "sha256", sec_oid_sha256 }, { "sha384", sec_oid_sha384 }, { "sha512", sec_oid_sha512 } }; /* maps a hash name to a secoidtag.
sslerr.html
sec_error_cert_addr_mismatch -8100 address in signing certificate does not match address in message
headers.
NSS Tools cmsutil
-h num generate email
headers with info about cms message (decode only).
Installing Pork
elsa (the c++ parser in pork) has a hard time with some of the new features used in later gcc c++
headers.
SpiderMonkey 1.8.8
including jsapi.h provides all these types, but more-specific
headers also provide these types if you wish to use them in other code.
SpiderMonkey 17
including jsapi.h provides all these types, but more-specific
headers also provide these types if you wish to use them in other code.
ROLE_TABLE
« gecko roles page represents a table that contains rows and columns of cells, and optionally, row
headers and column
headers.
Gecko Roles
role_table represents a table that contains rows and columns of cells, and optionally, row
headers and column
headers.
XPCOM Stream Guide
nsconverterinputstream @mozilla.org/intl/converter-input-stream;1 nsiconverterinputstream .init(stream, charset, buffersize, replacechar) mime separate
headers from data.
How to build a binary XPCOM component using Visual Studio
then make the following tweaks: add "..\gecko-sdk\include" to additional include directories add "..\gecko-sdk\lib" to additional library directories add "nspr4.lib xpcom.lib xpcomglue_s.lib" to additional dependencies add "xp_win;xp_win32″ to preprocessor definitions turn off precompiled
headers (just to keep it simple) use a custom build step for the xpcom idl file (spawns xpidl-build.bat to process the idl with mozilla toolset, not midl) vc++ express project: xpcom-test.zip note: the project uses xpcom_glue.
Monitoring HTTP activity
these include the ability to monitor outgoing http request
headers and bodies as well as incoming http
headers and complete http transactions.
nsIChannel
for example, queryinterfacing to nsihttpchannel allows response
headers to be retrieved for the corresponding http transaction.
nsIDOMProgressEvent
this doesn't include
headers and other overhead, but only the content itself.
nsIFeedResult
headers nsiproperties the http response
headers that accompanied the feed.
nsIHTTPHeaderListener
modules/plugin/base/public/nsihttpheaderlistener.idlscriptable this interface allows plugin authors to access http response
headers after issuing an nsipluginhost.geturl or nsipluginhost.posturl call.
nsIHttpActivityObserver
observers can look at request
headers in aextrastringdata activity_subtype_request_body_sent 0x5002 the http request's body has been sent.
nsIHttpChannelInternal
setcookie() helper method to set a cookie with a consumer-provided cookie header, but using the channel's other information (uri's, prompters, date
headers and so on.).
nsIMIMEInputStream
netwerk/base/public/nsimimeinputstream.idlscriptable the mime stream separates
headers and a datastream.
nsIMsgCompFields
(bug 249530) newsgroups astring newshost char * newsposturl char * organization astring otherrandom
headers astring no longer exists - see https://groups.google.com/forum/#!topic/mozilla.dev.apps.thunderbird/s4ofmm8_b28 priority char * receiptheadertype print32 references char * replyto astring securityinfo nsisupports subject astring templatename astring temporaryfiles ...
nsIMsgDatabase
in nsmsglabelvalue label); setstringproperty() void setstringproperty(in nsmsgkey akey, in string aproperty, in string avalue); markimapdeleted() void markimapdeleted(in nsmsgkey key, in boolean deleted, in nsidbchangelistener instigator); applyretentionsettings() purge unwanted message
headers and/or bodies.
nsIMsgFilter
alue value, out boolean booleanand, out acstring arbitraryheader ) appendterm() void nsimsgfilter::appendterm (in nsimsgsearchterm term) createterm() nsimsgsearchterm nsimsgfilter::createterm ( ) matchhdr() void nsimsgfilter::matchhdr ( in nsimsgdbhdr msghdr, in nsimsgfolder folder, in nsimsgdatabase db, in string
headers, in unsigned long
headersize, out boolean result ) logrulehit() void nsimsgfilter::logrulehit ( in nsimsgruleaction afilteraction, in nsimsgdbhdr aheader ) createaction() nsimsgruleaction nsimsgfilter::createaction ( ) getactionat() nsimsgruleaction nsimsgfilter::getactionat (in long aindex) appendaction() void nsimsgfilter::appendaction (in nsimsgrul...
nsIMsgSearchTerm
this is a property of the nsimsgdbhdr, and may have * nothing to do the message
headers, e.g., gloda-id.
nsIMsgWindow
msg
headersink nsimsg
headersink this allows the backend code to send message header information to the ui.
nsIRequest
this means that things like authorization tokens or cookie
headers should not be added.
nsIScriptError
hrome registration" "xbl" "xbl prototype handler" "xbl content sink" "xbl javascript" "frameconstructor" categories the web console displays "hudconsole" "css parser" "css loader" "content javascript" "dom events" "dom:html" "dom window" "svg" "imagemap" "html" "canvas" "dom3 load" "dom" "malformed-xml" "dom worker javascript" "mixed content blocker" "csp" "invalid hsts
headers" "insecure password field" see also using the web console error console nsiconsolemessage nsiscripterror2 ...
nsMsgSearchAttrib
const nsmsgsearchattribvalue label = 48; /* mail only...can search by label */ const nsmsgsearchattribvalue hdrproperty = 49; // uses nsimsgsearchterm::hdrproperty const nsmsgsearchattribvalue folderflag = 50; // uses nsimsgsearchterm::status const nsmsgsearchattribvalue uint32hdrproperty = 51; // uses nsimsgsearchterm::hdrproperty // 52 is for showing customize - in ui
headers start from 53 onwards up until 99.
nsMsgSearchScope
const nsmsgsearchscopevalue news = 5; const nsmsgsearchscopevalue newsex = 6; const nsmsgsearchscopevalue ldap = 7; const nsmsgsearchscopevalue localab = 8; const nsmsgsearchscopevalue allsearchablegroups = 9; const nsmsgsearchscopevalue newsfilter = 10; const nsmsgsearchscopevalue localaband = 11; const nsmsgsearchscopevalue ldapand = 12; // imap and news, searched using local
headers const nsmsgsearchscopevalue onlinemanual = 13; /// local news + junk const nsmsgsearchscopevalue localnewsjunk = 14; /// local news + body const nsmsgsearchscopevalue localnewsbody = 15; /// local news + junk + body const nsmsgsearchscopevalue localnewsjunkbody = 16; }; ...
XPCOM Interface Reference
amnsimacdocksupportnsimarkupdocumentviewernsimemorynsimemorymultireporternsimemorymultireportercallbacknsimemoryreporternsimemoryreportermanagernsimenuboxobjectnsimessagebroadcasternsimessagelistenernsimessagelistenermanagernsimessagesendernsimessagewakeupservicensimessengernsimicrosummarynsimicrosummarygeneratornsimicrosummaryobservernsimicrosummaryservicensimicrosummarysetnsimimeconverternsimime
headersnsimodulensimsgaccountnsimsgaccountmanagerextensionnsimsgcompfieldsnsimsgcustomcolumnhandlernsimsgdbhdrnsimsgdbviewnsimsgdbviewcommandupdaternsimsgdatabasensimsgfilternsimsgfiltercustomactionnsimsgfilterlistnsimsgfoldernsimsgheaderparsernsimsgidentitynsimsgincomingservernsimsgmessageservicensimsgprotocolinfonsimsgruleactionnsimsgsearchcustomtermnsimsgsearchnotifynsimsgsearchscopetermnsimsgsearchse...
Using the Gecko SDK
the sdk contains
headers for all of the frozen interfaces and functions, and it also contains
headers for classes and functions defined in the glue libraries.
Xptcall Porting Guide
the tree mozilla/xpcom/reflect/xptcall +--public // exported
headers +--src // core source | \--md // platform specific parts | +--mac // mac ppc | +--unix // all unix | \--win32 // win32 | +--test // simple tests to get started \--tests // full tests via api porters are free to create subdirectories under the base md directory for their given platforms and to integrate into the build system as appropriate for their platform...
xpidl
the xpidl compiler is now part of the build process, allowing us to generate
headers used by the xpcom components.
XPIDL
resources (mostly outdated) some unsorted notes including a keyword list xpidl is a tool for generating c++
headers, java interfaces, xpconnect typelibs, and html documentation from xpidl files generating xpt files on windows a google groups post with instructions on how to use variable-length argument lists using xpidl.
MailNews fakeserver
getarticle message id newsarticle object pretty self-explanatory newsarticle api name arguments returns notes [constructor] text (as a string) n/a initializes all fields
headers (property) map of header (lower-case) -> value body (property) text of body messageid (property) message id fulltext (property) full text as message without modification except added
headers.
Spam filtering
to analyze a message for spam, we need the entire message, not just the
headers.
Create Custom Column
the customdb
headers preference article provides information on a preference setting that exposes custom header data for use in a custom column within thunderbird's main view.
Filter Incoming Mail
by example, setting it to lower case subject = subject.tolocalelowercase(); // then we rebuild a subject objet by rencoding the string // and assign it to the message
headers and we're done amsghdr.subject = mimeconvert.encodemimepartiistr_utf8(subject, false, "utf-8", 0, 72); } } }; function init() { var notificationservice = components.classes["@mozilla.org/messenger/msgnotificationservice;1"] .getservice(components.interfaces.nsimsgfoldernotificationservice); notificationservice.addlistener(newmaillistener, notificationservice.msgadded); ...
Folders and message lists
if a collapsed thread is in there and working with collapsed threads is enabled, this will include the
headers for the messages in that collapsed thread.
Constants - Plugins
npvers_has_response_
headers 17 npstreams have response
headers for http streams.
Cache.keys() - Web APIs
note: requests with duplicate urls but different
headers can be returned if their responses have the vary header set on them.
Cache.match() - Web APIs
if (event.request.method === 'get' && event.request.
headers.get('accept').indexof('text/html') !== -1) { console.log('handling fetch event for', event.request.url); event.respondwith( fetch(event.request).catch(function(e) { console.error('fetch failed; returning offline page instead.', e); return caches.open(offline_cache).then(function(cache) { return cache.match(offline_url); }); }) ); } }); ...
Document.contentType - Web APIs
this may come from http
headers or other sources of mime information, and might be affected by automatic type conversions performed by either the browser or extensions.
DocumentOrShadowRoot.styleSheets - Web APIs
examples function getstylesheet(unique_title) { for (var i=0; i<document.stylesheets.length; i++) { var sheet = document.stylesheets[i]; if (sheet.title == unique_title) { return sheet; } } } notes the returned list is ordered as follows: stylesheets retrieved from <link>
headers are placed first, sorted in header order.
Introduction to the DOM - Web APIs
every element in a document—the document as a whole, the head, tables within the document, table
headers, text within the table cells—is part of the document object model for that document, so they can all be accessed and manipulated using the dom and a scripting language like javascript.
GlobalEventHandlers.onerror - Web APIs
instead the error reported is simply "script error." this behavior can be overriden in some browsers using the crossorigin attribute on <script> and having the server send the appropriate cors http response
headers.
HTMLTableSectionElement - Web APIs
the htmltablesectionelement interface provides special properties and methods (beyond the htmlelement interface it also has available to it by inheritance) for manipulating the layout and presentation of sections, that is
headers, footers and bodies, in an html table.
The HTML DOM API - Web APIs
among the things added to document by the html standard are: support for accessing various information provided by the http
headers when loading the page, such as the location from which the document was loaded, cookies, modification date, referring site, and so forth.
MediaDevices.getUserMedia() - Web APIs
for example, this line in the http
headers will enable use of a camera for the document and any embedded <iframe> elements that are loaded from the same origin: feature-policy: camera 'self' this will request access to the microphone for the current origin and the specific origin https://developer.mozilla.org: feature-policy: microphone 'self' https://developer.mozilla.org if you're using getusermedia() within an <iframe>, you can req...
NavigatorID.userAgent - Web APIs
syntax var ua = navigator.useragent; value a domstring specifying the complete user agent string the browser provides both in http
headers and in response to this and other related methods on the navigator object.
performance.now() - Web APIs
starting with firefox 79, high resolution timers can be used if you cross-origin isolate your document using the cross-origin-opener-policy and cross-origin-embedder-policy
headers: cross-origin-opener-policy: same-origin cross-origin-embedder-policy: require-corp these
headers ensure a top-level document does not share a browsing context group with cross-origin documents.
PerformanceServerTiming - Web APIs
example given a server that sends the server-timing header, for example a node.js server like this: const http = require('http'); function requesthandler(request, response) { const
headers = { 'server-timing': ` cache;desc="cache read";dur=23.2, db;dur=53, app;dur=47.2 `.replace(/\n/g, '') }; response.writehead(200,
headers); response.write(''); return settimeout(_ => { response.end(); }, 1000) }; http.createserver(requesthandler).listen(3000).on('error', console.error); the performanceservertiming entries are now observable from javascript v...
ProgressEvent.loaded - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not
headers and other overhead.
ReadableStream - Web APIs
if (done) { // tell the browser that we have finished sending data controller.close(); return; } // get the data and send it to the browser via the controller controller.enqueue(value); push(); }); }; push(); } }); return new response(stream, {
headers: { "content-type": "text/html" } }); }); specifications specification status comment streamsthe definition of 'readablestream' in that specification.
ReadableStreamDefaultReader - Web APIs
if (done) { // tell the browser that we have finished sending data controller.close(); return; } // get the data and send it to the browser via the controller controller.enqueue(value); push(); }); }; push(); } }); return new response(stream, {
headers: { "content-type": "text/html" } }); }); specifications specification status comment streamsthe definition of 'readablestreamdefaultreader' in that specification.
Request - Web APIs
request.
headers read only contains the associated
headers object of the request.
Response() - Web APIs
headers: any
headers you want to add to your response, contained within a
headers object or object literal of bytestring key/value pairs (see http
headers for a reference).
Using the Screen Capture API - Web APIs
for example, this line in the http
headers will enable screen capture api for the document and any embedded <iframe> elements that are loaded from the same origin: feature-policy: display-capture 'self' if you're performing screen capture within an <iframe>, you can request permission just for that frame, which is clearly more secure than requesting a more general permission: <iframe src="https://mycode.example.net/etc" allow="display-...
ServiceWorkerGlobalScope: pushsubscriptionchange event - Web APIs
self.addeventlistener("pushsubscriptionchange", event => { event.waituntil(swregistration.pushmanager.subscribe(event.oldsubscription.options) .then(subscription => { return fetch("register", { method: "post",
headers: { "content-type": "application/json" }, body: json.stringify({ endpoint: subscription.endpoint }) }); }) ); }, false); when a pushsubscriptionchange event arrives, indicating that the subscription has expired, we resubscribe by calling the push manager's subscribe() method.
Storage Access API - Web APIs
scripts, images, stylesheets, etc.) will load with access to their first-party storage, which means they may send cookie
headers and honor incoming set-cookie
headers.
window.postMessage() - Web APIs
shared memory is gated behind two http
headers: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) cross-origin-opener-policy: same-origin cross-origin-embedder-policy: require-corp to check if cross origin isolation has been successful, you can test against the crossoriginisolated property available to w...
Sending and Receiving Binary Data - Web APIs
var req = new xmlhttprequest(); req.open("post", url, true); // set
headers and mime-type appropriately req.setrequestheader("content-length", 741); req.sendasbinary(abody); line 4 sets the content-length header to 741, indicating that the data is 741 bytes long.
Web APIs
ptelement htmlselectelement htmlshadowelement htmlslotelement htmlsourceelement htmlspanelement htmlstyleelement htmltablecaptionelement htmltablecellelement htmltablecolelement htmltableelement htmltablerowelement htmltablesectionelement htmltemplateelement htmltextareaelement htmltimeelement htmltitleelement htmltrackelement htmlulistelement htmlunknownelement htmlvideoelement hashchangeevent
headers history hkdfparams hmacimportparams hmackeygenparams i idbcursor idbcursorsync idbcursorwithvalue idbdatabase idbdatabaseexception idbdatabasesync idbenvironment idbenvironmentsync idbfactory idbfactorysync idbindex idbindexsync idbkeyrange idblocaleawarekeyrange idbmutablefile idbobjectstore idbobjectstoresync idbopendbrequest idbrequest idbtransaction idbtransacti...
Using the presentation role - Accessibility
for example, a table used for layout purposes could have the presentation role applied to the table element to remove any semantic meaning from the table element and any of its table related children elements, such as table
headers and table data elements.
ARIA: cell role - Accessibility
a row contains one or more cells, grid cells, column
headers, or row
headers within a grid, table or treegrid, and optionally within a rowgroup.
:host() - CSS: Cascading Style Sheets
t span = document.createelement('span'); span.textcontent = this.textcontent; const shadowroot = this.attachshadow({mode: 'open'}); shadowroot.appendchild(style); shadowroot.appendchild(span); style.textcontent = 'span:hover { text-decoration: underline; }' + ':host-context(h1) { font-style: italic; }' + ':host-context(h1):after { content: " - no links in
headers!" }' + ':host-context(article, aside) { color: gray; }' + ':host(.footer) { color : red; }' + ':host { background: rgba(0,0,0,0.1); padding: 2px 5px; }'; the :host(.footer) { color : red; } rule styles all instances of the <context-span> element (the shadow host in this instance) in the document that have the footer class set on them �...
:host-context() - CSS: Cascading Style Sheets
t span = document.createelement('span'); span.textcontent = this.textcontent; const shadowroot = this.attachshadow({mode: 'open'}); shadowroot.appendchild(style); shadowroot.appendchild(span); style.textcontent = 'span:hover { text-decoration: underline; }' + ':host-context(h1) { font-style: italic; }' + ':host-context(h1):after { content: " - no links in
headers!" }' + ':host-context(article, aside) { color: gray; }' + ':host(.footer) { color : red; }' + ':host { background: rgba(0,0,0,0.1); padding: 2px 5px; }'; the :host-context(h1) { font-style: italic; } and :host-context(h1):after { content: " - no links in
headers!" } rules style the instance of the <context-span> element (the shadow host...
:host - CSS: Cascading Style Sheets
t span = document.createelement('span'); span.textcontent = this.textcontent; const shadowroot = this.attachshadow({mode: 'open'}); shadowroot.appendchild(style); shadowroot.appendchild(span); style.textcontent = 'span:hover { text-decoration: underline; }' + ':host-context(h1) { font-style: italic; }' + ':host-context(h1):after { content: " - no links in
headers!" }' + ':host-context(article, aside) { color: gray; }' + ':host(.footer) { color : red; }' + ':host { background: rgba(0,0,0,0.1); padding: 2px 5px; }'; the :host { background: rgba(0,0,0,0.1); padding: 2px 5px; } rule styles all instances of the <context-span> element (the shadow host in this instance) in the document.
:lang() - CSS: Cascading Style Sheets
/* selects any <p> in english (en) */ p:lang(en) { quotes: '\201c' '\201d' '\2018' '\2019'; } note: in html, the language is determined by a combination of the lang attribute, the <meta> element, and possibly by information from the protocol (such as http
headers).
Shapes From Images - CSS: Cascading Style Sheets
an image hosted on the same domain as your site should work, however if your images are hosted on a different domain such as on a cdn you should ensure that they are sending the correct
headers to enable them to be used for shapes.
Mozilla CSS extensions - CSS: Cascading Style Sheets
on-up scrollbar-small scrollbarthumb-horizontal scrollbarthumb-vertical scrollbartrack-horizontal scrollbartrack-vertical separator spinner spinner-downbutton spinner-textfield spinner-upbutton statusbar statusbarpanel tab tabpanels tab-scroll-arrow-back tab-scroll-arrow-forward textfield textfield-multiline toolbar toolbarbutton-dropdown toolbox tooltip treeheadercell tree
headersortarrow treeitem treetwisty treetwistyopen treeview window background-image gradients -moz-linear-gradient -moz-radial-gradient elements -moz-element sub-images -moz-image-rect() border-color -moz-use-text-colorobsolete since gecko 52 (removed in bug 1306214); use currentcolor instead.
inherit - CSS: Cascading Style Sheets
examples exclude selected elements from a rule /* make second-level
headers green */ h2 { color: green; } /* ...but leave those in the sidebar alone so they use their parent's color */ #sidebar h2 { color: inherit; } in this example the h2 elements inside the sidebar might be different colors.
Getting Started - Developer guides
note: if you're sending a request to a piece of code that will return xml, rather than a static html file, you must set response
headers to work in internet explorer.
Block formatting context - Developer guides
anonymous table cells implicitly created by the elements with display: table, table-row, table-row-group, table-header-group, table-footer-group (which is the default for html tables, table rows, table bodies, table
headers, and table footers, respectively), or inline-table.
XHTML - Developer guides
the following example shows an html document and corresponding "xhtml" document, and the accompanying http content-type
headers they should be served with.
Allowing cross-origin use of images and canvas - HTML: Hypertext Markup Language
consider the html5 boilerplate apache server configuration file for cors images, shown below: <ifmodule mod_setenvif.c> <ifmodule mod_
headers.c> <filesmatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$"> setenvif origin ":" is_cors header set access-control-allow-origin "*" env=is_cors </filesmatch> </ifmodule> </ifmodule> in short, this configures the server to allow graphic files (those with the extensions ".bmp", ".cur", ".gif", ".ico", ".jpg", ".jpeg", ".png", ".svg", ".svgz", and ".webp") to be accessed cross-...
CORS errors - HTTP
control-allow-origin’ is ‘*’ reason: did not find method in cors header ‘access-control-allow-methods’ reason: expected ‘true’ in cors header ‘access-control-allow-credentials’ reason: cors preflight channel did not succeed reason: invalid token ‘xyz’ in cors header ‘access-control-allow-methods’ reason: invalid token ‘xyz’ in cors header ‘access-control-allow-
headers’ reason: missing token ‘xyz’ in cors header ‘access-control-allow-
headers’ from cors preflight channel reason: multiple cors header ‘access-control-allow-origin’ not allowed ...
Connection management in HTTP/1.x - HTTP
the http
headers involved in defining the connection model, like connection and keep-alive, are hop-by-hop
headers with their values able to be changed by intermediary nodes.
List of default Accept values - HTTP
(source) safari, chrome text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 (source) safari 5 text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 this is an improvement over earlier accept
headers as it no longer ranks image/png above text/html internet explorer 8 image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/x-shockwave-flash, application/msword, */* see ie and the accept header (ieinternals' msdn blog).
Access-Control-Max-Age - HTTP
the access-control-max-age response header indicates how long the results of a preflight request (that is the information contained in the access-control-allow-methods and access-control-allow-
headers headers) can be cached.
CSP: base-uri - HTTP
examples meta tag configuration <meta http-equiv="content-security-policy" content="base-uri 'self'"> apache configuration <ifmodule mod_
headers.c> header set content-security-policy "base-uri 'self'"; </ifmodule> nginx configuration add_header content-security-policy "base-uri 'self';" violation case since your domain isn't example.com, a <base> element with its href set to https://example.com will result in a csp violation.
CSP: form-action - HTTP
examples meta tag configuration <meta http-equiv="content-security-policy" content="form-action 'none'"> apache configuration <ifmodule mod_
headers.c> header set content-security-policy "form-action 'none'; </ifmodule> nginx configuration add_header content-security-policy "form-action 'none';" violation case using a <form> element with an action set to inline javascript will result in a csp violation.
Content-Type - HTTP
<form action="/" method="post" enctype="multipart/form-data"> <input type="text" name="description" value="some text"> <input type="file" name="myfile"> <button type="submit">submit</button> </form> the request looks something like this (less interesting
headers are omitted here): post /foo http/1.1 content-length: 68137 content-type: multipart/form-data; boundary=---------------------------974767299852498929531610575 -----------------------------974767299852498929531610575 content-disposition: form-data; name="description" some text -----------------------------974767299852498929531610575 content-disposition: form-data; name="myfile"; filename="foo.t...
Date - HTTP
note that date is listed in the forbidden header names in the fetch spec - so this code will not send date header: fetch('https://httpbin.org/get', { '
headers': { 'date': (new date()).toutcstring() } }) header type general header forbidden header name yes syntax date: <day-name>, <day> <month> <year> <hour>:<minute>:<second> gmt directives <day-name> one of "mon", "tue", "wed", "thu", "fri", "sat", or "sun" (case-sensitive).
Digest - HTTP
examples digest: sha-256=x48e9qookqqrvdts8nojrjn3owduoywxbf7kbu9dbpe= digest: sha-256=x48e9qookqqrvdts8nojrjn3owduoywxbf7kbu9dbpe=,unixsum=30637 specifications specification title draft-ietf-httpbis-digest-
headers-latest resource digests for http this header was originally defined in rfc 3230, but the definition of "selected representation" in rfc 7231 made the original definition inconsistent with current http specifications.
ETag - HTTP
examples etag: "33a64df551425fcc55e4d42a148795d9f25f89d4" etag: w/"0815" avoiding mid-air collisions with the help of the etag and the if-match
headers, you can detect mid-air edit collisions.
Expect - HTTP
put /somewhere/fun http/1.1 host: origin.example.com content-type: video/h264 content-length: 1234567890987 expect: 100-continue the server now checks the request
headers and may respond with a 100 (continue) response to instruct the client to go ahead and send the message body, or it will send a 417 (expectation failed) status if any of the expectations cannot be met.
Forwarded - HTTP
the alternative and de-facto standard versions of this header are the x-forwarded-for, x-forwarded-host and x-forwarded-proto
headers.
Last-Modified - HTTP
conditional requests containing if-modified-since or if-unmodified-since
headers make use of this field.
Sec-Fetch-Dest - HTTP
sec-fetch-dest: audioworklet sec-fetch-dest: audioworklet values audio audioworklet document embed empty font image manifest object paintworklet report script serviceworker sharedworker style track video worker xslt nested-document examples todo specifications specification title fetch metadata request
headers the sec-fetch-dest http request header ...
Sec-Fetch-Mode - HTTP
cors-safelisted request header syntax sec-fetch-mode: cors sec-fetch-mode: navigate sec-fetch-mode: nested-navigate sec-fetch-mode: no-cors sec-fetch-mode: same-origin sec-fetch-mode: websocket values cors navigate nested-navigate no-cors same-origin websocket examples todo specifications specification title fetch metadata request
headers the sec-fetch-mode http request header ...
Sec-Fetch-Site - HTTP
examples todo specifications specification title fetch metadata request
headers the sec-fetch-site http request header ...
Sec-Fetch-User - HTTP
examples todo specifications specification title fetch metadata request
headers the sec-fetch-user http request header ...
Set-Cookie - HTTP
to send multiple cookies, multiple set-cookie
headers should be sent in the same response.
Trailer - HTTP
these header fields are disallowed: message framing
headers (e.g., transfer-encoding and content-length), routing
headers (e.g., host), request modifiers (e.g., controls and conditionals, like cache-control, max-forwards, or te), authentication
headers (e.g., authorization or set-cookie), or content-encoding, content-type, content-range, and trailer itself.
Via - HTTP
the via general header is added by proxies, both forward and reverse proxies, and can appear in the request
headers and the response
headers.
Want-Digest - HTTP
dbpe= the server does not support any of the requested digest algorithms, so responds with a 400 error and includes another want-digest header, listing the algorithms that it does support: request: get /item want-digest: sha;q=1 response: http/1.1 400 bad request want-digest: sha-256, sha-512 specifications specification title draft-ietf-httpbis-digest-
headers-latest resource digests for http this header was originally defined in rfc 3230, but the definition of "selected representation" in rfc 7231 made the original definition inconsistent with current http specifications.
X-Frame-Options - HTTP
<httpprotocol> <custom
headers> <add name="x-frame-options" value="sameorigin" /> </custom
headers> </httpprotocol> ...
X-XSS-Protection - HTTP
example block pages from loading when they detect reflected xss attacks: x-xss-protection: 1; mode=block php header("x-xss-protection: 1; mode=block"); apache (.htaccess) <ifmodule mod_
headers.c> header set x-xss-protection "1; mode=block" </ifmodule> nginx add_header "x-xss-protection" "1; mode=block"; specifications not part of any specifications or drafts.
PATCH - HTTP
to find out whether a server supports patch, a server can advertise its support by adding it to the list in the allow or access-control-allow-methods (for cors) response
headers.
100 Continue - HTTP
to have a server check the request's
headers, a client must send expect: 100-continue as a header in its initial request and receive a 100 continue status code in response before sending the body.
301 Moved Permanently - HTTP
the hypertext transfer protocol (http) 301 moved permanently redirect status response code indicates that the resource requested has been definitively moved to the url given by the location
headers.
304 Not Modified - HTTP
the equivalent 200 ok response would have included the
headers cache-control, content-location, date, etag, expires, and vary.
307 Temporary Redirect - HTTP
http 307 temporary redirect redirect status response code indicates that the resource requested has been temporarily moved to the url given by the location
headers.
308 Permanent Redirect - HTTP
the hypertext transfer protocol (http) 308 permanent redirect redirect status response code indicates that the resource requested has been definitively moved to the url given by the location
headers.
503 Service Unavailable - HTTP
caching-related
headers that are sent along with this response should be taken care of, as a 503 status is often a temporary condition and responses shouldn't usually be cached.
Closures - JavaScript
one way of doing this is to specify the font-size of the body element (in pixels), and then set the size of the other elements on the page (such as
headers) using the relative em unit: body { font-family: helvetica, arial, sans-serif; font-size: 12px; } h1 { font-size: 1.5em; } h2 { font-size: 1.2em; } such interactive text size buttons can change the font-size property of the body element, and the adjustments are picked up by other elements on the page thanks to the relative units.
Promise.prototype.finally() - JavaScript
examples using finally let isloading = true; fetch(myrequest).then(function(response) { var contenttype = response.
headers.get("content-type"); if(contenttype && contenttype.includes("application/json")) { return response.json(); } throw new typeerror("oops, we haven't got json!"); }) .then(function(json) { /* process your json further */ }) .catch(function(error) { console.error(error); /* this line can also throw, e.g.
Promise.prototype.then() - JavaScript
return fetch('current-data.json').then(response => { if (response.
headers.get('content-type') != 'application/json') { throw new typeerror(); } var j = response.json(); // maybe do something with j return j; // fulfillment value given to user of // fetch_current_data().then() }); } if onfulfilled returns a promise, the return value of then will be resolved/rejected by the promise.
SharedArrayBuffer - JavaScript
for top-level documents, two
headers will need to be set to cross-origin isolate your site: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) cross-origin-opener-policy: same-origin cross-origin-embedder-policy: require-corp to check if cross origin isolation has been successful, you can test a...
encodeURIComponent() - JavaScript
o be more stringent in adhering to rfc 3986 (which reserves !, ', (, ), and *), even though these characters have no formalized uri delimiting uses, the following can be safely used: function fixedencodeuricomponent(str) { return encodeuricomponent(str).replace(/[!'()*]/g, function(c) { return '%' + c.charcodeat(0).tostring(16); }); } examples encoding for content-disposition and link
headers the following example provides the special encoding required within utf-8 content-disposition and link server response header parameters (e.g., utf-8 filenames): var filename = 'my file(2).txt'; var header = "content-disposition: attachment; filename*=utf-8''" + encoderfc5987valuechars(filename); console.log(header); // logs "content-disposition: attachment; filename*=utf-8''my%20...
Web Performance
this article explains the tls handshake process, and offers some tips for reducing this time, such as ocsp stapling, hsts preload
headers, and the potential role of resource hints in masking tls latency for third parties.
mimeTypes.rdf corruption - SVG: Scalable Vector Graphics
actually, in mozilla firefox 1.5, the media type for files embedded into html using the html <embed> and <object> tags is (unfortunately) obtained in the same way as it's obtained for local files instead of using the http
headers as it should.