Response.headers - Web APIs
the headers read-only property of the response interface contains the headers object associated with the response.
... syntax var myheaders = response.headers; value a headers object.
... note that at the top of the fetch() block we log the response headers value to the console.
... var myimage = document.queryselector('img'); var myrequest = new request('flowers.jpg'); fetch(myrequest).then(function(response) { console.log(response.headers); // returns a headers{} object response.blob().then(function(myblob) { var objecturl = url.createobjecturl(myblob); myimage.src = objecturl; }); }); specifications specification status comment fetchthe definition of 'headers' in that specification.

Reason: invalid token ‘xyz’ in CORS header ‘Access-Control-Allow-Headers’ - HTTP
reason reason: invalid token ‘xyz’ in cors header ‘access-control-allow-headers’ what went wrong?
... the response to the cors request that was sent by the server includes an access-control-allow-headers header which includes at least one invalid header name.
... the access-control-allow-headers header is sent by the server in response to a preflight request; it lets the client know which http headers are permitted in cors requests.
... this is a problem that most likely can only be fixed on the server side, by modifying the server's configuration to no longer send the invalid or unknown header name with the access-control-allow-headers header.

Reason: missing token ‘xyz’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel - HTTP
reason reason: missing token ‘xyz’ in cors header ‘access-control-allow-headers’ from cors preflight channel what went wrong?
... the access-control-allow-headers header is sent by the server to let the client know which headers it supports for cors requests.
... the value of access-control-allow-headers should be a comma-delineated list of header names, such as "x-custom-information" or any of the standard but non-basic header names (which are always allowed).
... this error occurs when attempting to preflight a header that is not expressly allowed (that is, it's not included in the list specified by the access-control-allow-headers header sent by the server).

Access-Control-Request-Headers - HTTP
the access-control-request-headers request header is used by browsers when issuing a preflight request, to let the server know which http headers the client might send when the actual request is made.
... header type request header forbidden header name yes syntax access-control-request-headers: <header-name>, <header-name>, ...
... directives <header-name> a comma-delimited list of http headers that are included in the request.
... examples access-control-request-headers: x-pingother, content-type specifications specification status comment fetchthe definition of 'access-control-request-headers' in that specification.

nsIMimeHeaders
nsimimeheaders mailnews/mime/public/nsimimeheaders.idlscriptable ???
...as a service: var mimeheaders = components.classes["@mozilla.org/????????????????????????????"] .createinstance(components.interfaces.nsimimeheaders); method overview string extractheader([const] in string headername, in boolean getallofthem); void initialize([const] in string allheaders, in long allheaderssize); attributes attribute type description allheaders string read only.
... methods extractheader() string extractheader( [const] in string headername, in boolean getallofthem ); parameters headername missing description getallofthem missing description return value missing description exceptions thrown missing exception missing description initialize() void initialize( [const] in string allheaders, in long allheaderssize ); parameters allheaders insert the complete message content allheaderssize length of the passed in content exceptions thrown missing exception missing description remarks see also ...

Headers.entries() - Web APIs
the headers.entries() method returns an iterator allowing to go through all key/value pairs contained in this object.
... syntax headers.entries(); return value returns an iterator.
... example // create a test headers object var myheaders = new headers(); myheaders.append('content-type', 'text/xml'); myheaders.append('vary', 'accept-language'); // display the key/value pairs for (var pair of myheaders.entries()) { console.log(pair[0]+ ': '+ pair[1]); } the result is: content-type: text/xml vary: accept-language ...

Headers.keys() - Web APIs
the headers.keys() method returns an iterator allowing to go through all keys contained in this object.
... syntax headers.keys(); return value returns an iterator.
... example // create a test headers object var myheaders = new headers(); myheaders.append('content-type', 'text/xml'); myheaders.append('vary', 'accept-language'); // display the keys for(var key of myheaders.keys()) { console.log(key); } the result is: content-type vary ...

Headers.values() - Web APIs
the headers.values() method returns an iterator allowing to go through all values contained in this object.
... syntax headers.values(); return value returns an iterator.
... example // create a test headers object var myheaders = new headers(); myheaders.append('content-type', 'text/xml'); myheaders.append('vary', 'accept-language'); // display the values for (var value of myheaders.values()) { console.log(value); } the result is: text/xml accept-language ...

Setting HTTP request headers
in addition to the actual content, some important information is passed with http headers for both http requests and responses.
... you can add your own http headers to any request the application makes, whether the request is initiated by your code explicitly opening an http channel, because of xmlhttprequest activity, an <img> element in content, or even from css.

WebRequest.jsm
usage to import webrequest, use code like: let {webrequest} = cu.import("resource://gre/modules/webrequest.jsm", {}); the webrequest object has the following properties, each of which corresponds to a specific stage in executing a web request: onbeforerequest onbeforesendheaders onsendheaders onheadersreceived onresponsestarted oncompleted each of these objects defines two functions: addlistener(callback, filter, opt_extrainfospec) removelistener(callback) adding listeners use addlistener to add a listener to a particular event.
... there are four things you can do with a request: cancel it redirect it modify request headers modify response headers.
... redirect onbeforesendheaders redirecturl string set to the url to redirect the request to.
...And 39 more matches

Cross-Origin Resource Sharing (CORS) - HTTP
cross-origin resource sharing (cors) is a mechanism that uses additional http headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin.
...this means that a web application using those apis can only request resources from the same origin the application was loaded from unless the response from other origins includes the right cors headers.
...modern browsers handle the client side of cross-origin sharing, including headers and policy enforcement.
...And 28 more matches

HTTP Index - HTTP
on top of these basic concepts, numerous extensions have appeared over the years, adding new functionality and new semantics by creating new http methods or headers.
... 20 cross-origin resource sharing (cors) ajax, cors, cross-origin resource sharing, fetch, fetch api, http, http access controls, same-origin policy, security, xmlhttprequest, l10n:priority cross-origin resource sharing (cors) is a mechanism that uses additional http headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin.
... 34 reason: invalid token ‘xyz’ in cors header ‘access-control-allow-headers’ cors, corsinvalidallowheader, cross-origin, error, http, https, messages, reasons, security, console, troubleshooting the response to the cors request that was sent by the server includes an access-control-allow-headers header which includes at least one invalid header name.
...And 26 more matches

Index - Web APIs
this may come from http headers or other sources of mime information, and might be affected by automatic type conversions performed by either the browser or extensions.
... 1300 fetch basic concepts api, fetch, fetch api, xmlhttprequest, concepts, guard, request at the heart of fetch are the interface abstractions of http requests, responses, headers, and body payloads, along with a global fetch method for initiating asynchronous resource requests.
... 1937 htmltablesectionelement api, html dom, interface, reference the htmltablesectionelement interface provides special properties and methods (beyond the htmlelement interface it also has available to it by inheritance) for manipulating the layout and presentation of sections, that is headers, footers and bodies, in an html table.
...And 24 more matches

nsIHttpChannel
netwerk/protocol/http/nsihttpchannel.idlscriptable this interface allows for the modification of http request parameters and the inspection of the resulting http response status and headers when they become available.
... redirectto(in nsiuri anewuri); void setemptyrequestheader(in acstring aheader); void setreferrerwithpolicy(in nsiuri referrer, in unsigned long referrerpolicy); void setrequestheader(in acstring aheader, in acstring avalue, in boolean amerge); void setresponseheader(in acstring header, in acstring value, in boolean merge); void visitoriginalresponseheaders(in nsihttpheadervisitor avisitor); void visitrequestheaders(in nsihttpheadervisitor avisitor); void visitresponseheaders(in nsihttpheadervisitor avisitor); constants constant description referrer_policy_no_referrer_when_downgrade default; indicates not to pass on the referrer when downgrading from https to http referrer_policy_no_referre...
... ns_error_failure if used for setting referrer during visitrequestheaders().
...And 22 more matches

Using Fetch - Web APIs
set-cookie headers from other sites are silently ignored.
... mode: 'cors', // no-cors, *cors, same-origin cache: 'no-cache', // *default, no-cache, reload, force-cache, only-if-cached credentials: 'same-origin', // include, *same-origin, omit headers: { 'content-type': 'application/json' // 'content-type': 'application/x-www-form-urlencoded', }, redirect: 'follow', // manual, *follow, error referrerpolicy: 'no-referrer', // no-referrer, *no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url body: json.stringify(data) // body data type m...
...ust match "content-type" header }); return response.json(); // parses json response into native javascript objects } postdata('https://example.com/answer', { answer: 42 }) .then(data => { console.log(data); // json data parsed by `data.json()` call }); note that mode: "no-cors" only allows a limited set of headers in the request: accept accept-language content-language content-type with a value of application/x-www-form-urlencoded, multipart/form-data, or text/plain sending a request with credentials included to cause browsers to send a request with credentials included, even for a cross-origin call, add credentials: 'include' to the init object you pass to the fetch() method.
...And 16 more matches

HTTP Messages - HTTP
an optional set of http headers specifying the request, or describing the body included in the message.
...the presence of the body and its size is specified by the start-line and http headers.
... the start-line and http headers of the http message are collectively known as the head of the requests, whereas its payload is known as the body.
...And 15 more matches

Index - MDN Web Docs Glossary: Definitions of Web-related terms
48 cors glossary, infrastructure, security cors (cross-origin resource sharing) is a system, consisting of transmitting http headers, that determines whether browsers block frontend javascript code from accessing responses for cross-origin requests.
... 49 cors-safelisted request header cors, fetch a cors-safelisted request header is one of the following http headers: 50 cors-safelisted response header cors, fetch, glossary, http a cors-safelisted response header is an http header which has been safelisted so that it will not be filtered when responses are processed by cors, since they're considered safe (as the headers listed in access-control-expose-headers).
...headers like content-length, content-language, content-encoding are entities headers.
...And 14 more matches

HTML table advanced features and accessibility - Learn web development
put the obvious headers row inside a <thead> element, the "sum" row inside a <tfoot> element, and the rest of the content inside a <tbody> element.
...to understand its information we make visual associations between the data in this table and its column and/or row headers.
... using column and row headers screenreaders will identify all headers and use them to make programmatic associations between those headers and the cells they relate to.
...And 13 more matches

Network request details - Firefox Developer Tools
the tabs at the top of this pane enable you to switch between the following pages: headers messages (only for websocket items) cookies params response cache timings security (only for secure pages) stack trace (only when the request has a stack trace, e.g.
... headers tab the headers tab has a toolbar, followed by three main sections.
... http response headers http request headers each section has a disclosure triangle to expand the section to show more information.
...And 13 more matches

Index - HTTP
found 122 pages: # page tags and summary 1 http headers http, http header, networking, overview, reference http headers allow the client and the server to pass additional information with the request or the response.
... 8 access-control-allow-headers cors, http, reference, header the access-control-allow-headers response header is used in response to a preflight request which includes the access-control-request-headers to indicate which http headers can be used during the actual request.
... 11 access-control-expose-headers cors, http, reference, header the access-control-expose-headers response header indicates which headers can be exposed as part of the response by listing their names.
...And 12 more matches

Building accessible custom components in XUL - Archive of obsolete content
we define the grid, then define the headers for each row (numbered 1 through 7), then define the column header and cells for each column.
...note: the row and column headers are denoted by description elements, and individual cells are denoted by label elements.
... <caption>it looks like a cell, but it's not</caption> assistive technologies also have no idea that our row headers and column headers are really headers.
...And 8 more matches

HTML table basics - Learn web development
information is easily interpreted by making visual associations between row and column headers.
...you can find the answer by associating the relevant row and column headers.
... adding headers with <th> elements now let's turn our attention to table headers — special cells that go at the start of a row or column and define the type of data that row or column contains (as an example, see the "person" and "age" cells in the first example shown in this article).
...And 8 more matches

HTTP conditional requests - HTTP
principles http conditional requests are requests that are executed differently, depending on the value of specific headers.
... these headers define a precondition, and the result of the request will be different if the precondition is matched or not.
... the different behaviors are defined by the method of the request used, and by the set of headers used for a precondition: for safe methods, like get, which usually tries to fetch a document, the conditional request can be used to send back the document, if relevant only.
...And 8 more matches

Content negotiation - HTTP
the determination of the best suited representation is made through one of two mechanisms: specific http headers by the client (server-driven negotiation or proactive negotiation), which is the standard way of negotiating a specific kind of resource.
... server-driven content negotiation in server-driven content negotiation, or proactive content negotiation, the browser (or any other kind of user-agent) sends several http headers along with the url.
... these headers describe the preferred choice of the user.
...And 8 more matches

Evolution of HTTP - HTTP
<html> a very simple html page </html> unlike subsequent evolutions, there were no http headers, meaning that only html files could be transmitted, but no other type of documents.
...xtended it to be more versatile: versioning information is now sent within each request (http/1.0 is appended to the get line) a status code line is also sent at the beginning of the response, allowing the browser itself to understand the success or failure of the request and to adapt its behavior in consequence (like in updating or using its local cache in a specific way) the notion of http headers has been introduced, both for the requests and the responses, allowing metadata to be transmitted and making the protocol extremely flexible and extensible.
... with the help of the new http headers, the ability to transmit other documents than plain html files has been added (thanks to the content-type header).
...And 6 more matches

Index
73 setting http request headers add-ons, extensions, http, xul, xulrunner http is one of the core technologies behind the web.
... in addition to the actual content, some important information is passed with http headers for both http requests and responses.
...for example, queryinterfacing to nsihttpchannel allows response headers to be retrieved for the corresponding http transaction.
...And 5 more matches

Web Console remoting - Firefox Developer Tools
the client can request further network event details - like response body or request headers.
... send http requests starting with firefox 25 you can send an http request using the console actor: { "to": "conn0.console9", "type": "sendhttprequest", "request": { "url": "http://localhost", "method": "get", "headers": [ { name: "header-name", value: "header value", }, // ...
...examples: { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "requestheaders", "headers": 10, "headerssize": 425 }, { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "requestcookies", "cookies": 0 }, { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "requestpostdata", "datasize": 1024, "discardrequestbody": false }, { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "respons...
...And 5 more matches

nss tech note5
encrypt/decrypt include headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") choose a cipher mechanism.
... you can also look at a sample program illustrating encryption hash / digest include headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") <big>create digest context</big>.
...); s = pk11_digestop(digestcontext, data, sizeof data); s = pk11_digestfinal(digestcontext, digest, &len, sizeof digest); /* now, digest contains the 'digest', and len contains the length of the digest */</big> clean up pk11_destroycontext(digestcontext, pr_true); you can also look at a sample program illustrating this hash / digest with secret key included include headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") choose a digest mechanism.
...And 4 more matches

An overview of HTTP - HTTP
http is extensible introduced in http/1.0, http headers make this protocol easy to extend and experiment with.
...though such constraint is a burden to the server, http headers can relax this strict separation on the server side, allowing a document to become a patchwork of information sourced from different domains; there could even be security-related reasons to do so.
...basic authentication may be provided by http, either using the www-authenticate and similar headers, or by setting a specific session using http cookies.
...And 4 more matches

request - Archive of obsolete content
headers object an unordered collection of name/value pairs representing headers to send with the request.
...tin-1, use overridemimetype: var request = require("sdk/request").request; var quijote = request({ url: "http://www.latin1files.org/quijote.txt", overridemimetype: "text/plain; charset=latin1", oncomplete: function (response) { console.log(response.text); } }); quijote.get(); anonymous boolean if true, the request will be sent without cookies or authentication headers.
...optionally the user may specify a collection of headers and content to send alongside the request and a callback which will be executed once the request completes.
...And 3 more matches

HTTP header - MDN Web Docs Glossary: Definitions of Web-related terms
headers are case-insensitive, begins at the start of a line and are immediately followed by a ':' and a value depending of the header itself.
... traditionally, headers are classed in categories, though this classification is no more part of any specification: general header: headers applying to both requests and responses but with no relation to the data eventually transmitted in the body.
... request header: headers containing more information about the resource to be fetched or about the client itself.
...And 3 more matches

Request header - MDN Web Docs Glossary: Definitions of Web-related terms
request headers, like accept, accept-*, or if-* allow to perform conditional requests; others like cookie, user-agent, or referer precise the context so that the server can tailor the answer.
... not all headers appearing in a request are request headers.
...however, these entity headers are often called request headers in such a context.
...And 3 more matches

Eclipse CDT
express setup for the eclipse indexer to work well you must first build mozilla, so that it includes headers from the objdir etc.
... headers are only parsed once for performance reasons, eclipse only processes header files that have include guards once, using the compiler options for the first source file it encounters that includes that header (eclipse bug 380511).
... this "parse once" strategy can also cause "unresolved inclusion" errors in headers if the first time eclipse sees the header is while indexing a file for which it doesn't have any build output parser data.
...And 3 more matches

nsIPluginHost
void parsepostbuffertofixheaders(in string ainpostdata, in unsigned long ainpostdatalen, out string aoutpostdata, out unsigned long aoutpostdatalen); native code only!
... (corresponds to npn_geturl and npn_geturlnotify.) posts to a url with post data and/or post headers.
... void newpluginnativewindow( out nspluginnativewindowptr apluginnativewindow ); parameters apluginnativewindow native code only!parsepostbuffertofixheaders this method parses post buffer to find out case insensitive "content-length" string and cr or lf some where after that, then it assumes there is http headers in the input buffer and continue to search for end of headers (crlfcrlf or lflf).
...And 3 more matches

nsIWebNavigation
method overview void goback void goforward void gotoindex( in long index ) void loaduri(in wstring uri , in unsigned long loadflags , in nsiuri referrer , in nsiinputstream postdata, in nsiinputstream headers) void reload(in unsigned long reloadflags) void stop(in unsigned long stopflags) constants load flags constant value description load_flags_mask 65535 this flag defines the range of bits that may be specified.
... void loaduri( wstring uri, unsigned long loadflags, nsiuri referrer, nsiinputstream postdata, nsiinputstream headers ); parameters uri the uri string to load.
... postdata if the uri corresponds to a http request, then this stream is appended directly to the http request headers.
...And 3 more matches

Protocol upgrade mechanism - HTTP
this means that a typical request that includes upgrade would look something like: get /index.html http/1.1 host: www.example.com connection: upgrade upgrade: example/1, foo/2 other headers may be required depending on the requested protocol; for example, websocket upgrades allow additional headers to configure details about the websocket connection as well as to offer a degree of security in opening the connection.
...after creating the initial http/1.1 session, you need to request the upgrade by adding to a standard request the upgrade and connection headers, as follows: connection: upgrade upgrade: websocket websocket-specific headers the following headers are involved in the websocket upgrade process.
... other than the upgrade and connection headers, the rest are generally optional or handled for you by the browser and server when they're talking to each other.
...And 3 more matches

Planned changes to shared memory - JavaScript
for top-level documents, two headers will need to be set: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) with these two headers set, postmessage() will no longer throw for sharedarraybuffer objects and shared memory across threads is therefore available.
...direct access between two top-level window contexts will essentially only work if they are same-origin and carry the same two headers with the same two values.
... sharedarraybuffer objects are in principle always available, but unfortunately the constructor on the global object is hidden, unless the two headers mentioned above are set, for compatibility with web content.
...And 3 more matches

jspage - Archive of obsolete content
or(var d=0,c=1;1;d+=c,c/=2){if(f>=(7-4*d)/11){e=c*c-math.pow((11-6*d-11*f)/4,2); break;}}return e;},elastic:function(b,a){return math.pow(2,10*--b)*math.cos(20*b*math.pi*(a[0]||1)/3);}});["quad","cubic","quart","quint"].each(function(b,a){fx.transitions[b]=new fx.transition(function(c){return math.pow(c,[a+2]); });});var request=new class({implements:[chain,events,options],options:{url:"",data:"",headers:{"x-requested-with":"xmlhttprequest",accept:"text/javascript, text/html, application/xml, text/xml, */*"},async:true,format:false,method:"post",link:"ignore",issuccess:null,emulation:true,urlencoded:true,encoding:"utf-8",evalscripts:false,evalresponse:false,nocache:false},initialize:function(a){this.xhr=new browser.request(); this.setoptions(a);this.options.issuccess=this.options.issuccess||this.
...issuccess;this.headers=new hash(this.options.headers);},onstatechange:function(){if(this.xhr.readystate!=4||!this.running){return; }this.running=false;this.status=0;$try(function(){this.status=this.xhr.status;}.bind(this));this.xhr.onreadystatechange=$empty;if(this.options.issuccess.call(this,this.status)){this.response={text:this.xhr.responsetext,xml:this.xhr.responsexml}; this.success(this.response.text,this.response.xml);}else{this.response={text:null,xml:null};this.failure();}},issuccess:function(){return((this.status>=200)&&(this.status<300)); },processscripts:function(a){if(this.options.evalresponse||(/(ecma|java)script/).test(this.getheader("content-type"))){return $exec(a);}return a.stripscripts(this.options.evalscripts); },success:function(b,a){this.onsuccess(this.processscripts(b),a);},...
...onsuccess:function(){this.fireevent("complete",arguments).fireevent("success",arguments).callchain(); },failure:function(){this.onfailure();},onfailure:function(){this.fireevent("complete").fireevent("failure",this.xhr);},setheader:function(a,b){this.headers.set(a,b); return this;},getheader:function(a){return $try(function(){return this.xhr.getresponseheader(a);}.bind(this));},check:function(){if(!this.running){return true; }switch(this.options.link){case"cancel":this.cancel();return true;case"chain":this.chain(this.caller.bind(this,arguments));return false;}return false;},send:function(k){if(!this.check(k)){return this; }this.running=true;var i=$type(k);if(i=="string"||i=="element"){k={data:k};}var d=this.options;k=$extend({data:d.data,url:d.url,method:d.method},k);var g=k.data,b=string(k.url),...
...And 2 more matches

Microsummary topics - Archive of obsolete content
controlling the frequency of microsummary requests when firefox downloads content in order to update a microsummary, it honors cache-related http response headers.
...for example, you might include the following header in your response to prevent firefox from making another microsummary-related request for one hour: cache-control: max-age=3600 note: because of a technical limitation (bug 346820), firefox uses the same cache for both microsummary-related requests and user-initiated requests, so the cache headers you return apply to both.
... thus if your cache headers tell firefox not to refresh a page on your site more than once per hour, and the user reloads the page within that time period, the user will see the cached version of your page, which may not be what you want.
...And 2 more matches

NPStream - Archive of obsolete content
syntax typedef struct _npstream { void* pdata; /* plug-in private data */ void* ndata; /* netscape private data */ const char* url; uint32 end; uint32 lastmodified; void* notifydata; const char *headers; } npstream; fields the data structure has the following fields: plug-in-private value that the plug-in can use to store a pointer to private data associated with the instance; not modified by the browser.
... headers the response headers from the host.
... this field is only available if the np version is greater than or equal to npvers_has_response_headers.
...And 2 more matches

CORS - MDN Web Docs Glossary: Definitions of Web-related terms
cors (cross-origin resource sharing) is a system, consisting of transmitting http headers, that determines whether browsers block frontend javascript code from accessing responses for cross-origin requests.
... learn more general knowledge cross-origin resource sharing (cors) on mdn cross-origin resource sharing on wikipedia cors headers access-control-allow-origin indicates whether the response can be shared.
... access-control-allow-headers used in response to a preflight request to indicate which http headers can be used when making the actual request.
...And 2 more matches

Response header - MDN Web Docs Glossary: Definitions of Web-related terms
response headers, like age, location or server are used to give a more detailed context of the response.
... not all headers appearing in a response are response headers.
...however, these entity requests are usually called responses headers in such a context.
...And 2 more matches

Makefile - variables
exports_namespaces exported package include directory: dist/include/${namespace} exports_${namespace} a list of exports/headers that should be copied into the exported namespace directory.
... module instructs the build system where to install exported headers.
... xpidlsrcs internal: a list of .idl files to generate exported headers from.
...And 2 more matches

PR_TransmitFile
syntax #include <prio.h> print32 pr_transmitfile( prfiledesc *networksocket, prfiledesc *sourcefile, const void *headers, print32 hlen, prtransmitfileflags flags, printervaltime timeout); parameters the function has the following parameters: networksocket a pointer to a prfiledesc object representing the connected socket to send data over.
... headers a pointer to the buffer holding the headers to be sent before sending data.
... hlen length of the headers buffer in bytes.
...And 2 more matches

NSS Developer Tutorial
symbol export lists the manifest.mn file, in a directory in the nss source tree, specifies which headers are public, and which headers are private.
... public headers are in the exports variable.
... private headers,which may be included by files in other directories, are in the private_exports variable.
...And 2 more matches

Observer Notifications
http requests these are the topics that you can observe during a http request (see setting http request headers and creating sandboxed http connections).
...the channel is available to allow you to modify headers and such.
...headers are available on the channel.
...And 2 more matches

nsIHttpHeaderVisitor
netwerk/protocol/http/nsihttpheadervisitor.idlscriptable this interface is used to view http request and response headers.
... inherits from: nsisupports last changed in gecko 1.7 method overview void visitheader(in acstring aheader, in acstring avalue); methods visitheader() called by the nsihttpchannel implementation when visiting request and response headers.
... this method can throw an exception to terminate enumeration of the channel's headers.
...And 2 more matches

URLs - Plugins
for protocols in which the headers must be distinguished from the body, such as http, the buffer or file should contain the headers, followed by a blank line, then the body.
... if no custom headers are required, simply add a blank line ('\n') to the beginning of the file or buffer.
... note: you cannot use npn_posturl to specify headers (even a blank line) in a memory buffer.
...And 2 more matches

Network request list - Firefox Developer Tools
regexp:\d{5} regexp:mdn|mozilla for example, to find all 404, not found, errors, you can type "404" into the search and auto-complete suggests "status-code:404" so you'll end up with something like this: search in requests use the search panel to run a full-text search on headers and content.
...the search results area below the search field displays the requests that contain that string in the request or response headers or in the content of the response.
... copy > copy request headers copies the request's header to the clipboard.
...And 2 more matches

Cache - Web APIs
note: the caching api doesn't honor http caching headers.
... // (see /docs/web/api/request/clone) return fetch(event.request.clone()).then(function(response) { console.log(' response for %s from network is: %o', event.request.url, response); if (response.status < 400 && response.headers.has('content-type') && response.headers.get('content-type').match(/^font\//i)) { // this avoids caching responses that we know are errors (i.e.
... // note that for opaque filtered responses (https://fetch.spec.whatwg.org/#concept-filtered-response-opaque) // we can't access to the response headers, so this check will always fail and the font won't be cached.
...And 2 more matches

Fetch basic concepts - Web APIs
in a nutshell at the heart of fetch are the interface abstractions of http requests, responses, headers, and body payloads, along with a global fetch method for initiating asynchronous resource requests.
... guard guard is a feature of headers objects, with possible values of immutable, request, request-no-cors, response, or none, depending on where the header is used.
... when a new headers object is created using the headers() constructor, its guard is set to none (the default).
...And 2 more matches

Writing WebSocket servers - Web APIs
the client will send a pretty standard http request with headers that looks like this (the http version must be 1.1 or greater, and the method must be get): get /chat http/1.1 host: example.com:8000 upgrade: websocket connection: upgrade sec-websocket-key: dghlihnhbxbszsbub25jzq== sec-websocket-version: 13 the client can solicit extensions and/or subprotocols here; see miscellaneous for details.
... also, common headers like user-agent, referer, cookie, or authentication headers might be there as well.
...once the server sends these headers, the handshake is complete and you can start swapping data!
...And 2 more matches

HTTP response status codes - HTTP
head: the entity headers are in the message body.
... 204 no content there is no content to send for this request, but the headers may be useful.
... the user-agent may update its cached headers for this resource with the new ones.
...And 2 more matches

HTTP
this article describes different methods of caching and how to use http headers to control them.
... http headers http message headers are used to describe a resource, or the behavior of the server or the client.
... custom proprietary headers can be added using the x- prefix; others in an iana registry, whose original content was defined in rfc 4229.
...And 2 more matches

Assessment: Structuring planet data - Learn web development
add a row to the table header containing all the column headers.
... add attributes to make the row and column headers unambiguously associated with the rows, columns, or rowgroups that they act as headings for.
... add a black border just around the column that contains all the planet name row headers.
... one way of associating headers with their rows/columns is a lot easier than the other way.

Handling common accessibility problems - Learn web development
if you instead look at our punk-bands-complete.html example (live, source), you can see a few accessibility aids at work here, such as table headers (<th> and scope attributes), <caption> element, etc.
... vo + r + r (two rs in succession) (when inside a table) read the entire current row, including the headers that correspond to each cell.
... screenreader testing now you've gotten used to using a screenreader, we'd like you to use it to do some quick accessibility tests, to get an idea of how screenreaders deal with good and bad webpage features: look at good-semantics.html, and note how the headers are found by the screenreader and available to use for navigation.
... look at our punk-bands-complete.html example, and see how the screenreader is able to associate columns and rows of content and read them out all together because we've defined headers properly.

AsyncTestUtils extended framework
keep in mind that the class is not magic and will lose track of the message headers if you manipulate them without referencing the message set.
... accessing synthetic messages and headers synmessages [attribute] the js list of syntheticmessages held in the set.
... xpcomhdrarray [getter] return an nsimutablearray of the message headers that have been injected into folders.
...namely, if you use async_move_messages / async_trash_messages on the resulting set, the original sets won't know the messages moved and will get confused if you try and access headers via them again.

NSS API Guidelines
the public headers is a list of header files that contain types, and functions, that are publicly available to higer-level apis.
... library description layer directory public headers certdb provides all certificate handling functions and types.
... "friend" headers are for things that we really wish weren't used by non-nss code, but which are.
... "module" headers are for things used only within a specific subset of nss; things which would have been "static" if we had combined separate c source files together.

nsIMsgSearchSession
p, in nsimsgsearchvalue value); long countsearchscopes(); void getnthsearchscope(in long which,out nsmsgsearchscopevalue scopeid, out nsimsgfolder folder); void addscopeterm(in nsmsgsearchscopevalue scope, in nsimsgfolder folder); void adddirectoryscopeterm(in nsmsgsearchscopevalue scope); void clearscopes(); [noscript] boolean scopeusescustomheaders(in nsmsgsearchscopevalue scope, in voidptr selection, in boolean forfilters); boolean isstringattribute(in nsmsgsearchattribvalue attrib); void addallscopes(in nsmsgsearchscopevalue attrib); void search(in nsimsgwindow awindow); void interruptsearch(); void pausesearch(); void resumesearch(); [noscript] nsmsgsearchtype setsearchparam(...
... void addscopeterm(in nsmsgsearchscopevalue scope, in nsimsgfolder folder); parameters scope folder adddirectoryscopeterm() void adddirectoryscopeterm(in nsmsgsearchscopevalue scope); parameters scope clearscopes() void clearscopes(); scopeusescustomheaders() call this function everytime the scope changes!
...fes should not display the custom header dialog if custom headers are not supported.
... [noscript] boolean scopeusescustomheaders(in nsmsgsearchscopevalue scope, in voidptr selection, in boolean forfilters); parameters scope selection could be a folder or server based on scope forfilters isstringattribute() use this to determine if your attribute is a string attribute.

Index
things appear confusing for several reasons: 45 message interfaces interfaces, interfaces:scriptable, needscontent, xpcom api reference, thunderbird nsimsghdr - this interface describes headers for all mail messages.
... initially, the training.dat file is empty (there was discussion of shipping with a default file) on spam detection, the user can choose to move spam to a special "junk" folder the user can configure junk mail can be automatically purged from the "junk" folder to analyze a message for spam, we need the entire message, not just the headers.
...the customdbheaders preference article provides information on a preference setting that exposes custom header data for use in a custom column within thunderbird's main view.
... 112 customdbheaders preference developing a custom column to display a 'superfluous' column within thunderbird's main view.

HTMLTableCellElement - Web APIs
this alternate label can be used in other contexts, such as when describing the headers that apply to a data cell.
... htmltablecellelement.headers read only is a domsettabletokenlist describing a list of id of <th> elements that represents headers associated with the cell.
... it reflects the headers attribute.
... the headers property is now read-only and contains a domsettabletokenlist rather than a mere domstring.

Request() - Web APIs
headers: any headers you want to add to your request, contained within a headers object or an object literal with bytestring values.
...flowers.jpg'); fetch(myrequest).then(function(response) { return response.blob(); }).then(function(response) { var objecturl = url.createobjecturl(response); myimage.src = objecturl; }); in our fetch request with init example (see fetch request init live) we do the same thing except that we pass in an init object when we invoke fetch(): var myimage = document.queryselector('img'); var myheaders = new headers(); myheaders.append('content-type', 'image/jpeg'); var myinit = { method: 'get', headers: myheaders, mode: 'cors', cache: 'default' }; var myrequest = new request('flowers.jpg',myinit); fetch(myrequest).then(function(response) { ...
...}); you can also use an object literal as headers in init.
... var myinit = { method: 'get', headers: { 'content-type': 'image/jpeg' }, mode: 'cors', cache: 'default' }; var myrequest = new request('flowers.jpg', myinit); you may also pass a request object to the request() constructor to create a copy of the request (this is similar to calling the clone() method.) var copy = new request(myrequest); note: this last usage is probably only useful in serviceworkers.

Response.type - Web APIs
it can be one of the following: basic: normal, same origin response, with all headers exposed except “set-cookie” and “set-cookie2″.
...certain headers and the body may be accessed.
...the response’s status is 0, headers are empty and immutable.
...the response's status is 0, headers are empty, body is null and trailer is empty.

Using Service Workers - Web APIs
the matching is done via url and vary headers, just like with normal http requests.
...in this case, we are just returning a simple text string: new response('hello from your friendly neighbourhood service worker!'); this more complex response below shows that you can optionally pass a set of headers in with your response, emulating standard http response headers.
... here we are just telling the browser what the content type of our synthetic response is: new response('<p>hello from your friendly neighbourhood service worker!</p>', { headers: { 'content-type': 'text/html' } }); if a match wasn’t found in the cache, you could tell the browser to simply fetch the default network request for that resource, to get the new resource from the network if it is available: fetch(event.request); if a match wasn’t found in the cache, and the network isn’t available, you could just match the request with some kind of default fallback page as a response using match(), like this: caches.match('./fallback.html'); you can retrieve a lot of information about each request by calling parameters of the request object returned by the fetchevent: ...
... event.request.url event.request.method event.request.headers event.request.body recovering failed requests so caches.match(event.request) is great when there is a match in the service worker cache, but what about cases when there isn’t a match?

WindowOrWorkerGlobalScope.fetch() - Web APIs
headers any headers you want to add to your request, contained within a headers object or an object literal with bytestring values.
...status: ${response.status}`); } return response.blob(); }) .then(function(response) { let objecturl = url.createobjecturl(response); myimage.src = objecturl; }); in the fetch with init then request example (see fetch request init live), we do the same thing except that we pass in an init object when we invoke fetch(): const myimage = document.queryselector('img'); let myheaders = new headers(); myheaders.append('content-type', 'image/jpeg'); const myinit = { method: 'get', headers: myheaders, mode: 'cors', cache: 'default' }; let myrequest = new request('flowers.jpg'); fetch(myrequest, myinit).then(function(response) { // ...
... }); you could also pass the init object in with the request constructor to get the same effect: let myrequest = new request('flowers.jpg', myinit); you can also use an object literal as headers in init.
... const myinit = { method: 'get', headers: { 'content-type': 'image/jpeg' }, mode: 'cors', cache: 'default' }; let myrequest = new request('flowers.jpg', myinit); specifications specification status comment fetchthe definition of 'fetch()' in that specification.

XMLHttpRequest.getResponseHeader() - Web APIs
if there are multiple response headers with the same name, then their values are returned as a single concatenated string, where each value is separated from the previous one by a pair of comma and space.
... if you need to get the raw string of all of the headers, use the getallresponseheaders() method, which returns the entire raw header string.
... example in this example, a request is created and sent, and a readystatechange handler is established to look for the readystate to indicate that the headers have been received; when that is the case, the value of the content-type header is fetched.
... var client = new xmlhttprequest(); client.open("get", "unicorns-are-teh-awesome.txt", true); client.send(); client.onreadystatechange = function() { if(this.readystate == this.headers_received) { var contenttype = client.getresponseheader("content-type"); if (contenttype != my_expected_type) { client.abort(); } } } specifications specification status comment xmlhttprequestthe definition of 'getresponseheader()' in that specification.

XMLHttpRequest.readyState - Web APIs
2 headers_received send() has been called, and headers and status are available.
...during this state, the request headers can be set using the setrequestheader() method and the send() method can be called which will initiate the fetch.
... headers_received send() has been called and the response headers have been received.
...instead of unsent, opened, headers_received, loading and done, the names readystate_uninitialized (0), readystate_loading (1), readystate_loaded (2), readystate_interactive (3) and readystate_complete (4) are used.

XMLHttpRequest.setRequestHeader() - Web APIs
for security reasons, some headers can only be controlled by the user agent.
... these headers include the forbidden header names and forbidden response header names.
... note: for your custom fields, you may encounter a "not allowed by access-control-allow-headers in preflight response" exception when you send requests across domains.
... in this situation, you need to set up the access-control-allow-headers in your response header at server side.

ARIA: row role - Accessibility
a row contains one or more cells, grid cells or column headers, and possibly a row header, within a grid, table or treegrid, and optionally within a rowgroup.
...an role="cell">finland</span> <span role="cell">5.5 million</span> </div> <div role="row"> <span role="cell">france</span> <span role="cell">67 million</span> </div> </div> </div> description the element role="row" is a row within a grid, table or treegrid, and optionally within a rowgroup, that is a container for one or more cells, gridcells, columnheaders, or rowheaders within a static tabular structure.
...these cells can be of different types, depending on whether they are column or row headers, or grid or regular cells.
...the header row, alone in a header rowgroup, has two column headers.

ARIA: rowgroup role - Accessibility
a rowgroup contains one or more rows of cells, grid cells, column headers, or row headers within a grid, table or treegrid.
...these cells can be of different types, depending on whether they are column or row headers, or plain or grid cells.
...a row contains one or more cells, gridcell, or column headers, and sometimes a row header.
...the header row, alone in a header rowgroup, has two column headers.

HTTP authentication - HTTP
as both resource authentication and proxy authentication can coexist, a different set of headers and status codes is needed.
... www-authenticate and proxy-authenticate headers the www-authenticate and proxy-authenticate response headers define the authentication method that should be used to gain access to a resource.
... the syntax for these headers is the following: www-authenticate: <type> realm=<realm> proxy-authenticate: <type> realm=<realm> here, <type> is the authentication scheme ("basic" is the most common scheme and introduced below).
... authorization and proxy-authorization headers the authorization and proxy-authorization request headers contain the credentials to authenticate a user agent with a (proxy) server.

Connection - HTTP
except for the standard hop-by-hop headers (keep-alive, transfer-encoding, te, connection, trailer, upgrade, proxy-authorization and proxy-authenticate), any hop-by-hop headers used by the message must be listed in the connection header, so that the first proxy knows it has to consume them and not forward them further.
... standard hop-by-hop headers can be listed too (it is often the case of keep-alive, but this is not mandatory).
... any comma-separated list of http headers [usually keep-alive only] indicates that the client would like to keep the connection open.
...the list of headers are the name of the header to be removed by the first non-transparent proxy or cache in-between: these headers define the connection between the emitter and the first entity, not the destination node.

OPTIONS - HTTP
the access-control-request-headers header tells the server that when the actual request is sent, it will have the x-pingother and content-type headers.
... options /resources/post-here/ http/1.1 host: bar.example accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-us,en;q=0.5 accept-encoding: gzip,deflate connection: keep-alive origin: https://foo.example access-control-request-method: post access-control-request-headers: x-pingother, content-type the server now can respond if it will accept a request under these circumstances.
...(this header is similar to the allow response header, but used only for cors.) access-control-allow-headers any script inspecting the response is permitted to read the values of the x-pingother and content-type headers.
... http/1.1 204 no content date: mon, 01 dec 2008 01:15:39 gmt server: apache/2.0.61 (unix) access-control-allow-origin: https://foo.example access-control-allow-methods: post, get, options access-control-allow-headers: x-pingother, content-type access-control-max-age: 86400 vary: accept-encoding, origin keep-alive: timeout=2, max=100 connection: keep-alive specifications specification title rfc 7231, section 4.3.7: options hypertext transfer protocol (http/1.1): semantics and content ...

A typical HTTP session - HTTP
these http headers form a block which ends with an empty line.
...as there is no content-length provided in an http header, this data block is presented empty, marking the end of the headers, allowing the server to process the request the moment it receives this empty line.
... subsequent lines represent specific http headers, giving the client information about the data sent (e.g.
...similarly to the block of http headers for a client request, these http headers form a block ending with an empty line.

431 Request Header Fields Too Large - HTTP
the http 431 request header fields too large response status code indicates that the server refuses to process the request because the request’s http headers are too long.
... the request may be resubmitted after reducing the size of the request headers.
... 431 can be used when the total size of request headers is too large, or when a single header field is too large.
... to help those running into this error, indicate which of the two is the problem in the response body — ideally, also include which headers are too large.

Getting started - SVG: Scalable Vector Graphics
for normal svg files, servers should send the http headers: content-type: image/svg+xml vary: accept-encoding for gzip-compressed svg files, servers should send the http headers: content-type: image/svg+xml content-encoding: gzip vary: accept-encoding you can check that your server is sending the correct http headers with your svg files by using the network monitor panel or a site such as websniffer.cc.
... submit the url of one of your svg files and look at the http response headers.
... if you find that your server is not sending the headers with the values given above, then you should contact your web host.
...if your server is not configured to send the correct headers with the svg files it serves, then firefox will most likely show the markup of the files as text or encoded garbage, or even ask the viewer to choose an application to open them.

Intercepting Page Loads - Archive of obsolete content
the channel is available to allow you to modify headers and such.
...headers are available on the channel.
... asubject.cancel(components.results.ns_binding_aborted); } } } this example shows how you can obtain the url for the request, analyze it using regular expressions, and perform actions on it such as modifying http headers, or even canceling the request.

Inner-browsing extending the browser navigation paradigm - Archive of obsolete content
webmail application the flexibility to easily access and manage all message headers in mail applications (like netscape mail or eudora) is probably one of the useful features when compared with web-based mail applications.
...you receive a new page with the next block of message headers.
...with inner browsing, a simple request to retrieve the next set of message headers that replace the currently viewed message headers can dramatically improve user experience.

Hidden prefs - Archive of obsolete content
mail composition "other header" pref ("mail.compose.other.header") the format for this a comma delimited list of mail headers, like "approved,x-no-archive" an example for your prefs.js would be: user_pref("mail.compose.other.header", "approved"); this will cause "approved" to show up in the compose window address picker, under to:, cc:, bcc:, newsgroup:, etc.
... for example: when that mail gets sent, approved: test@test.com will be in the message in the headers.
...| mail & newsgroups | addressing" "other compose header" pref from mailnews.js: // you can specify a comma delimited list of optional headers // this will show up in the address picker in the compose window // examples: "x-face" or "approved" pref("mail.compose.other.header", "approved,x-no-archive"); ...

Message Summary Database - Archive of obsolete content
message headers the message header object implements the nsimsgdbhdr interface.
... this includes a set of per-message flags, the more commonly used headers (e.g., subject, sender, from, to, cc, date, etc), and a few other attributes, e.g., keywords.
... there are a set of generic property methods so that core code and extensions can set attributes on msg headers without changing nsimsghdr.idl.msg threads we store thread information persistently in the database and expose these object through the [nsimsgthread interface.

NPN_PostURL - Archive of obsolete content
you cannot use npn_posturl to specify headers (even a blank line) in a memory buffer.
...for protocols in which the headers must be distinguished from the body, such as http, the buffer or file should contain the headers, followed by a blank line, then the body.
... if no custom headers are required, simply add a blank line ('\n') to the beginning of the file or buffer.

CORS-safelisted request header - MDN Web Docs Glossary: Definitions of Web-related terms
a cors-safelisted request header is one of the following http headers: accept, accept-language, content-language, content-type.
... when containing only these headers (and values that meet the additional requirements laid out below), a requests doesn't need to send a preflight request in the context of cors.
... you can safelist more headers using the access-control-allow-headers header and also list the above headers there to circumvent the following additional restrictions: additional restrictions cors-safelisted headers must also fulfill the following requirements in order to be a cors-safelisted request header: for accept-language and content-language: can only have values consisting of 0-9, a-z, a-z, space or *,-.;=.

Client hints - MDN Web Docs Glossary: Definitions of Web-related terms
accept-ch: dpr, width, viewport-width, downlink and / or <meta http-equiv="accept-ch" content="dpr, width, viewport-width, downlink"> when a client receives the accept-ch header, if supported, it appends client hint headers that match the advertised field-values.
... for example, based on accept-ch example above, the client could append dpr, width, viewport-width, and downlink headers to all subsequent requests.
... example varying response: vary: accept, dpr, width, viewport-width, downlink see also client hints headers vary http header ...

Entity header - MDN Web Docs Glossary: Definitions of Web-related terms
headers like content-length, content-language, content-encoding are entities headers.
... even if they are neither request, nor response headers, entity headers are often included in such terms.
... a few request headers after a get request: in the following example, content-length is an entity header, while host and user-agent are requests headers: post /myform.html http/1.1 host: developer.mozilla.org user-agent: mozilla/5.0 (macintosh; intel mac os x 10.9; rv:50.0) gecko/20100101 firefox/50.0 content-length: 128 learn more technical knowledge list of all http headers ...

Fetch metadata request header - MDN Web Docs Glossary: Definitions of Web-related terms
these header names are prefixed with sec- and thus they are forbidden header names so headers can not be modified from javascript.
... fetch metadata request headers provide the server with additional information about where the request originated from, enabling it to ignore potentially malicious requests.
... the following are fetch metadata request headers: sec-fetch-site sec-fetch-mode sec-fetch-user sec-fetch-dest ...

Forbidden header name - MDN Web Docs Glossary: Definitions of Web-related terms
modifying such headers is forbidden because the user agent retains full control over them.
... names starting with `sec-` are reserved for creating new headers safe from apis using fetch that grant developers control over headers, such as xmlhttprequest.
... forbidden header names start with proxy- or sec-, or are one of the following names: accept-charset accept-encoding access-control-request-headers access-control-request-method connection content-length cookie cookie2 date dnt expect feature-policy host keep-alive origin proxy- sec- referer te trailer transfer-encoding upgrade via note: the user-agent header is no longer forbidden, as per spec — see forbidden header name list (this was implemented in firefox 43) — it can now be set in a fetch headers object, or via xhr setrequestheader().

General header - MDN Web Docs Glossary: Definitions of Web-related terms
depending on the context they are used in, general headers are either response or request headers.
... however, they are not entity headers.
... the most common general headers are date, cache-control or connection.

Preflight request - MDN Web Docs Glossary: Definitions of Web-related terms
a cors preflight request is a cors request that checks to see if the cors protocol is understood and a server is aware using specific methods and headers.
... it is an options request, using three http request headers: access-control-request-method, access-control-request-headers, and the origin header.
... for example, a client might be asking a server if it would allow a delete request, before sending a delete request, by using a preflight request: options /resource/foo access-control-request-method: delete access-control-request-headers: origin, x-requested-with origin: https://foo.bar.org if the server allows it, then it will respond to the preflight request with an access-control-allow-methods response header, which lists delete: http/1.1 204 no content connection: keep-alive access-control-allow-origin: https://foo.bar.org access-control-allow-methods: post, get, options, delete access-control-max-age: 86400 the preflight...

Eclipse CDT Manual Setup
that object directory is needed to resolve include paths to the various headers that the build process generates/copies there.
...(see the headers are only parsed once section below to understand why this step is important for people who have their object directory outside their source tree.) getting code assistance working you're now ready to get code assistance working.
... to improve code assistance even more, see the headers are only parsed once subsection of the known issues section.

Gecko SDK
the gecko sdk, also known as the xulrunner sdk, is a set of xpidl files, headers and tools to develop xpcom components which can then in turn e.g.
... the gecko sdk contains all of the necessary tools and headers for making scriptable npapi plugins including the xpidl compiler/linker and the latest npapi.h.
... get the sdk updates there is no need to download or rebuild the gecko sdk corresponding to security updates of mozilla (e.g., mozilla 1.7.3) since the headers and glue libs in the gecko sdk are usually not changed as a result of security updates.

Creating a New Protocol
building the new protocol to build the new protocol declaration and generate headers, make in ipc/ipdl: make -c objdir/ipc/ipdl if there are any protocol-level errors, the ipdl compiler will print the relevant error messages and stop.
... to view the generated headers, look in objdir/ipc/ipdl/_ipdlheaders .
...the method signatures can be read from the generated pnewprotocolparent.h and pnewprotocolchild.h headers.

Http.jsm
httprequest supports the following parameters: name meaning headers an array of headers postdata this can be: a string: send it as is an array of parameters: encode as form values null/undefined: no post data.
... headers or post data are given as an array of arrays, for each inner array the first value is the key and the second is the value.
...in this case, the content type may be set through the headers parameter.

Creating localizable web applications
you can use one or more of the following techniques: http accept-language headers, the ua string, ip geolocation.
...for example, if not all the pages of your website are going to be localized, you may consider removing links to the english-only pages from the navigation (headers, footers, sidebars) in the localized versions.
...might be also helpful for headers and footers, if you're not using templates to display them.

Enc Dec MAC Output Public Key as CSR
*/ /* nspr headers */ #include #include #include #include #include #include #include /* nss headers */ #include #include #include #include #include #include #include #include #include #include #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define ...
...; case lab: header = lab_header; trailer = lab_trailer; break; default: pr_close(file); return secfailure; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them */ char *trail = null; if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { ...
... *trail = '\0'; } else { pr_fprintf(pr_stderr, "input has header but no trailer\n"); port_free(filedata.data); return secfailure; } } else { /* headers didn't exist */ body = nonbody; if (body) { trail = strstr(++body, trailer); if (trail != null) { pr_fprintf(pr_stderr, "input has no header but has trailer\n"); port_free(filedata.data); return secfailure; } } } cleanup: pr_close(file); atob_convertasciitoitem(item, body); return secsuccess; } /* * generate the private key */ seckeyprivatekey * generateprivatekey(keytype keytype, pk11slotinfo *slot, int size, int publ...

Enc Dec MAC Using Key Wrap CertReq PKCS10 CSR
*/ /* nspr headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* nss headers */ #include <keyhi.h> #include <pk11priv.h> /* our samples utilities */ #include "util.h" /* constants */ #define blocksize 32 #define modblocksize 128 #define default_key_bits 1024 /* header fi...
... header = ns_sig_header; trailer = ns_sig_trailer; break; default: rv = secfailure; goto cleanup; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0...
...'; } else { pr_fprintf(pr_stderr, "input has header but no trailer\n"); port_free(filedata.data); rv = secfailure; goto cleanup; } } else { /* headers didn't exist */ char *trail = null; body = nonbody; if (body) { trail = strstr(++body, trailer); if (trail != null) { pr_fprintf(pr_stderr, "input has no header but has trailer\n"); port_free(filedata.data); rv = secfailure; goto cleanup; } } } hextobuf(body, item, ishexdata); cleanup: if (file) { pr_close(file); } return rv; } /* * generate the private key */ seckeyprivatekey * ...

NSS Sample Code Sample_3_Basic Encryption and MACing
sample code 3 /* nspr headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* nss headers */ #include <keyhi.h> #include <pk11priv.h> /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header "-----begin aeskey ckaid-----" #define enckey_trailer "-----end aeskey ckaid-----" #def...
...*/ /* nspr headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* * gather a cka_id */ secstatus gathercka_id(pk11symkey* key, secitem* buf) { secstatus rv = pk11_readrawattribute(pk11_typesymkey, key, cka_id, buf); if (rv != secsuccess) { pr_fprintf(pr_stderr, "pk11_readrawattribute returned (%...
... strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; ...

sample2
*/ /* nspr headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* nss headers */ #include <cryptohi.h> #include <keyhi.h> #include <pk11priv.h> #include <cert.h> #include <base64.h> #include <secerr.h> #include <secport.h> #include <secoid.h> #include <secmodt.h> #include <secoidt.h> #include <sechash.h> /* our samples utilities */ #include "util.h" /* constants */ #define blocksize 32 #define modblocksize 128 #define default_key_bits 1024 /* header file constants */ #define enckey_hea...
..._trailer; break; case certvfy: header = ns_cert_vfy_header; trailer = ns_cert_vfy_trailer; break; case sig: header = ns_sig_header; trailer = ns_sig_trailer; break; default: rv = secfailure; goto cleanup; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; } else { pr_fprintf(pr_stderr, "input has header but no trailer\n"); port_free(filedata.data); ...
...rv = secfailure; goto cleanup; } } else { /* headers didn't exist */ char *trail = null; body = nonbody; if (body) { trail = strstr(++body, trailer); if (trail != null) { pr_fprintf(pr_stderr, "input has no header but has trailer\n"); port_free(filedata.data); rv = secfailure; goto cleanup; } } } hextobuf(body, item, ishexdata); cleanup: if (file) { pr_close(file); } return rv; } /* * generate the private key */ seckeyprivatekey * generateprivatekey(keytype keytype, pk11slotinfo *slot, int size, int publicexponent, const char *noise, seckeypublickey **pubkeyp, const char *pqgfile, secupwdata *pwdata) { ck_mechanism_type mechanism; secoidtag algtag; pk11rsagenparams rsaparams; void *params; seckeyprivatekey *privkey = null; secstatus rv; unsigned char randbuf[blocksize + 1]; rv = generaterandom(ra...

SpiderMonkey Build Documentation
try configuring like so: cc=clang cxx=clang++ ../configure it is also possible that baldrdash may fail to compile with /usr/local/cellar/llvm/7.0.1/lib/clang/7.0.1/include/inttypes.h:30:15: fatal error: 'inttypes.h' file not found /usr/local/cellar/llvm/7.0.1/lib/clang/7.0.1/include/inttypes.h:30:15: fatal error: 'inttypes.h' file not found, err: true this is because, starting from mohave, headers are no longer installed in /usr/include.
... refer the release notes under command line tools -> new features the release notes also states that this compatibility package will no longer be provided in the near future, so the build system on macos will have to be adapted to look for headers in the sdk until then, the following should help, open /library/developer/commandlinetools/packages/macos_sdk_headers_for_macos_10.14.pk this builds an executable named js in the directory build-release/dist/bin.
...you cannot use headers built for one version/configuration of jsapi to create object files which will be linked against another.

Finishing the Component
grab the right headers, use the component or service manager to access the interface you want, and the xpcom object(s) that implement that interface will do your bidding.
...copy the headers and idl files that you need from the content/base/public source directory of the gecko build into this new directory.
... (for weblock, all you need are the headers for nsicontentpolicy and the nsicontentpolicy.idl.) then, using the same steps you used to create the weblock.h, create a header from this idl file using the xpidl compiler.

Setting up the Gecko SDK
downloading and setting the sdk the gecko sdk provides all of the tools, headers, and libraries that you need to build xpcom components.
...for example, the headers for networking are all located in the necko directory, and the headers that xpcom requires are in the xpcom directory.
... application name description of functionality regxpcom.exe registers or unregisters components with xpcom xpidl.exe generates typelib and c++ headers from xpidl xpt_dump.exe prints out information about a given typelib xpt_link.exe combines multiple typelibs into a single typelib library name description of functionality xpcomglue.lib xpcom glue library to be used by xpcom components.

nsIDocShell
pal, in domstring documenturi, in boolean create); nsidomstorage getsessionstorageforuri(in nsiuri uri, in domstring documenturi); void historypurged(in long numentries); void internalload(in nsiuri auri, in nsiuri areferrer, in nsisupports aowner, in pruint32 aflags, in wstring awindowtarget, in string atypehint, in nsiinputstream apostdatastream, in nsiinputstream aheadersstream, in unsigned long aloadflags, in nsishentry ashentry, in boolean firstparty, out nsidocshell adocshell, out nsirequest arequest); native code only!
...void internalload( in nsiuri auri, in nsiuri areferrer, in nsisupports aowner, in pruint32 aflags, in wstring awindowtarget, in string atypehint, in nsiinputstream apostdatastream, in nsiinputstream aheadersstream, in unsigned long aloadflags, in nsishentry ashentry, in boolean firstparty, out nsidocshell adocshell, out nsirequest arequest ); parameters auri the uri to load.
... apostdatastream post data stream (if posting) aheadersstream stream containing "extra" request headers.

nsIMsgDBView
method overview void open(in nsimsgfolder folder, in nsmsgviewsorttypevalue sorttype, in nsmsgviewsortordervalue sortorder, in nsmsgviewflagstypevalue viewflags, out long count); void openwithhdrs(in nsisimpleenumerator aheaders, in nsmsgviewsorttypevalue asorttype, in nsmsgviewsortordervalue asortorder, in nsmsgviewflagstypevalue aviewflags, out long acount); void close(); void init(in nsimessenger amessengerinstance, in nsimsgwindow amsgwindow, in nsimsgdbviewcommandupdater acommandupdater); void sort(in nsmsgviewsorttypevalue sorttype, in nsmsgviewsortordervalue sortorder); void doc...
... openwithhdrs() opens the view with a set of specified headers.
... void openwithhdrs(in nsisimpleenumerator aheaders, in nsmsgviewsorttypevalue asorttype, in nsmsgviewsortordervalue asortorder, in nsmsgviewflagstypevalue aviewflags, out long acount); parameters aheaders a list of headers to open, arranged in an nsisimpleenumerator.

nsIMsgMessageService
iurllistener aurllistener, out nsiuri aurl); void search(in nsimsgsearchsession asearchsession, in nsimsgwindow amsgwindow, in nsimsgfolder amsgfolder, in string asearchuri); nsiuri streammessage(in string amessageuri, in nsisupports aconsumer, in nsimsgwindow amsgwindow, in nsiurllistener aurllistener, in boolean aconvertdata, in string aadditionalheader); nsiuri streamheaders(in string amessageuri, in nsistreamlistener aconsumer, in nsiurllistener aurllistener [optional] in boolean alocalonly); boolean ismsginmemcache(in nsiuri aurl, in nsimsgfolder afolder, out nsicacheentrydescriptor acacheentry); nsimsgdbhdr messageuritomsghdr(in string uri); methods copymessage() pass in the uri for the message you want to have copied.
...nput.queryinterface(components.interfaces.nsiscriptableinputstream); scriptinputstream.init(consumer); try { msgservice.streammessage(messageuri, msgstream, msgwindow, null, false, null); } catch (ex) { alert("error: "+ex) } scriptinputstream .available(); while (scriptinputstream .available()) { content = content + scriptinputstream .read(512); } alert(content streamheaders() this method streams a message's headers to the passed in consumer.
... nsiuri streammessage(in string amessageuri, in nsistreamlistener aconsumer, in nsiurllistener aurllistener, in boolean alocalonly); parameters amessageuri uri of message to stream aconsumer nsistreamlistener generally, a stream listener listening to the message headers.

nsIUploadChannel2
1.0 66 introduced gecko 1.9.2 inherits from: nsisupports last changed in gecko 1.9.2 (firefox 3.6 / thunderbird 3.1 / fennec 1.0) method overview void explicitsetuploadstream(in nsiinputstream astream, in acstring acontenttype, in long long acontentlength, in acstring amethod, in boolean astreamhasheaders); methods explicitsetuploadstream() sets a stream to be uploaded by this channel with the specified content-type and content-length header values.
... void explicitsetuploadstream( in nsiinputstream astream, in acstring acontenttype, in long long acontentlength, in acstring amethod, in boolean astreamhasheaders ); parameters astream the stream to be uploaded by this channel.
...astreamhasheaders true if the stream already contains headers for the http request.

nsIWebBrowserPersist
n nsichannel achannel, in nsisupports afile); void savedocument(in nsidomdocument adocument, in nsisupports afile, in nsisupports adatapath, in string aoutputcontenttype, in unsigned long aencodingflags, in unsigned long awrapcolumn); void saveuri(in nsiuri auri, in nsisupports acachekey, in nsiuri areferrer, in long areferrerpolicy, in nsiinputstream apostdata, in string aextraheaders, in nsisupports afile, in nsiloadcontext aprivacycontext); void saveprivacyawareuri(in nsiuri auri, in nsisupports acachekey, in nsiuri areferrer, in long areferrerpolicy, in nsiinputstream apostdata, in string aextraheaders, in nsisupports afile, in boolean aisprivate); attributes attribute type description currentstate unsigned long current state o...
... void saveuri( in nsiuri auri, in nsisupports acachekey, in nsiuri areferrer, in long areferrerpolicy, in nsiinputstream apostdata, in string aextraheaders, in nsisupports afile, in nsiloadcontext aprivacycontext ); parameters auri uri to save to file.
... aextraheaders additional headers to supply with an http request or nsnull.

pyxpidl
the pyxpidl tool suite has been built to replace the older xpidl tool which, in the past, was used to turn xpidl files into c++ headers and xpcom typelibs (xpt files).
...unlike xpidl, which combined all the functions into a single utility, pyxpidl is comprised of two utilities: header.py, which generates c++ headers from idl, and typelib.py, which generates xpt files.
... generating c++ headers to generate c++ headers, use the header.py utility: sdkdir/sdk/bin/header.py --cachedir=<path> -o <outputfilename.h> <filename.idl> generating typelibs generating typelib files is done using the typelib.py utility: sdkdir/sdk/bin/typelib.py --cachedir=<path> -o <outputfilename.xpt> <filename.idl> comparing pyxpidl to xpidl this table provides a mapping of old xpidl options to pyxpidl.

Main Windows
two are stacked showing either a brief or expanded view of the headers.
...menus, toolbar buttons, and headers are all taken from exactly the same overlays listed above though.
...two are stacked showing either a brief or expanded view of the headers.

WebIDL bindings
there are various helper objects and utility methods in dom/bindings that are also all in the mozilla::dom namespace and whose headers are all exported into mozilla/dom (placed in $objdir/dist/include by the build process).
... if you do use it, you will need to make sure your header includes all the headers needed for your func annotations.
... binding code will include the headers necessary for a [func], unless the interface is using a non-deafault heder file.

Console messages - Firefox Developer Tools
the x-content-security-policy and x-content-security-report-only headers will be deprecated in the future.
... please use the content-security-policy and content-security-report-only headers with csp spec compliant syntax instead.
... the web console decodes these headers and displays them.

Request.mode - Web APIs
no-cors — prevents the method from being anything other than head, get or post, and the headers from being anything other than simple headers.
... if any serviceworkers intercept these requests, they may not add or override any headers except for those that are simple headers.
...only a limited set of headers are exposed in the response, but the body is readable.

XMLHttpRequest - Web APIs
xmlhttprequest.withcredentials is a boolean that indicates whether or not cross-site access-control requests should be made using credentials such as cookies or authorization headers.
...if true, the request will be sent without cookie and authentication headers.
... xmlhttprequest.getallresponseheaders() returns all the response headers, separated by crlf, as a string, or null if no response has been received.

ARIA Test Cases - Accessibility
basic grid -- single select grid in an application -- single select illinois grid example -- multi select expected at behavior: screen reader should read column and row headers as the grid is traversed with arrow keys (in forms mode).
...for example, while in the grid in forms mode, the user should be able to configure the screen reader to read row headers only.
...verse a list of landmarks or next/prev landmark keys screen readers should support nested landmarks, and multiple landmarks of the same time screen readers should announce the number of landmarks at page load, if they exist on the page screen readers should announce landmarks as users navigate into them (test in all screen reader modes) 8 (jg) are their any landmark role equivalents with html headers like role=main~h1??

<table>: The Table element - HTML: Hypertext Markup Language
mdn tables for visually impaired users tables with two headers • tables • w3c wai web accessibility tutorials tables with irregular headers • tables • w3c wai web accessibility tutorials h63: using the scope attribute to associate header cells and data cells in data tables | w3c techniques for wcag 2.0 complicated tables assistive technology such as screen readers may have difficulty parsing tables that are so complex that header cells can’t b...
... if the table cannot be broken apart, use a combination of the id and headers attributes to programmatically associate each table cell with the header(s) the cell is associated with.
... mdn tables for visually impaired users tables with multi-level headers • tables • w3c wai web accessibility tutorials h43: using id and headers attributes to associate data cells with header cells in data tables | techniques for w3c wcag 2.0 specifications specification status comment html living standardthe definition of 'table element' in that specification.

<tr>: The Table Row element - HTML: Hypertext Markup Language
note the use of rowspan on to make the "name", "id", and "balance" headers occupy two rows instead of just one, and the use of colspan to make the "membership dates" header cell span across two columns.
...note the use of rowspan on to make the "name", "id", and "balance" headers occupy two rows instead of just one, and the use of colspan to make the "membership dates" header cell span across two columns.
... the "joined" and "canceled" headers let's style these two header cells with green and red hues to represent the "good" of a new member and the "bummer" of a canceled membership.

Using the application cache - HTML: Hypertext Markup Language
section header section headers specify which section of the cache manifest is being manipulated.
... there are three possible section headers: section header description cache: switches to the explicit section of the cache manifest (this is the default section).
... it's a good idea to set expires headers on your web server for *.appcache files to expire immediately.

HTTP caching - HTTP
here is an example of this process with a shared cache proxy: the freshness lifetime is calculated based on several headers.
...the latter response can also include headers that update the expiration time of the cached document.
... varying responses the vary http response header determines how to match future request headers to decide whether a cached response can be used rather than requesting a fresh one from the origin server.

Using HTTP cookies - HTTP
creating cookies after receiving an http request, a server can send one or more set-cookie headers with the response.
... the set-cookie and cookie headers the set-cookie http response header sends cookies from the server to the user agent.
... a simple cookie is set like this: set-cookie: <cookie-name>=<cookie-value> this shows the server sending headers to tell the client to store a pair of cookies: http/2.0 200 ok content-type: text/html set-cookie: yummy_cookie=choco set-cookie: tasty_cookie=strawberry [page content] then, with every subsequent request to the server, the browser sends back all previously stored cookies to the server using the cookie header.

DPR - HTTP
the dpr header is a client hints headers which represents the client device pixel ratio (dpr), which is the the number of physical device pixels corresponding to every css pixel.
...server has to opt in to receive dpr header from the client by sending accept-ch and accept-ch-lifetime response headers.
... syntax dpr: <number> examples server first needs to opt in to receive dpr header by sending the response headers accept-ch containing dpr and accept-ch-lifetime.

HTTP Public Key Pinning (HPKP) - HTTP
this requires mod_headers enabled.
...this requires the ngx_http_headers_module.
... <httpprotocol> <customheaders> <add name="public-key-pins" value="pin-sha256=&quot;base64+primary==&quot;; pin-sha256=&quot;base64+backup==&quot;; max-age=5184000; includesubdomains" /> </customheaders> </httpprotocol> ...

Creating custom Firefox extensions with the Mozilla build system - Archive of obsolete content
otherwise you will have to link statically to your module if you use these public headers in other modules.
...xpidlsrcs are run through the idl processor, and the generated c++ headers are copied into the same include directory.

Migrating from Internal Linkage to Frozen Linkage - Archive of obsolete content
f promiseflatstring: nsstring firststring = somestring; nsstring secondstring = someotherstring; - nsstring combostring = firststring + secondstring; + nsstring combostring = firststring;+ combostring += secondstring; // or: combostring.append(secondstring); - nsresult rv = somefunc(promiseflatstring(combostring)); + nsresult rv = somefunc(combostring); removing the nsreadableutils.h from the headers list also means that we would not have access to appendutf16toutf8 kind of functions.
...instead of passing getter_copies(astring) to a method expecting a character pointer out parameter, you will need to use a temporary variable and copy the result.missing headers some headers are included from idl files only when mozilla_internal_api is defined (actually, they shouldn't be there at all).

Promises - Archive of obsolete content
"post" : "get"; if (options.mimetype) xhr.overridemimetype(params.options); xhr.open(options.method || defaultmethod, url); if (options.responsetype) xhr.responsetype = options.responsetype; for (let header of object.keys(options.headers || {})) xhr.setrequestheader(header, options.headers[header]); let data = options.data; if (data && object.getprototypeof(data).constructor.name == "object") { options.data = new formdata; for (let key of object.keys(data)) options.data.append(key, data[key]); } xhr.send(options.data); }); } example usage: ...
... task.spawn(function* () { let request = yield request("http://example.com/", { method: "put", mimetype: "application/json", headers: { "x-species": "hobbit" }, data: { foo: new file(path), thing: "stuff" }, responsetype: "json" }); console.log(request.response["json-key"]); }); ...

Compiling The npruntime Sample Plugin in Visual Studio - Archive of obsolete content
add the npapi sdk include path (example : c:\npapi-sdk\headers) to project properties|(all configurations)|c++|general|additional include directories.
... add the following preprocessor definitions to project properties|(all configurations)|c++|preprocessor|preprocessor definitions: win32;_windows;xp_win32;xp_win;_x86_;npsimple_exports disable precompiled headers using project properties|(all configurations)|c++|precompiled headers|create/use precompiled header.

Installing Dehydra - Archive of obsolete content
mkdir gcc-objdir mkdir gcc-dist cd gcc-objdir ../gcc-4.5.3/configure --disable-bootstrap --enable-languages=c,c++ --prefix=$pwd/../gcc-dist make make install building dehydra and treehydra building dehydra requires spidermonkey development headers from the previous step.
...(obsolete dehydra releases can be found on the mozilla ftp site.) hg clone http://hg.mozilla.org/rewriting-and-analysis/dehydra/ cd dehydra export cxx=/usr/bin/g++ ./configure \ --js-headers=$home/obj-js/dist/include \ --js-libs=$home/obj-js make # run dehydra and treehydra tests make check usage dehydra checking can be performed directly within the mozilla build.

Migrate apps from Internet Explorer to Mozilla - Archive of obsolete content
string getallresponseheaders() returns all response headers as one string.
... 2 loaded - send() has been called, headers and status are available.

New Security Model for Web Services - Archive of obsolete content
for example: <wsa:allow type="soapv" from="http://www.mozilla.org"/> this command allows soap requests with verification headers from scripts loaded from the domain www.mozilla.org.
... <wsa:allow type="soapv" from="http://*.mozilla.org"/> this command allows soap requests with verification headers from scripts loaded from the domain with host name containing mozilla.org.

New Skin Notes - Archive of obsolete content
--dria headers need a little padding.
...--dria headers which are also links that point to as-yet-unwritten wiki pages are colored as though they actually do exist.

Using XPInstall to Install Plugins - Archive of obsolete content
when serving xpi packages from servers to clients, make sure that xpi packages are served with this mime type in the http headers.
...when serving xpi packages from servers to clients, make sure that xpi packages are served with this mime type in the http headers.

Sorting Results - Archive of obsolete content
the user can change the sort column and direction by clicking the column headers, however, you can programmatically change the sort as well.
...the tree will change both attributes as necessary automatically when the column headers are clicked or the tree is sorted by other means.

Trees - Archive of obsolete content
both can be used to create tables of data with multiple rows and columns, and both may contain column headers.
... in this case we haven't specified a view to supply the tree's data, so we'll only see column headers and an empty tree body.

XUL accessibility guidelines - Archive of obsolete content
the column picker and column headers in xul trees are not keyboard accessible, consistent with the standard tree behavior on most contemporary operating systems.
...because column headers and the column picker, in the upper right hand corner of the tree, can not receive focus, they are not operable with a keyboard.

Accessibility/XUL Accessibility Reference - Archive of obsolete content
erow> <treecell label="<!--aramis-->" /> </treerow> </treeitem> <treeitem> <treerow> <treecell label="<!--fergus-->" /> </treerow> </treeitem> </treechildren> </treeitem> </treechildren> </tree> there is no keyboard access to the column picker (the widget visually to the right of the column headers) or the column headers themselves (for sorting by column).
... jaws 7.10 can not read the column headers.

tree - Archive of obsolete content
enablecolumndrag type: boolean when set to true, the user may drag the column headers around to change the order in which they are displayed.
... enablecolumndrag type: boolean when set to true, the user may drag the column headers around to change the order in which they are displayed.

CORS-safelisted response header - MDN Web Docs Glossary: Definitions of Web-related terms
a cors-safelisted response header is an http header which has been safelisted so that it will not be filtered when responses are processed by cors, since they're considered safe (as the headers listed in access-control-expose-headers).
... by default, the safelist includes the following response headers: cache-control content-language content-type expires last-modified pragma examples extending the safelist you can extend the list of cors-safelisted response headers by using the access-control-expose-headers header: access-control-expose-headers: x-custom-header, content-length ...

Guard - MDN Web Docs Glossary: Definitions of Web-related terms
guard is a feature of headers objects (as defined in the fetch spec, which affects whether methods such as set() and append() can change the header's contents.
... for example, immutable guard means that headers can't be changed.

Quality values - MDN Web Docs Glossary: Definitions of Web-related terms
it is a special syntax allowed in some http headers and in html.
... more information http headers using q-values in their syntax: accept, accept-charset, accept-language, accept-encoding, te.

Sending form data - Learn web development
we'll discuss these headers later on.
... select "network" select "all" select "foo.com" in the "name" tab select "headers" you can then get the form data, as shown in the image below.

Index - Learn web development
228 html table advanced features and accessibility accessibility, advanced, article, beginner, codingscripting, html, headers, learn, caption, nesting, scope, sumary, table, tbody, tfoot, thead there are a few other things you could learn about table html, but we have really given all you need to know at this moment in time.
... 323 sending form data beginner, codingscripting, files, forms, guide, html, http, headers, security, web as we'd alluded to above, sending form data is easy, but securing an application can be tricky.

Website security - Learn web development
as a defense, your site can prevent itself from being embedded in an iframe in another site by setting the appropriate http headers.
...this includes, but is not limited to data in url parameters of get requests, post requests, http headers and cookies, and user-uploaded files.

Mozilla’s UAAG evaluation report
html: scope attribute (table): available through dom html: headers attribute (table): available through dom html: axis attribute (table): available through dom html: tabindex attribute: yes, can be used to order sequential navigation html: accesskey attribute: supported with alt-{key}, menu key conflict favor the accesskey?
...(p1) ni we don't make use of scope, headers, axis, or any other table accessibility features we have nothing under properties, or anywhere else, to orient users reading a table 10.2 highlight selection and content focus.

HTTP logging
logging only http request and response headers there are two ways to do this: replace moz_log=nshttp:5 with moz_log=nshttp:3 in the commands above.
... there's a handy extension for firefox called http header live that you can use to capture just the http request and response headers.

Makefile - targets
compile firefox, thunderbird, etc check standalone shell unit test invoked directly by make configure launch the configure program to define headers and and attributes for the target build machine.
... export generate and install exported headers: exports makefiles target used to only regenerate makefiles package generate a package tarball clean targets clean remove object files, binaries and generated content clobber alias for clean distclean clean + configure cleanup ...

How Mozilla's build system works
this naming, however, can be misleading because all three sub-tiers are part of the build: export is used to do things like copy headers into place.
... makefile examples standard makefile header installing headers using exports compiling interfaces using xpidlsrcs installing a javascript component building a component dll building a static library building a dynamic library makefiles - best practices and suggestions makefile - targets makefile - variables, values makefile - *.mk files & user config building libraries there are three main types of libraries that are built in mozilla: componen...

IPDL Tutorial
the ipdl compiler generates several c++ headers from each ipdl protocol.
... generated c++ code when pplugin.ipdl is compiled, the headers ppluginparent.h, and ppluginchild.h will be generated in the ipc/ipdl/_ipdlheaders/ directory of the build tree.

Mozilla Web Developer FAQ
you can see the http headers sent by the server by using the livehttpheaders extension or by using the web sniffer.
...the fonts have to be served from the same origin (protocol, host, port) as the content that uses them unless the fonts are served with the appropriate cross-origin resource sharing http headers.

Encrypt Decrypt MAC Keys As Session Objects
*/ /* nspr headers */ #include #include #include #include #include #include #include /* nss headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header ...
... strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; ...

Encrypt and decrypt MAC using token
*/ /* nspr headers */ #include #include #include #include #include #include #include /* nss headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header ...
... strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; ...

Index
/* nspr headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> #include <prprf.h> /* nss headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5"...
... -h num generate email headers with info about cms message (decode only).

Encrypt Decrypt_MAC_Using Token
*/ /* nspr headers */ #include #include #include #include #include #include #include /* nss headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header ...
... strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them.

EncDecMAC using token object - sample 3
*/ /* nspr headers */ #include #include #include #include #include #include #include /* nss headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header "-----begin aesk...
...eader, iv_header); strcpy(trailer, iv_trailer); break; case mac: strcpy(header, mac_header); strcpy(trailer, mac_trailer); break; case pad: strcpy(header, pad_header); strcpy(trailer, pad_trailer); break; } rv = filetoitem(&filedata, file); nonbody = (char *)filedata.data; if (!nonbody) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them */ if ((body = strstr(nonbody, header)) != null) { char *trail = null; nonbody = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(nonbody, '\r'); /* maybe this is a mac file */ if (body) trail = strstr(++body, trailer); if (trail != null) { *trail = '\0'; } else { pr_fprintf(pr_stderr, "input has header but no trailer\n"); port_free(filedata.data); ...

Installation guide
our makefiles also have an "install" target, but it has a different meaning: our "install" means installing the headers, libraries, and programs in the appropriate directories under mozilla/dist.
... so right now you need to manually install the headers, libraries, and programs in the directories you want.

NSS_3.12.3_release_notes.html
s ec private key as an orphan bug 453234: support for seed cipher suites to tls rfc4010 bug 453364: improve pk11_cipherop error reporting (was: pk11_createcontextbysymkey returns null bug 456406: slot list leaks in symkeyutil bug 461085: rfe: export function cert_comparecerts bug 462293: crash on fork after softoken is dlclose'd on some unix platforms in nss 3.12 bug 463342: move some headers to freebl/softoken bug 463452: sql db creation does not set files protections to 0600 bug 463678: need to add rpath to 64-bit libraries on hp-ux bug 464088: option to build nss without dbm (handy for wince) bug 464223: certutil didn't accept certificate request to sign.
... bug 484425: need accessor function to retrieve symkey handle bug 484466: sec_error_invalid_args with nss_enable_pkix_verify=1 bug 485127: bltest crashes when attempting rc5_cbc or rc5_ecb bug 485140: wrong command line flags used to build intel-aes.s with solaris gas for x86_64 bug 485370: crash bug 485713: files added by red hat recently have missing texts in license headers.

Necko walkthrough
but the interface for clients of necko is important to consider: send request uri helps creates channel setup channel (headers, request data, response callback...) channel->asyncopen.
...channel checks if we're proxying or not fires off the dns prefetch request (dispatched to dns thread pool) some other things nshttpchannel::connect might to a speculativeconnect (pre open tcp socket) nshttpchannel::continueconnect some cache stuff nshttpchannel::setuptransaction creates new nshttptransaction, and inits it with mrequesthead (the request headers) and muploadstream (which was created from the request data in channel setup) gets an nsiasyncinputstream (for the response; corresponds to the nspipeinputstream for the response stream pipe) passes it to nsinputstreampump nshttpchannel::ghttphandler->initiatetransaction (called from connect) this is the global nshttphandler object, which adds the transaction to the nshttpconnec...

Parser API
all binding forms (such as function parameters, variable declarations, and catch block headers) accept array and object destructuring patterns in addition to plain identifiers.
...in binding positions (such as function parameters, variable declarations, and catch headers), patterns can only be identifiers in the base case, not arbitrary expressions.

XPCOM glue
compiling or linking against xpcom headers there are three ways to compile/link against xpcom headers/libraries: frozen linkage: dependent glue (dependent on xpcom.dll) xpcom modules, i.e.
... sample compiler/linker flags code compiled using xpcom headers should always #include "xpcom-config.h" from the sdk, to ensure that xpcom #defines are correct.

Creating the Component Code
for example, mozilla_strict_api is a variable that shields you from certain private, non-xpcom headers.
... for example, including nsicomponentmanager.idl without mozilla_strict_api defined will include the following headers, which are not supported across versions (unfrozen): nscomponentmanagerutils.h nscomponentmanagerobsolete.h these variables are picked up by files that do not specify themselves as mozilla_strict_api.

Mozilla internal string guide
the headers and implementation are in the xpcom/string directory.
...used for http headers and for size-optimized storage in text node and spidermonkey strings.

IAccessibleTable
columnheader() returns the column headers as an iaccessibletable object.
...rowheader() returns the row headers as an iaccessibletable object.

IAccessibleTableCell
columnheadercells() returns the column headers as an array of cell accessibles.
...rowheadercells() returns the row headers as an array of cell accessibles.

nsIAccessibleRole
role_table 24 represents a table that contains rows and columns of cells, and optionally, row headers and column headers.
...it is used for xul tree column headers, html:th, role="colheader".

nsIMimeConverter
the nsimimeconverter service allows you to convert headers into and out of mime format.
... structured whether or not this string may contain <> blocks which should not be encoded (e.g., the from and to headers).

nsIMsgDBHdr
the nsimsgdbhdr interface describes headers for mail messages.
... headers are backed by the database: a call to these functions directly modifies the state of the database, although it is not saved until the database is committed.

nsIMsgFilterList
defined in comm-central/ mailnews/ base/ search/ public/ nsimsgfilterlist.idl attributes folder attribute nsimsgfolder nsimsgfilterlist::folder version readonly attribute short nsimsgfilterlist::version arbitraryheaders readonly attribute acstring nsimsgfilterlist::arbitraryheaders shoulddownloadallheaders readonly attribute boolean nsimsgfilterlist::shoulddownloadallheaders filtercount readonly attribute unsigned long nsimsgfilterlist::filtercount loggingenabled attribute boolean nsimsgfilterlist::loggingenabled defaultfile attribute nsilocalfile nsimsgfilterlist::defaultfile logstream attribute nsioutputstream nsimsgfilterlist::logstream logurl readonly attribute acstring nsimsgfilterlist::logurl methods getfilterat() nsimsgfilter nsimsgfilterlist::getfilterat (in unsigned lo...
...terlist::parsecondition ( in nsimsgfilter afilter, in string condition ) savetodefaultfile() void nsimsgfilterlist::savetodefaultfile ( ) applyfilterstohdr() void nsimsgfilterlist::applyfilterstohdr ( in nsmsgfiltertypetype filtertype, in nsimsgdbhdr msghdr, in nsimsgfolder folder, in nsimsgdatabase db, in string headers, in unsigned long headersize, in nsimsgfilterhitnotify listener, in nsimsgwindow msgwindow, in nsilocalfile amessagefile ) writeinattr() void nsimsgfilterlist::writeintattr ( in nsmsgfilterfileattribvalue attrib, in long value, in nsioutputstream stream ) writestrattr() void nsimsgf...

nsIMsgFolder
manyheaderstodownload boolean readonly: used to determine if it will take a long time to download all the headers in this folder - so that we can do folder notifications synchronously instead of asynchronously.
... methods startfolderloading() void startfolderloading(); endfolderloading() void endfolderloading(); updatefolder() get new headers for the database.

nsIMsgHeaderParser
usernames); astring makefulladdress(in astring aname, in astring aaddress); string makefulladdressstring(in string aname, in string aaddress); wstring makefulladdresswstring(in wstring name, in wstring addr); obsolete since gecko 1.9 void parseheaderaddresses(in string line, out string names, out string addresses, out pruint32 numaddresses); void parseheaderswitharray(in wstring aline, [array, size_is(count)] out wstring aemailaddresses, [array, size_is(count)] out wstring anames, [array, size_is(count)] out wstring afullnames, [retval] out unsigned long count); void reformatheaderaddresses(in string line, out string reformattedaddress); wstring reformatunquotedaddresses(in wstring line); void removeduplicateaddresses(in str...
... exceptions thrown missing exception missing description parseheaderswitharray() void parseheaderswitharray( in wstring aline, [array, size_is(count)] out wstring aemailaddresses, [array, size_is(count)] out wstring anames, [array, size_is(count)] out wstring afullnames, [retval] out unsigned long count ); parameters aline the header line to parse.

nsIUploadChannel
history here is that we need to support both streams that already have headers (for example, content-type and content-length) information prepended to the stream (by plugins) as well as clients (composer, uploading application) that want to upload data streams without any knowledge of protocol specifications.
...acontenttype if acontenttype is empty, the protocol will assume that no content headers are to be added to the uploaded stream and that any required headers are already encoded in the stream.

XPCOM
unless otherwise noted you register for the topics using the nsiobserverservice.setting http request headershttp is one of the core technologies behind the web.
... in addition to the actual content, some important information is passed with http headers for both http requests and responses.storagestorage is a sqlite database api.

MailNews Filters
for imap, we tend to initiate the urls synchronously, but because we don't run two urls simultaneously on the same folder, the urls don't run until we've finished downloading headers.
... after the fact filters these are one or more filters run on one or more folders *after* the headers have been downloaded.

Message Interfaces
nsimsghdr nsimsghdr - this interface describes headers for all mail messages.
...nsimsgdbhdr nsimsgdbhdr - this interface describes headers for mail messages.

Migrating from Firebug - Firefox Developer Tools
they contain a headers, params, response and cookies panel.
...in the network monitor the address is shown at remote address in the headers tab when a request is selected.

Tips - Firefox Developer Tools
when a request is selected click "edit and resend" to modify its headers and send it again.
... storage inspector right-click the column headers to open a menu allowing to toggle the display of the columns.

Fetch API - Web APIs
set-cookie headers from other sites are silently ignored.
... headers represents response/request headers, allowing you to query them and take different actions depending on the results.

ProgressEvent() - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not headers and other overhead.
...when downloading a resource using http, this only represent the content itself, not headers and other overhead.

ProgressEvent.initProgressEvent() - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not headers and other overhead.
...when downloading a resource using http, this only represent the content itself, not headers and other overhead.

ProgressEvent - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not headers and other overhead.
...when downloading a resource using http, this only represent the content itself, not headers and other overhead.

RTCIceCandidatePairStats.bytesReceived - Web APIs
the rtcicecandidatepairstats property bytesreceived indicates the total number of payload bytes—that is, bytes which aren't overhead such as headers or padding—that hve been received to date on the connection described by the candidate pair.
...only data bytes are counted; overhead such as padding, headers, and the like are not included in this count.

RTCIceCandidatePairStats.bytesSent - Web APIs
the rtcicecandidatepairstats property bytessent indicates the total number of payload bytes—that is, bytes which aren't overhead such as headers or padding—that hve been sent so far on the connection described by the candidate pair.
...only data bytes are counted; overhead such as padding, headers, and the like are not included in this count.

RTCIceCandidatePairStats - Web APIs
bytesreceieved optional the total number of payload bytes received (that is, the total number of bytes received minus any headers, padding, or other administrative overhead) on this candidate pair so far.
... bytessent optional the total number of payload bytes sent (that is, the total number of bytes sent minus any headers, padding, or other administrative overhead) so far on this candidate pair.

ReadableStream.cancel() - Web APIs
var searchterm = "service workers"; // chars to show either side of the result in the match var contextbefore = 30; var contextafter = 30; var caseinsensitive = true; var url = 'https://html.spec.whatwg.org/'; console.log(`searching '${url}' for '${searchterm}'`); fetch(url).then(response => { console.log('received headers'); var decoder = new textdecoder(); var reader = response.body.getreader(); var tomatch = caseinsensitive ?
...does the response lack cors headers?"); throw err; }); specifications specification status comment streamsthe definition of 'cancel()' in that specification.

Request.cache - Web APIs
fetch("some.json", {cache: "reload"}) .then(function(response) { /* consume the response */ }); // download a resource with cache busting when dealing with a // properly configured server that will send the correct etag // and date headers and properly handle if-modified-since and // if-none-match request headers, therefore we can rely on the // validation to guarantee a fresh response.
... ({status: 504}) : // workaround for chrome; which simply fails with a typeerror promise.reject(e)) .then(res => { if (res.status === 504) { controller.abort() controller = new abortcontroller(); return fetch("some.json", {cache: "force-cache", mode: "same-origin", signal: controller.signal}) } const date = res.headers.get("date"), dt = date ?

Response - Web APIs
properties response.headers read only the headers object associated with the response.
... response.trailers a promise resolving to a headers object, associated with the response with response.headers for values of the http trailer header.

Using XMLHttpRequest - Web APIs
get last modified date function getheadertime () { console.log(this.getresponseheader("last-modified")); /* a valid gmtstring date or null */ } var oreq = new xmlhttprequest(); oreq.open("head" /* use head if you only need the headers!
...h)); var nlastmodif = date.parse(this.getresponseheader("last-modified")); if (isnan(nlastvisit) || nlastmodif > nlastvisit) { window.localstorage.setitem('lm_' + this.filepath, date.now()); isfinite(nlastvisit) && this.callback(nlastmodif, nlastvisit); } } function ifhaschanged(surl, fcallback) { var oreq = new xmlhttprequest(); oreq.open("head" /* use head - we only need the headers!

XMLHttpRequest.withCredentials - Web APIs
the xmlhttprequest.withcredentials property is a boolean that indicates whether or not cross-site access-control requests should be made using credentials such as cookies, authorization headers or tls client certificates.
...the third-party cookies obtained by setting withcredentials to true will still honor same-origin policy and hence can not be accessed by the requesting script through document.cookie or from response headers.

ARIA: table role - Accessibility
role="row" a row within the table, and optionally within a rowgroup, that is a container for one or more cells, columnheaders, or rowheaders.
...the columns are sortable, but not currently sorted, as indicated by the aria-sort property on the column headers.

WAI-ARIA Roles - Accessibility
a row contains one or more cells, grid cells or column headers, and possibly a row header, within a grid, table or treegrid, and optionally within a rowgroup.aria: rowgroup rolean element with role="rowgroup" is a group of rows within a tabular structure.
... a rowgroup contains one or more rows of cells, grid cells, column headers, or row headers within a grid, table or treegrid.aria: search rolethe search landmark role is used to identify a section of the page used to search the page, site, or collection of sites.aria: suggestion rolethe suggestion landmark role semantically denotes a single proposed change to an editable document.

Accessibility documentation index - Accessibility
a row contains one or more cells, grid cells or column headers, and possibly a row header, within a grid, table or treegrid, and optionally within a rowgroup.
...a rowgroup contains one or more rows of cells, grid cells, column headers, or row headers within a grid, table or treegrid.

Viewport concepts - CSS: Cascading Style Sheets
sticky headers or footers, with the following styles, will stick to the top and bottom of the layout viewport respectively.
... sticky headers or footers, as discussed above, stick to the top and bottom of the layout viewport, and therefore remain in view when we zoom in with the keyboard.

<tbody>: The Table Body element - HTML: Hypertext Markup Language
because of that, you need to use a <tr> filled with <th> elements to create headers within each <tbody>.
...this is used for the headers indicating each table section's corresponding major.

<th> - HTML: Hypertext Markup Language
the exact nature of this group is defined by the scope and headers attributes.
... headers this attribute contains a list of space-separated strings, each corresponding to the id attribute of the <th> elements that apply to this element.

MIME types (IANA media types) - HTTP
each part is its own entity with its own http headers, content-disposition, and content-type for file uploading fields.
... content-type: multipart/form-data; boundary=aboundarystring (other headers associated with the multipart document as a whole) --aboundarystring content-disposition: form-data; name="myfile"; filename="img.jpg" content-type: image/jpeg (data) --aboundarystring content-disposition: form-data; name="myfield" (data) --aboundarystring (more subparts) --aboundarystring-- the following <form>: <form action="http://localhost:8000/" method="post" enctype="multipart/form-data"> <label>name: <input name="mytextfield" value="test"></label> <label><input type="checkbox" name="mycheckbox"> check</label> <label>upload file: <input type="file" name="myfile" value="test.txt"></label> <button>send the file</button> </form> will send this message: post / http/1.1 host: localhost:8000 user-agent: ...

Basics of HTTP - HTTP
on top of these basic concepts, numerous extensions have been developed over the years that add updated functionality and semantics with new http methods or headers.
... content negotiation http introduces a set of headers, starting with accept as a way for a browser to announce the format, language, or encoding it prefers.

Reason: CORS header 'Access-Control-Allow-Origin' missing - HTTP
to allow any site to make cors requests without using the * wildcard (for example, to enable credentials), your server must read the value of the request's origin header and use that value to set access-control-allow-origin, and must also set a vary: origin header to indicate that some headers are being set dynamically depending on the origin.
... the exact directive for setting headers depends on your web server.

Content Security Policy (CSP) - HTTP
this article explains how to construct such headers properly, and provides examples.
...the policy specified in content-security-policy headers is enforced while the content-security-policy-report-only policy generates reports but is not enforced.

Accept-CH-Lifetime - HTTP
the accept-ch-lifetime header is set by the server to specify the persistence of accept-ch header value that specifies for which client hints headers client should include in subsequent requests.
...accept-ch and accept-ch-lifetime headers should be persisted for all secure requests to ensure client hints are sent reliably.

Accept-CH - HTTP
the accept-ch header is set by the server to specify which client hints headers a client should include in subsequent requests.
...accept-ch and accept-ch-lifetime headers should be persisted for all secure requests to ensure client hints are sent reliably.

Device-Memory - HTTP
server has to opt in to receive device-memory header from the client by sending accept-ch and accept-ch-lifetime response headers.
... device-memory: <number> examples server first needs to opt in to receive device-memory header by sending the response headers accept-ch containing device-memory and accept-ch-lifetime.

Link - HTTP
the http link entity-header field provides a means for serialising one or more links in http headers.
...k: https://bad.example; rel="preconnect" specifying multiple links you can specify multiple links separated by commas, for example: link: <https://one.example.com>; rel="preconnect", <https://two.example.com>; rel="preconnect", <https://three.example.com>; rel="preconnect" specifications specification status comments rfc 8288, section 3: link serialisation in http headers ietf rfc rfc 5988, section 5: the link header field ietf rfc initial definition ...

Vary - HTTP
the vary http response header determines how to match future request headers to decide whether a cached response can be used rather than requesting a fresh one from the origin server.
... it is used by the server to indicate which headers it used when selecting a representation of a resource in a content negotiation algorithm.

X-Content-Type-Options - HTTP
the x-content-type-options response http header is a marker used by the server to indicate that the mime types advertised in the content-type headers should not be changed and be followed.
...make sure to set both headers correctly.

HEAD - HTTP
the http head method requests the headers that would be returned if the head request's url was instead requested with the http get method.
...if it has one anyway, that body must be ignored: any entity headers that might describe the erroneous body are instead assumed to describe the response which a similar get request would have received.

Proxy servers and tunneling - HTTP
a common way to disclose this information is by using the following http headers: the standardized header: forwarded contains information from the client-facing side of proxy servers that is altered or lost when a proxy is involved in the path of the request.
... via added by proxies, both forward and reverse proxies, and can appear in the request headers and the response headers.

406 Not Acceptable - HTTP
the hypertext transfer protocol (http) 406 not acceptable client error response code indicates that the server cannot produce a response matching the list of acceptable values defined in the request's proactive content negotiation headers, and that the server is unwilling to supply a default representation.
... proactive content negotiation headers include: accept accept-charset accept-encoding accept-language in practice, this error is very rarely used.

412 Precondition Failed - HTTP
this happens with conditional requests on methods other than get or head when the condition defined by the if-unmodified-since or if-none-match headers is not fulfilled.
... status 412 precondition failed examples etag: "33a64df551425fcc55e4d42a148795d9f25f89d4" etag: w/"0815" avoiding mid-air collisions with the help of the etag and the if-match headers, you can detect mid-air edit collisions.

How to make PWAs re-engageable using Notifications and Push - Progressive web apps (PWAs)
fetch('./register', { method: 'post', headers: { 'content-type': 'application/json' }, body: json.stringify({ subscription: subscription }), }); then the globaleventhandlers.onclick function on the subscribe button is defined: document.getelementbyid('doit').onclick = function() { const payload = document.getelementbyid('notification-payload').value; const delay = document.getelementbyid('notification-de...
...lay').value; const ttl = document.getelementbyid('notification-ttl').value; fetch('./sendnotification', { method: 'post', headers: { 'content-type': 'application/json' }, body: json.stringify({ subscription: subscription, payload: payload, delay: delay, ttl: ttl, }), }); }; when the button is clicked, fetch asks the server to send the notification with the given parameters: payload is the text that to be shown in the notification, delay defines a delay in seconds until the notification will be shown, and ttl is the time-to-live setting that keeps the notification available on the server for a specified amount of time, also defined in seconds.

page-worker - Archive of obsolete content
for example, this add-on loads a page from wikipedia, and runs a content script in it to send all the headers back to the main add-on code: var pageworkers = require("sdk/page-worker"); // this content script sends header titles from the page to the add-on: var script = "var elements = document.queryselectorall('h2 > span'); " + "for (var i = 0; i < elements.length; i++) { " + " postmessage(elements[i].textcontent) " + "}"; // create a page worker that loads wik...

tabs - Archive of obsolete content
this may come from http headers or other sources of mime information, and might be affected by automatic type conversions performed by either the browser or extensions.

Dialogs and Prompts - Archive of obsolete content
using <dialogheader> you can use the dialogheader element to add "headers" to windows.

Setting Up a Development Environment - Archive of obsolete content
there are several similar extensions, such as live http headers, but tamper data is the one that we use the most.

An Interview With Douglas Bowman of Wired News - Archive of obsolete content
this includes rules and guidelines applying to everything from headers, footers, page hierarchy, titles, typography, iconography, navigation, and others.

progress - Archive of obsolete content
this doesn't include headers and other overhead, but only the content itself.

In-Depth - Archive of obsolete content
button, checkbox-container, checkbox, dialog, dualbutton, dualbutton-dropdown, listbox, menu, menulist-textfield, menulist-button, menulist, menulist-text, progressbar, progresschunk, radio-container, radio, resizer, resizerpanel, separator, scrollbar, statusbar, statusbarpanel, toolbarbutton, toolbox, toolbar, treeheadercell, treeheadersortarrow, treeview, treeitem, treetwisty, treetwistyopen, tooltip, textfield, tabpanels, tab, tab-left-edge, tab-right-edge, scrollbartrack-horizontal, scrollbartrack-vertical, scrollbarthumb-vertical, scrollbarthumb-horizontal, scrollbarbutton-right, scrollbarbutton-down, scrollbarbutton-left, scrollbarbutton-up, scrollbargripper-vertical, scrollbargripper-horizontal -moz-border-bottom-colors def...

Dehydra Frequently Asked Questions - Archive of obsolete content
use either a source files that rely on standard headers or a compressed .ii file (pass -save-temps to gcc to get .ii files).

Modularization techniques - Archive of obsolete content
it outputs nspr types when generating c++ headers.

Table Cellmap - Archive of obsolete content
tables with footers, headers etc.

enableColumnDrag - Archive of obsolete content
« xul reference home enablecolumndrag type: boolean when set to true, the user may drag the column headers around to change the order in which they are displayed.

enableColumnDrag - Archive of obsolete content
« xul reference enablecolumndrag type: boolean when set to true, the user may drag the column headers around to change the order in which they are displayed.

List Controls - Archive of obsolete content
you would use this to create column headers.

More Tree Features - Archive of obsolete content
(note the mixed case.) if set to true, the user may drag the column headers around to rearrange the order of the columns.

Styling a Tree - Archive of obsolete content
styling the tree you can style the tree border and the column headers in the same way as other elements.

Trees and Templates - Archive of obsolete content
the user may change the sort column and direction by clicking the column headers.

Writing Skinnable XUL and CSS - Archive of obsolete content
for either the personal toolbar headers or for the menu buttons' borders.

XUL Accesskey FAQ and Policies - Archive of obsolete content
toolbar buttons tree items list items column headers are there any crucial bugs i should know about?

The Implementation of the Application Object Model - Archive of obsolete content
suppose we decide we want to cache the sort relationship on our data, so that we don't have to continually resort it as the user hits the column headers in the tree.

Using SOAP in XULRunner 1.9 - Archive of obsolete content
< req.setrequestheader("soapserver", soapclient.soapserver); < req.setrequestheader("soapaction", soapreq.action); < } < }); --- > var xhr = new xmlhttprequest(); > xhr.mozbackgroundrequest = true; > xhr.open('post', soapclient.proxy, true); > xhr.onreadystatechange = function() { > if (4 != xhr.readystate) { return; } > getresponse(xhr); > }; > var headers = { > 'method': 'post', > 'content-type': soapclient.contenttype + '; charset="' + > soapclient.charset + '"', > 'content-length': soapclient.contentlength, > 'soapserver': soapclient.soapserver, > 'soapaction': soapreq.action > }; > for (var h in headers) { xhr.setrequestheader(h, headers[h]); } > xhr.send(content); ...

nsIContentPolicy - Archive of obsolete content
shouldprocess() will get this for, for example <meta> refresh elements and http refresh headers.

2006-10-06 - Archive of obsolete content
brian king also mentions that documentation on handling message headers on the ui side would be helpful.

Extentsions FAQ - Archive of obsolete content
is there a way of changing the thunderbird displays headers when replying and forwarding?

NPN_PostURLNotify - Archive of obsolete content
description npn_posturlnotify functions identically to npn_posturl, with these exceptions: npn_posturlnotify supports specifying headers when posting a memory buffer.

NPP_GetValue - Archive of obsolete content
the full list is in the npapi headers.

Writing a plugin for Mac OS X - Archive of obsolete content
xp_macosx it's important to define the gcc preprocessor definition xp_macosx to 1; this is used by the npapi headers to build properly on mac os x.

NSPR Release Engineering Guide - Archive of obsolete content
ub_release_x_y_z_beta beta release checkout a whole new tree using the tag from above build all targets, debug and optimized on all platforms using the command: gmake release mdist=<dir>/mdist build_number=vx.y.z [build_opt=1 | use_debug_rtl=1] copy the bits from mdist to /share/builds/components/nspr20/.vx.y.z 1 run explode.pl run the test suite on all targets, using binaries & headers from shipped bits resolve testing anomalies tag the tree with nsprpub_release_x_y[_z] release candidate checkout a whole new tree using tag (including fixes) tag the treey with nsprpub_release_x_y_z build all targets, debug and optimized on all platforms using the command: gmake release mdist=<dir>/mdist build_number=vx.y.z [build_opt=1 | use_debug_rtl=1] copy the bits from ...

Obsolete: XPCOM-based scripting for NPAPI plugins - Archive of obsolete content
the following html code will do the job:</p> this should be changed, we shouldn't advocate embed <embed type="application/plugin-mimetype"> <script language="javascript"> var embed = document.embeds[0]; embed.nativemethod(); </script> how to build and install having the built mozilla tree is probably not necessary, but building the plugin with a scriptable instance interface will require mozilla headers and the xpcom compatible idl compiler -- xpidl.exe.

Gecko FAQ - Gecko Redirect 1
by the end of calendar year 2000, gecko is expected to support the following recommended open internet standards fully except for the areas noted below and open bugs documented in bugzilla: html 4.0 - full support except for: elements: bdo, basefont attributes: shape attribute on the a element, abbr, axis, headers, scope-row, scope-col, scope-rowgroup, scope-colgroup, charoff, datasrc, datafld, dataformat, datapagesize, summary, event, dir, align on table columns, label attribute of option, alternate text of area elements, longdesc various metadata attributes: cite, datetime, lang, hreflang bidirectional text layout, which is only used in hebrew and arabic (ibm has begun work to add bidi support in a...

Packet - MDN Web Docs Glossary: Definitions of Web-related terms
it consists of network addresses for the source and destination, sequencing information, and error detection codes and is generally found in packet headers and footer.

Prefetch - MDN Web Docs Glossary: Definitions of Web-related terms
the prefetch hints are sent in http headers: link: ; rel=dns-prefetch, ; as=script; rel=preload, ; rel=prerender, ; as=style; rel=preload prefetch attribute value browsers will prefetch content when the prefetch <link> tag directs it to, giving the developer control over what resources should be prefetched.

Proxy server - MDN Web Docs Glossary: Definitions of Web-related terms
a proxy intercepts requests and serves back responses; it may forward the requests, or not (for example in the case of a cache), and it may modify it (for example changing its headers, at the boundary between two networks).

XInclude - MDN Web Docs Glossary: Definitions of Web-related terms
request.setrequestheader('accept-language', acceptlanguage); } switch (parse) { case 'text': // priority should be on media type: var contenttype = request.getresponseheader('content-type'); //text/xml; charset="utf-8" // send to get headers first?

Cacheable - MDN Web Docs Glossary: Definitions of Web-related terms
there are specific headers in the response, like cache-control, that prevents caching.

CSS and JavaScript accessibility best practices - Learn web development
it is a good idea to make sure the table headers stand out (normally using bold), and use zebra striping to make different rows easier to parse.

HTML: A good basis for accessibility - Learn web development
now have a look at our punk bands table example — you can see a few accessibility aids at work here: table headers are defined using <th> elements — you can also specify if they are headers for rows or columns using the scope attribute.

HTML: A good basis for accessibility - Learn web development
now have a look at our punk bands table example — you can see a few accessibility aids at work here: table headers are defined using <th> elements — you can also specify if they are headers for rows or columns using the scope attribute.

Introduction to CSS layout - Learn web development
table layout html tables are fine for displaying tabular data, but many years ago — before even basic css was supported reliably across browsers — web developers used to also use tables for entire web page layouts — putting their headers, footers, different columns, etc.

Sending forms through JavaScript - Learn web development
something went wrong.' ); } ); // set up our request xhr.open( 'post', 'https://example.com/cors.php' ); // send our formdata object; http headers are set automatically xhr.send( fd ); } btn.addeventlistener( 'click', function() { senddata( {test:'ok'} ); } ) here's the live result: using formdata bound to a form element you can also bind a formdata object to an <form> element.

From object to iframe — other embedding technologies - Learn web development
configure csp directives csp stands for content security policy and provides a set of http headers (metadata sent along with your web pages when they are served from a web server) designed to improve the security of your html document.

Graceful asynchronous programming with Promises - Learn web development
you could, for example, check the content-type http header of the response in each case using response.headers.get("content-type"), and then react accordingly.

Properly configuring server MIME types - Learn web development
you can also use rex swain's http viewer or live http headers to see the full headers and content of any file sent from a web server.

Command line crash course - Learn web development
let's also look at the headers that developer.mozilla.org returns using curl's -i flag, and print all the location redirects it sends to the terminal, by piping the output of curl into grep (we will ask grep to return all the lines that contain the word "location").

Accessibility API cross-reference
log the main content of a document, distinct from complementary info, headers, footers, navigation, asides etc.

Gecko info for Windows accessibility vendors
unique features role_table html: <table> dhtml: role="wairole:grid" (in this case state_focusable is set) accname is supported via <caption> first child of table or summary attribute role_columnheader xul: tree column headers html: <th> dhtml: role="wairole:colheader" role_rowheader dhtml: role="wairole:rowheader" role_column not supported.

Multiprocess on Windows
its headers are exported to mozilla/mscom.

Creating Sandboxed HTTP Connections
in order to manipulate cookies, the nsichannel needs to be converted into a nsihttpchannel by using queryinterface (qi): var httpchannel = asubject.queryinterface(components.interfaces.nsihttpchannel); cookies are actually part of the http header, nsihttpchannel provides four methods for working with headers: two for getting and setting request headers, and two for getting and setting response headers.

Debugging update problems
you can do this using the live http headers addon to determine the url of the update request.

Old Thunderbird build
to build on windows, please read the prerequisites so you don't skip preparing the mapi headers needed to compile thunderbird.

Simple Thunderbird build
windows build prerequisites gnu/linux build prerequisites macos build prerequisites mapi headers on windows: check that the mapi header files from https://www.microsoft.com/en-us/download/details.aspx?id=12905 are installed because the mapi header files (except mapi.h) are not bundled with visual studio 2017 (windows sdk 10).

Storage access policy: Block cookies from trackers
specifically, firefox does this by imposing the following restrictions: cookies: block cookie request headers and ignore set-cookie response headers.

Embedding Tips
for example, if you wanted to check the server response headers, you might check onstatechange for state_start | state_is_request flags, and from the nsirequest argument qi fornsihttpchanne and call methods on that to determine response codes and other information from the server.

Mozilla Framework Based on Templates (MFBT)
its code resides in the mfbt/ source directory, but headers within it should be included using paths like "mozilla/standardinteger.h".

Mozilla Web Services Security Model
soap soap requests without verification headers soapv soap requests with verification headers the from attribute the from attribute on the allow element says which calling sites the allow element applies to.

A guide to searching crash reports
you can reorder the groups in various ways by clicking on the column headers.

NSPR Contributor Guide
generally useful platform abstractions you agree to sustain, bug fix may rely on the nspr api may not rely on any other library api new platform ports all nspr api items must be implemented platform specific headers in pr/include/md/_platformname.[h!cfg] platform specific code in pr/src/md/platform/*.c make rules in config/_platform.mk documentation the files for nspr's documentation are maintained using a proprietary word processing system [don't ask].

Logging
to enable nspr logging and/or the debugging aids in your application, compile using the nspr debug build headers and runtime.

Function_Name
syntax #include <headers.h> returntype function_name( paramtype paramname, paramtype paramname, ); parameters paramname sample: in pointer to a certcertdbhandle representing the certificate database to look in paramname sample: in pointer to an secitem whose type must be sidercertbuffer and whose data contains a der-encoded certificate description long description of this function, what it does, and why you would use it.

NSS_3.12.1_release_notes.html
ed pkcs#11 object attribute values bug 434187: fix the gcc compiler warnings in nss/lib bug 434398: libpkix cannot find issuer cert immediately after checking it with ocsp bug 434808: certutil -b deadlock when importing two or more roots bug 434860: coverity 1150 - dead code in ocsp_createcertid bug 436428: remove unneeded assert from sec_pkcs7encryptlength bug 436430: make nss public headers compilable with no_nspr_10_support defined bug 436577: uninitialized variable in sec_pkcs5createalgorithmid bug 438685: libpkix doesn't try all the issuers in a bridge with multiple certs bug 438876: signtool is still using static libraries.

NSS 3.12.5 release_notes
deprecated headers the header file key.h is deprecated.

NSS 3.12.6 release notes
x_hash throws a null-argument exception on empty strings bug 530907: the peerid argument to ssl_setsockpeerid should be declared const bug 531188: decompression failure with https://livechat.merlin.pl/ bug 532417: build problem with spaces in path names bug 534943: clean up the makefiles in lib/ckfw/builtins bug 534945: lib/dev does not need to include headers from lib/ckfw bug 535669: move common makefile code in if and else to the outside bug 536023: der_utctimetotime and der_generalizedtimetotime ignore all bytes after an embedded null bug 536474: add support for logging pre-master secrets bug 537356: implement new safe ssl3 & tls renegotiation bug 537795: nss_initcontext does not work with nss_registersh...

NSS_3.12_release_notes.html
7: libpkix does not use user defined revocation checkers bug 407064: pkix_pl_ldapcertstore_buildcrllist should not fail if a crl fails to be decoded bug 421216: libpkix test nss_thread leaks a test certificate bug 301259: signtool usage message is unhelpful bug 389781: nss should be built size-optimized in browser builds on linux, windows, and mac bug 90426: use of obsolete typedefs in public nss headers bug 113323: the first argument to pk11_findcertfromnickname should be const.

NSS Sample Code Sample_1_Hashing
sample code 1 /* nspr headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> /* nss headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha1 }, { "sha256", sec_oid_sha256 }, { "sha384", sec_oid_sha384 }, { "sha512", sec_oid_sha512 } }; /* * maps a hash name to a secoidtag.

NSS Sample Code Sample_2_Initialization of NSS
sample code 1 /* nspr headers */ #include <prthread.h> #include <plgetopt.h> #include <prprf.h> /* nss headers */ #include <nss.h> #include <pk11func.h> #include "util.h" /* print a usage message and exit */ static void usage(const char *progname) { fprintf(stderr, "\nusage: %s -d <dbdirpath> [-p <plainpasswc>]" " [-f <passwdffile>]\n\n", progname); fprintf(stderr, "%-15s specify a db directory path\n\n", "-d <dbdirpath>"); fprintf(stderr, "%-15s specify a plaintext password\n\n", "-p <plainpasswc>"); fprintf(stderr, "%-15s specify a password file\n\n",...

NSS Sample Code Utilities_1
ii) { /* first convert ascii to binary */ secitem filedata; char *asc, *body; /* read in ascii data */ rv = filetoitem(&filedata, infile); asc = (char *)filedata.data; if (!asc) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them */ if ((body = strstr(asc, "-----begin")) != null) { char *trailer = null; asc = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(asc, '\r'); /* maybe this is a mac file */ if (body) trailer = strstr(++body, "-----end"); if (trailer != nul...

Hashing - sample 1
*/ /* nspr headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> /* nss headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> #include <nss.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha...

Utilities for nss samples
ii) { /* first convert ascii to binary */ secitem filedata; char *asc, *body; /* read in ascii data */ rv = filetoitem(&filedata, infile); asc = (char *)filedata.data; if (!asc) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for headers and trailers and remove them */ if ((body = strstr(asc, "-----begin")) != null) { char *trailer = null; asc = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(asc, '\r'); /* maybe this is a mac file */ if (body) trailer = strstr(++body, "-----end"); if (trailer != nul...

sample1
/* nspr headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> #include <prprf.h> /* nss headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha1 }, { "sha256", sec_oid_sha256 }, { "sha384", sec_oid_sha384 }, { "sha512", sec_oid_sha512 } }; /* maps a hash name to a secoidtag.

NSS tools : cmsutil
-h num generate email headers with info about cms message (decode only).

sslerr.html
sec_error_cert_addr_mismatch -8100 address in signing certificate does not match address in message headers.

NSS Tools cmsutil
-h num generate email headers with info about cms message (decode only).

NSS tools : cmsutil
-h num generate email headers with info about cms message (decode only).

Installing Pork
elsa (the c++ parser in pork) has a hard time with some of the new features used in later gcc c++ headers.

SpiderMonkey 1.8.8
including jsapi.h provides all these types, but more-specific headers also provide these types if you wish to use them in other code.

SpiderMonkey 17
including jsapi.h provides all these types, but more-specific headers also provide these types if you wish to use them in other code.

ROLE_TABLE
« gecko roles page represents a table that contains rows and columns of cells, and optionally, row headers and column headers.

Gecko Roles
role_table represents a table that contains rows and columns of cells, and optionally, row headers and column headers.

Using XPCOM Utilities to Make Things Easier
when an interface is written in xpidl, the headers include static declarations of their iids.

XPCOM Stream Guide
nsconverterinputstream @mozilla.org/intl/converter-input-stream;1 nsiconverterinputstream .init(stream, charset, buffersize, replacechar) mime separate headers from data.

How to build a binary XPCOM component using Visual Studio
then make the following tweaks: add "..\gecko-sdk\include" to additional include directories add "..\gecko-sdk\lib" to additional library directories add "nspr4.lib xpcom.lib xpcomglue_s.lib" to additional dependencies add "xp_win;xp_win32″ to preprocessor definitions turn off precompiled headers (just to keep it simple) use a custom build step for the xpcom idl file (spawns xpidl-build.bat to process the idl with mozilla toolset, not midl) vc++ express project: xpcom-test.zip note: the project uses xpcom_glue.

Monitoring HTTP activity
these include the ability to monitor outgoing http request headers and bodies as well as incoming http headers and complete http transactions.

nsIChannel
for example, queryinterfacing to nsihttpchannel allows response headers to be retrieved for the corresponding http transaction.

nsICookieConsent
httpchannel the channel to extract the p3p headers from.

nsIDOMProgressEvent
this doesn't include headers and other overhead, but only the content itself.

nsIFeedResult
headers nsiproperties the http response headers that accompanied the feed.

nsIHTTPHeaderListener
modules/plugin/base/public/nsihttpheaderlistener.idlscriptable this interface allows plugin authors to access http response headers after issuing an nsipluginhost.geturl or nsipluginhost.posturl call.

nsIHttpActivityObserver
observers can look at request headers in aextrastringdata activity_subtype_request_body_sent 0x5002 the http request's body has been sent.

nsIHttpChannelInternal
setcookie() helper method to set a cookie with a consumer-provided cookie header, but using the channel's other information (uri's, prompters, date headers and so on.).

nsIMIMEInputStream
netwerk/base/public/nsimimeinputstream.idlscriptable the mime stream separates headers and a datastream.

nsIMsgCompFields
(bug 249530) newsgroups astring newshost char * newsposturl char * organization astring otherrandomheaders astring no longer exists - see https://groups.google.com/forum/#!topic/mozilla.dev.apps.thunderbird/s4ofmm8_b28 priority char * receiptheadertype print32 references char * replyto astring securityinfo nsisupports subject astring templatename astring temporaryfiles ...

nsIMsgDatabase
in nsmsglabelvalue label); setstringproperty() void setstringproperty(in nsmsgkey akey, in string aproperty, in string avalue); markimapdeleted() void markimapdeleted(in nsmsgkey key, in boolean deleted, in nsidbchangelistener instigator); applyretentionsettings() purge unwanted message headers and/or bodies.

nsIMsgFilter
alue value, out boolean booleanand, out acstring arbitraryheader ) appendterm() void nsimsgfilter::appendterm (in nsimsgsearchterm term) createterm() nsimsgsearchterm nsimsgfilter::createterm ( ) matchhdr() void nsimsgfilter::matchhdr ( in nsimsgdbhdr msghdr, in nsimsgfolder folder, in nsimsgdatabase db, in string headers, in unsigned long headersize, out boolean result ) logrulehit() void nsimsgfilter::logrulehit ( in nsimsgruleaction afilteraction, in nsimsgdbhdr aheader ) createaction() nsimsgruleaction nsimsgfilter::createaction ( ) getactionat() nsimsgruleaction nsimsgfilter::getactionat (in long aindex) appendaction() void nsimsgfilter::appendaction (in nsimsgrul...

nsIMsgSearchTerm
this is a property of the nsimsgdbhdr, and may have * nothing to do the message headers, e.g., gloda-id.

nsIMsgWindow
msgheadersink nsimsgheadersink this allows the backend code to send message header information to the ui.

nsINavHistoryResultObserver
for trees, for example, this would update the column headers to reflect the sorting.

nsINavHistoryResultViewer
for trees, this would update the column headers to reflect the altered sorting.

nsIRequest
this means that things like authorization tokens or cookie headers should not be added.

nsIScriptError
hrome registration" "xbl" "xbl prototype handler" "xbl content sink" "xbl javascript" "frameconstructor" categories the web console displays "hudconsole" "css parser" "css loader" "content javascript" "dom events" "dom:html" "dom window" "svg" "imagemap" "html" "canvas" "dom3 load" "dom" "malformed-xml" "dom worker javascript" "mixed content blocker" "csp" "invalid hsts headers" "insecure password field" see also using the web console error console nsiconsolemessage nsiscripterror2 ...

nsMsgSearchAttrib
const nsmsgsearchattribvalue label = 48; /* mail only...can search by label */ const nsmsgsearchattribvalue hdrproperty = 49; // uses nsimsgsearchterm::hdrproperty const nsmsgsearchattribvalue folderflag = 50; // uses nsimsgsearchterm::status const nsmsgsearchattribvalue uint32hdrproperty = 51; // uses nsimsgsearchterm::hdrproperty // 52 is for showing customize - in ui headers start from 53 onwards up until 99.

nsMsgSearchScope
const nsmsgsearchscopevalue news = 5; const nsmsgsearchscopevalue newsex = 6; const nsmsgsearchscopevalue ldap = 7; const nsmsgsearchscopevalue localab = 8; const nsmsgsearchscopevalue allsearchablegroups = 9; const nsmsgsearchscopevalue newsfilter = 10; const nsmsgsearchscopevalue localaband = 11; const nsmsgsearchscopevalue ldapand = 12; // imap and news, searched using local headers const nsmsgsearchscopevalue onlinemanual = 13; /// local news + junk const nsmsgsearchscopevalue localnewsjunk = 14; /// local news + body const nsmsgsearchscopevalue localnewsbody = 15; /// local news + junk + body const nsmsgsearchscopevalue localnewsjunkbody = 16; }; ...

XPCOM Interface Reference
amnsimacdocksupportnsimarkupdocumentviewernsimemorynsimemorymultireporternsimemorymultireportercallbacknsimemoryreporternsimemoryreportermanagernsimenuboxobjectnsimessagebroadcasternsimessagelistenernsimessagelistenermanagernsimessagesendernsimessagewakeupservicensimessengernsimicrosummarynsimicrosummarygeneratornsimicrosummaryobservernsimicrosummaryservicensimicrosummarysetnsimimeconverternsimimeheadersnsimodulensimsgaccountnsimsgaccountmanagerextensionnsimsgcompfieldsnsimsgcustomcolumnhandlernsimsgdbhdrnsimsgdbviewnsimsgdbviewcommandupdaternsimsgdatabasensimsgfilternsimsgfiltercustomactionnsimsgfilterlistnsimsgfoldernsimsgheaderparsernsimsgidentitynsimsgincomingservernsimsgmessageservicensimsgprotocolinfonsimsgruleactionnsimsgsearchcustomtermnsimsgsearchnotifynsimsgsearchscopetermnsimsgsearchse...

Using the Gecko SDK
the sdk contains headers for all of the frozen interfaces and functions, and it also contains headers for classes and functions defined in the glue libraries.

Xptcall Porting Guide
the tree mozilla/xpcom/reflect/xptcall +--public // exported headers +--src // core source | \--md // platform specific parts | +--mac // mac ppc | +--unix // all unix | \--win32 // win32 | +--test // simple tests to get started \--tests // full tests via api porters are free to create subdirectories under the base md directory for their given platforms and to integrate into the build system as appropriate for their platform...

xpidl
the xpidl compiler is now part of the build process, allowing us to generate headers used by the xpcom components.

XPIDL
resources (mostly outdated) some unsorted notes including a keyword list xpidl is a tool for generating c++ headers, java interfaces, xpconnect typelibs, and html documentation from xpidl files generating xpt files on windows a google groups post with instructions on how to use variable-length argument lists using xpidl.

MailNews fakeserver
getarticle message id newsarticle object pretty self-explanatory newsarticle api name arguments returns notes [constructor] text (as a string) n/a initializes all fields headers (property) map of header (lower-case) -> value body (property) text of body messageid (property) message id fulltext (property) full text as message without modification except added headers.

Spam filtering
to analyze a message for spam, we need the entire message, not just the headers.

Create Custom Column
the customdbheaders preference article provides information on a preference setting that exposes custom header data for use in a custom column within thunderbird's main view.

Filter Incoming Mail
by example, setting it to lower case subject = subject.tolocalelowercase(); // then we rebuild a subject objet by rencoding the string // and assign it to the message headers and we're done amsghdr.subject = mimeconvert.encodemimepartiistr_utf8(subject, false, "utf-8", 0, 72); } } }; function init() { var notificationservice = components.classes["@mozilla.org/messenger/msgnotificationservice;1"] .getservice(components.interfaces.nsimsgfoldernotificationservice); notificationservice.addlistener(newmaillistener, notificationservice.msgadded); ...

Folders and message lists
if a collapsed thread is in there and working with collapsed threads is enabled, this will include the headers for the messages in that collapsed thread.

Constants - Plugins
npvers_has_response_headers 17 npstreams have response headers for http streams.

JSON viewer - Firefox Developer Tools
finally, if the document was the result of a network request, the viewer displays the request and response headers.

Rich output - Firefox Developer Tools
click on the arrow next to the request and a details panel will open that is equivalent to the headers panel in the network monitor tool.

Using the CSS Painting API - Web APIs
maybe try float and clear on the headers?

Cache.keys() - Web APIs
note: requests with duplicate urls but different headers can be returned if their responses have the vary header set on them.

Cache.match() - Web APIs
if (event.request.method === 'get' && event.request.headers.get('accept').indexof('text/html') !== -1) { console.log('handling fetch event for', event.request.url); event.respondwith( fetch(event.request).catch(function(e) { console.error('fetch failed; returning offline page instead.', e); return caches.open(offline_cache).then(function(cache) { return cache.match(offline_url); }); }) ); } }); ...

Document.contentType - Web APIs
this may come from http headers or other sources of mime information, and might be affected by automatic type conversions performed by either the browser or extensions.

DocumentOrShadowRoot.styleSheets - Web APIs
examples function getstylesheet(unique_title) { for (var i=0; i<document.stylesheets.length; i++) { var sheet = document.stylesheets[i]; if (sheet.title == unique_title) { return sheet; } } } notes the returned list is ordered as follows: stylesheets retrieved from <link> headers are placed first, sorted in header order.

Introduction to the DOM - Web APIs
every element in a document—the document as a whole, the head, tables within the document, table headers, text within the table cells—is part of the document object model for that document, so they can all be accessed and manipulated using the dom and a scripting language like javascript.

GlobalEventHandlers.onerror - Web APIs
instead the error reported is simply "script error." this behavior can be overriden in some browsers using the crossorigin attribute on <script> and having the server send the appropriate cors http response headers.

HTMLTableSectionElement - Web APIs
the htmltablesectionelement interface provides special properties and methods (beyond the htmlelement interface it also has available to it by inheritance) for manipulating the layout and presentation of sections, that is headers, footers and bodies, in an html table.

The HTML DOM API - Web APIs
among the things added to document by the html standard are: support for accessing various information provided by the http headers when loading the page, such as the location from which the document was loaded, cookies, modification date, referring site, and so forth.

MediaDevices.getUserMedia() - Web APIs
for example, this line in the http headers will enable use of a camera for the document and any embedded <iframe> elements that are loaded from the same origin: feature-policy: camera 'self' this will request access to the microphone for the current origin and the specific origin https://developer.mozilla.org: feature-policy: microphone 'self' https://developer.mozilla.org if you're using getusermedia() within an <iframe>, you can req...

NavigatorID.userAgent - Web APIs
syntax var ua = navigator.useragent; value a domstring specifying the complete user agent string the browser provides both in http headers and in response to this and other related methods on the navigator object.

performance.now() - Web APIs
starting with firefox 79, high resolution timers can be used if you cross-origin isolate your document using the cross-origin-opener-policy and cross-origin-embedder-policy headers: cross-origin-opener-policy: same-origin cross-origin-embedder-policy: require-corp these headers ensure a top-level document does not share a browsing context group with cross-origin documents.

PerformanceServerTiming - Web APIs
example given a server that sends the server-timing header, for example a node.js server like this: const http = require('http'); function requesthandler(request, response) { const headers = { 'server-timing': ` cache;desc="cache read";dur=23.2, db;dur=53, app;dur=47.2 `.replace(/\n/g, '') }; response.writehead(200, headers); response.write(''); return settimeout(_ => { response.end(); }, 1000) }; http.createserver(requesthandler).listen(3000).on('error', console.error); the performanceservertiming entries are now observable from javascript v...

ProgressEvent.loaded - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not headers and other overhead.

ProgressEvent.total - Web APIs
when downloading a resource using http, this only represent the content itself, not headers and other overhead.

ReadableStream - Web APIs
if (done) { // tell the browser that we have finished sending data controller.close(); return; } // get the data and send it to the browser via the controller controller.enqueue(value); push(); }); }; push(); } }); return new response(stream, { headers: { "content-type": "text/html" } }); }); specifications specification status comment streamsthe definition of 'readablestream' in that specification.

ReadableStreamDefaultReader - Web APIs
if (done) { // tell the browser that we have finished sending data controller.close(); return; } // get the data and send it to the browser via the controller controller.enqueue(value); push(); }); }; push(); } }); return new response(stream, { headers: { "content-type": "text/html" } }); }); specifications specification status comment streamsthe definition of 'readablestreamdefaultreader' in that specification.

Request - Web APIs
request.headers read only contains the associated headers object of the request.

Response() - Web APIs
headers: any headers you want to add to your response, contained within a headers object or object literal of bytestring key/value pairs (see http headers for a reference).

Using the Screen Capture API - Web APIs
for example, this line in the http headers will enable screen capture api for the document and any embedded <iframe> elements that are loaded from the same origin: feature-policy: display-capture 'self' if you're performing screen capture within an <iframe>, you can request permission just for that frame, which is clearly more secure than requesting a more general permission: <iframe src="https://mycode.example.net/etc" allow="display-...

ServiceWorkerGlobalScope: pushsubscriptionchange event - Web APIs
self.addeventlistener("pushsubscriptionchange", event => { event.waituntil(swregistration.pushmanager.subscribe(event.oldsubscription.options) .then(subscription => { return fetch("register", { method: "post", headers: { "content-type": "application/json" }, body: json.stringify({ endpoint: subscription.endpoint }) }); }) ); }, false); when a pushsubscriptionchange event arrives, indicating that the subscription has expired, we resubscribe by calling the push manager's subscribe() method.

Storage Access API - Web APIs
scripts, images, stylesheets, etc.) will load with access to their first-party storage, which means they may send cookie headers and honor incoming set-cookie headers.

Web Video Text Tracks Format (WebVTT) - Web APIs
the first line of webvtt is standardized similar to the way some other languages require you to put headers as the file starts to indicate the file type.

window.postMessage() - Web APIs
shared memory is gated behind two http headers: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) cross-origin-opener-policy: same-origin cross-origin-embedder-policy: require-corp to check if cross origin isolation has been successful, you can test against the crossoriginisolated property available to w...

WindowOrWorkerGlobalScope.crossOriginIsolated - Web APIs
this value is dependant on any cross-origin-opener-policy and cross-origin-embedder-policy headers present in the response.

Sending and Receiving Binary Data - Web APIs
var req = new xmlhttprequest(); req.open("post", url, true); // set headers and mime-type appropriately req.setrequestheader("content-length", 741); req.sendasbinary(abody); line 4 sets the content-length header to 741, indicating that the data is 741 bytes long.

XMLHttpRequest.mozAnon - Web APIs
if true, the request will be sent without cookies or authentication headers.

XSL Transformations in Mozilla FAQ - Web APIs
to find out which mime type your server sends, look at page info, use extensions like livehttpheaders or a download manager like wget.

Web APIs
ptelement htmlselectelement htmlshadowelement htmlslotelement htmlsourceelement htmlspanelement htmlstyleelement htmltablecaptionelement htmltablecellelement htmltablecolelement htmltableelement htmltablerowelement htmltablesectionelement htmltemplateelement htmltextareaelement htmltimeelement htmltitleelement htmltrackelement htmlulistelement htmlunknownelement htmlvideoelement hashchangeevent headers history hkdfparams hmacimportparams hmackeygenparams i idbcursor idbcursorsync idbcursorwithvalue idbdatabase idbdatabaseexception idbdatabasesync idbenvironment idbenvironmentsync idbfactory idbfactorysync idbindex idbindexsync idbkeyrange idblocaleawarekeyrange idbmutablefile idbobjectstore idbobjectstoresync idbopendbrequest idbrequest idbtransaction idbtransacti...

ARIA Screen Reader Implementors Guide - Accessibility
this is particularly important for changes in data cells, where the column and row headers provide important contextual information.

Using the presentation role - Accessibility
for example, a table used for layout purposes could have the presentation role applied to the table element to remove any semantic meaning from the table element and any of its table related children elements, such as table headers and table data elements.

ARIA: cell role - Accessibility
a row contains one or more cells, grid cells, column headers, or row headers within a grid, table or treegrid, and optionally within a rowgroup.

:host() - CSS: Cascading Style Sheets
t span = document.createelement('span'); span.textcontent = this.textcontent; const shadowroot = this.attachshadow({mode: 'open'}); shadowroot.appendchild(style); shadowroot.appendchild(span); style.textcontent = 'span:hover { text-decoration: underline; }' + ':host-context(h1) { font-style: italic; }' + ':host-context(h1):after { content: " - no links in headers!" }' + ':host-context(article, aside) { color: gray; }' + ':host(.footer) { color : red; }' + ':host { background: rgba(0,0,0,0.1); padding: 2px 5px; }'; the :host(.footer) { color : red; } rule styles all instances of the <context-span> element (the shadow host in this instance) in the document that have the footer class set on them �...

:host-context() - CSS: Cascading Style Sheets
t span = document.createelement('span'); span.textcontent = this.textcontent; const shadowroot = this.attachshadow({mode: 'open'}); shadowroot.appendchild(style); shadowroot.appendchild(span); style.textcontent = 'span:hover { text-decoration: underline; }' + ':host-context(h1) { font-style: italic; }' + ':host-context(h1):after { content: " - no links in headers!" }' + ':host-context(article, aside) { color: gray; }' + ':host(.footer) { color : red; }' + ':host { background: rgba(0,0,0,0.1); padding: 2px 5px; }'; the :host-context(h1) { font-style: italic; } and :host-context(h1):after { content: " - no links in headers!" } rules style the instance of the <context-span> element (the shadow host...

:host - CSS: Cascading Style Sheets
t span = document.createelement('span'); span.textcontent = this.textcontent; const shadowroot = this.attachshadow({mode: 'open'}); shadowroot.appendchild(style); shadowroot.appendchild(span); style.textcontent = 'span:hover { text-decoration: underline; }' + ':host-context(h1) { font-style: italic; }' + ':host-context(h1):after { content: " - no links in headers!" }' + ':host-context(article, aside) { color: gray; }' + ':host(.footer) { color : red; }' + ':host { background: rgba(0,0,0,0.1); padding: 2px 5px; }'; the :host { background: rgba(0,0,0,0.1); padding: 2px 5px; } rule styles all instances of the <context-span> element (the shadow host in this instance) in the document.

:lang() - CSS: Cascading Style Sheets
/* selects any <p> in english (en) */ p:lang(en) { quotes: '\201c' '\201d' '\2018' '\2019'; } note: in html, the language is determined by a combination of the lang attribute, the <meta> element, and possibly by information from the protocol (such as http headers).

Shapes From Images - CSS: Cascading Style Sheets
an image hosted on the same domain as your site should work, however if your images are hosted on a different domain such as on a cdn you should ensure that they are sending the correct headers to enable them to be used for shapes.

Mozilla CSS extensions - CSS: Cascading Style Sheets
on-up scrollbar-small scrollbarthumb-horizontal scrollbarthumb-vertical scrollbartrack-horizontal scrollbartrack-vertical separator spinner spinner-downbutton spinner-textfield spinner-upbutton statusbar statusbarpanel tab tabpanels tab-scroll-arrow-back tab-scroll-arrow-forward textfield textfield-multiline toolbar toolbarbutton-dropdown toolbox tooltip treeheadercell treeheadersortarrow treeitem treetwisty treetwistyopen treeview window background-image gradients -moz-linear-gradient -moz-radial-gradient elements -moz-element sub-images -moz-image-rect() border-color -moz-use-text-colorobsolete since gecko 52 (removed in bug 1306214); use currentcolor instead.

appearance (-moz-appearance, -webkit-appearance) - CSS: Cascading Style Sheets
treeheadersortarrow firefox removed in firefox 64.

inherit - CSS: Cascading Style Sheets
examples exclude selected elements from a rule /* make second-level headers green */ h2 { color: green; } /* ...but leave those in the sidebar alone so they use their parent's color */ #sidebar h2 { color: inherit; } in this example the h2 elements inside the sidebar might be different colors.

revert - CSS: Cascading Style Sheets
revert will revert to bold because this is a default value for headers in most browsers.

text-orientation - CSS: Cascading Style Sheets
it is useful for controlling the display of languages that use vertical script, and also for making vertical table headers.

Getting Started - Developer guides
note: if you're sending a request to a piece of code that will return xml, rather than a static html file, you must set response headers to work in internet explorer.

Block formatting context - Developer guides
anonymous table cells implicitly created by the elements with display: table, table-row, table-row-group, table-header-group, table-footer-group (which is the default for html tables, table rows, table bodies, table headers, and table footers, respectively), or inline-table.

Using HTML sections and outlines - Developer guides
</p> </article> nesting elements inside an article the <article> element can have other semantic elements such as headers, asides, and footers.

XHTML - Developer guides
the following example shows an html document and corresponding "xhtml" document, and the accompanying http content-type headers they should be served with.

HTML attribute reference - HTML: Hypertext Markup Language
headers <td>, <th> ids of the <th> elements which applies to this element.

Allowing cross-origin use of images and canvas - HTML: Hypertext Markup Language
consider the html5 boilerplate apache server configuration file for cors images, shown below: <ifmodule mod_setenvif.c> <ifmodule mod_headers.c> <filesmatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$"> setenvif origin ":" is_cors header set access-control-allow-origin "*" env=is_cors </filesmatch> </ifmodule> </ifmodule> in short, this configures the server to allow graphic files (those with the extensions ".bmp", ".cur", ".gif", ".ico", ".jpg", ".jpeg", ".png", ".svg", ".svgz", and ".webp") to be accessed cross-...

<meta>: The Document-level Metadata element - HTML: Hypertext Markup Language
the attribute is named http-equiv(alent) because all the allowed values are names of particular http headers: content-security-policy allows page authors to define a content policy for the current page.

<td>: The Table Data Cell element - HTML: Hypertext Markup Language
headers this attribute contains a list of space-separated strings, each corresponding to the id attribute of the <th> elements that apply to this element.

HTML elements reference - HTML: Hypertext Markup Language
the exact nature of this group is defined by the scope and headers attributes.

HTML documentation index - HTML: Hypertext Markup Language
the exact nature of this group is defined by the scope and headers attributes.

Preloading content with rel="preload" - HTML: Hypertext Markup Language
set the correct accept request headers for it.

CORS errors - HTTP
control-allow-origin’ is ‘*’ reason: did not find method in cors header ‘access-control-allow-methods’ reason: expected ‘true’ in cors header ‘access-control-allow-credentials’ reason: cors preflight channel did not succeed reason: invalid token ‘xyz’ in cors header ‘access-control-allow-methods’ reason: invalid token ‘xyz’ in cors header ‘access-control-allow-headers’ reason: missing token ‘xyz’ in cors header ‘access-control-allow-headers’ from cors preflight channel reason: multiple cors header ‘access-control-allow-origin’ not allowed ...

Configuring servers for Ogg media - HTTP
configuration for older firefox versions serve x-content-duration headers note: as of firefox 41, the x-content-duration header is no longer supported.

Connection management in HTTP/1.x - HTTP
the http headers involved in defining the connection model, like connection and keep-alive, are hop-by-hop headers with their values able to be changed by intermediary nodes.

List of default Accept values - HTTP
(source) safari, chrome text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 (source) safari 5 text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 this is an improvement over earlier accept headers as it no longer ranks image/png above text/html internet explorer 8 image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/x-shockwave-flash, application/msword, */* see ie and the accept header (ieinternals' msdn blog).

Cross-Origin Resource Policy (CORP) - HTTP
the policy is only effective for no-cors requests, which are issued by default for cors-safelisted methods/headers.

Access-Control-Allow-Credentials - HTTP
credentials are cookies, authorization headers or tls client certificates.

Access-Control-Max-Age - HTTP
the access-control-max-age response header indicates how long the results of a preflight request (that is the information contained in the access-control-allow-methods and access-control-allow-headers headers) can be cached.

Cache-Control - HTTP
conditional headers such as if-none-match should not be set.

Content-Location - HTTP
the server could also consider other content negotiation headers, such as accept-language.

CSP: base-uri - HTTP
examples meta tag configuration <meta http-equiv="content-security-policy" content="base-uri 'self'"> apache configuration <ifmodule mod_headers.c> header set content-security-policy "base-uri 'self'"; </ifmodule> nginx configuration add_header content-security-policy "base-uri 'self';" violation case since your domain isn't example.com, a <base> element with its href set to https://example.com will result in a csp violation.

CSP: form-action - HTTP
examples meta tag configuration <meta http-equiv="content-security-policy" content="form-action 'none'"> apache configuration <ifmodule mod_headers.c> header set content-security-policy "form-action 'none'; </ifmodule> nginx configuration add_header content-security-policy "form-action 'none';" violation case using a <form> element with an action set to inline javascript will result in a csp violation.

Content-Type - HTTP
<form action="/" method="post" enctype="multipart/form-data"> <input type="text" name="description" value="some text"> <input type="file" name="myfile"> <button type="submit">submit</button> </form> the request looks something like this (less interesting headers are omitted here): post /foo http/1.1 content-length: 68137 content-type: multipart/form-data; boundary=---------------------------974767299852498929531610575 -----------------------------974767299852498929531610575 content-disposition: form-data; name="description" some text -----------------------------974767299852498929531610575 content-disposition: form-data; name="myfile"; filename="foo.t...

Date - HTTP
note that date is listed in the forbidden header names in the fetch spec - so this code will not send date header: fetch('https://httpbin.org/get', { 'headers': { 'date': (new date()).toutcstring() } }) header type general header forbidden header name yes syntax date: <day-name>, <day> <month> <year> <hour>:<minute>:<second> gmt directives <day-name> one of "mon", "tue", "wed", "thu", "fri", "sat", or "sun" (case-sensitive).

Digest - HTTP
examples digest: sha-256=x48e9qookqqrvdts8nojrjn3owduoywxbf7kbu9dbpe= digest: sha-256=x48e9qookqqrvdts8nojrjn3owduoywxbf7kbu9dbpe=,unixsum=30637 specifications specification title draft-ietf-httpbis-digest-headers-latest resource digests for http this header was originally defined in rfc 3230, but the definition of "selected representation" in rfc 7231 made the original definition inconsistent with current http specifications.

ETag - HTTP
examples etag: "33a64df551425fcc55e4d42a148795d9f25f89d4" etag: w/"0815" avoiding mid-air collisions with the help of the etag and the if-match headers, you can detect mid-air edit collisions.

Expect - HTTP
put /somewhere/fun http/1.1 host: origin.example.com content-type: video/h264 content-length: 1234567890987 expect: 100-continue the server now checks the request headers and may respond with a 100 (continue) response to instruct the client to go ahead and send the message body, or it will send a 417 (expectation failed) status if any of the expectations cannot be met.

Forwarded - HTTP
the alternative and de-facto standard versions of this header are the x-forwarded-for, x-forwarded-host and x-forwarded-proto headers.

Last-Modified - HTTP
conditional requests containing if-modified-since or if-unmodified-since headers make use of this field.

Sec-Fetch-Dest - HTTP
sec-fetch-dest: audioworklet sec-fetch-dest: audioworklet values audio audioworklet document embed empty font image manifest object paintworklet report script serviceworker sharedworker style track video worker xslt nested-document examples todo specifications specification title fetch metadata request headers the sec-fetch-dest http request header ...

Sec-Fetch-Mode - HTTP
cors-safelisted request header syntax sec-fetch-mode: cors sec-fetch-mode: navigate sec-fetch-mode: nested-navigate sec-fetch-mode: no-cors sec-fetch-mode: same-origin sec-fetch-mode: websocket values cors navigate nested-navigate no-cors same-origin websocket examples todo specifications specification title fetch metadata request headers the sec-fetch-mode http request header ...

Sec-Fetch-Site - HTTP
examples todo specifications specification title fetch metadata request headers the sec-fetch-site http request header ...

Sec-Fetch-User - HTTP
examples todo specifications specification title fetch metadata request headers the sec-fetch-user http request header ...

Sec-WebSocket-Accept - HTTP
it would appear in the response headers.

Set-Cookie - HTTP
to send multiple cookies, multiple set-cookie headers should be sent in the same response.

Trailer - HTTP
these header fields are disallowed: message framing headers (e.g., transfer-encoding and content-length), routing headers (e.g., host), request modifiers (e.g., controls and conditionals, like cache-control, max-forwards, or te), authentication headers (e.g., authorization or set-cookie), or content-encoding, content-type, content-range, and trailer itself.

Via - HTTP
the via general header is added by proxies, both forward and reverse proxies, and can appear in the request headers and the response headers.

Want-Digest - HTTP
dbpe= the server does not support any of the requested digest algorithms, so responds with a 400 error and includes another want-digest header, listing the algorithms that it does support: request: get /item want-digest: sha;q=1 response: http/1.1 400 bad request want-digest: sha-256, sha-512 specifications specification title draft-ietf-httpbis-digest-headers-latest resource digests for http this header was originally defined in rfc 3230, but the definition of "selected representation" in rfc 7231 made the original definition inconsistent with current http specifications.

X-Frame-Options - HTTP
<httpprotocol> <customheaders> <add name="x-frame-options" value="sameorigin" /> </customheaders> </httpprotocol> ...

X-XSS-Protection - HTTP
example block pages from loading when they detect reflected xss attacks: x-xss-protection: 1; mode=block php header("x-xss-protection: 1; mode=block"); apache (.htaccess) <ifmodule mod_headers.c> header set x-xss-protection "1; mode=block" </ifmodule> nginx add_header "x-xss-protection" "1; mode=block"; specifications not part of any specifications or drafts.

PATCH - HTTP
to find out whether a server supports patch, a server can advertise its support by adding it to the list in the allow or access-control-allow-methods (for cors) response headers.

Redirections in HTTP - HTTP
machine-readable choices are encouraged to be sent as link headers with rel=alternate.

100 Continue - HTTP
to have a server check the request's headers, a client must send expect: 100-continue as a header in its initial request and receive a 100 continue status code in response before sending the body.

200 OK - HTTP
head: the entity headers are in the message body.

301 Moved Permanently - HTTP
the hypertext transfer protocol (http) 301 moved permanently redirect status response code indicates that the resource requested has been definitively moved to the url given by the location headers.

304 Not Modified - HTTP
the equivalent 200 ok response would have included the headers cache-control, content-location, date, etag, expires, and vary.

307 Temporary Redirect - HTTP
http 307 temporary redirect redirect status response code indicates that the resource requested has been temporarily moved to the url given by the location headers.

308 Permanent Redirect - HTTP
the hypertext transfer protocol (http) 308 permanent redirect redirect status response code indicates that the resource requested has been definitively moved to the url given by the location headers.

501 Not Implemented - HTTP
a 501 response is cacheable by default; that is, unless caching headers instruct otherwise.

503 Service Unavailable - HTTP
caching-related headers that are sent along with this response should be taken care of, as a 503 status is often a temporary condition and responses shouldn't usually be cached.

Closures - JavaScript
one way of doing this is to specify the font-size of the body element (in pixels), and then set the size of the other elements on the page (such as headers) using the relative em unit: body { font-family: helvetica, arial, sans-serif; font-size: 12px; } h1 { font-size: 1.5em; } h2 { font-size: 1.2em; } such interactive text size buttons can change the font-size property of the body element, and the adjustments are picked up by other elements on the page thanks to the relative units.

Promise.prototype.finally() - JavaScript
examples using finally let isloading = true; fetch(myrequest).then(function(response) { var contenttype = response.headers.get("content-type"); if(contenttype && contenttype.includes("application/json")) { return response.json(); } throw new typeerror("oops, we haven't got json!"); }) .then(function(json) { /* process your json further */ }) .catch(function(error) { console.error(error); /* this line can also throw, e.g.

Promise.prototype.then() - JavaScript
return fetch('current-data.json').then(response => { if (response.headers.get('content-type') != 'application/json') { throw new typeerror(); } var j = response.json(); // maybe do something with j return j; // fulfillment value given to user of // fetch_current_data().then() }); } if onfulfilled returns a promise, the return value of then will be resolved/rejected by the promise.

SharedArrayBuffer - JavaScript
for top-level documents, two headers will need to be set to cross-origin isolate your site: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) cross-origin-opener-policy: same-origin cross-origin-embedder-policy: require-corp to check if cross origin isolation has been successful, you can test a...

encodeURIComponent() - JavaScript
o be more stringent in adhering to rfc 3986 (which reserves !, ', (, ), and *), even though these characters have no formalized uri delimiting uses, the following can be safely used: function fixedencodeuricomponent(str) { return encodeuricomponent(str).replace(/[!'()*]/g, function(c) { return '%' + c.charcodeat(0).tostring(16); }); } examples encoding for content-disposition and link headers the following example provides the special encoding required within utf-8 content-disposition and link server response header parameters (e.g., utf-8 filenames): var filename = 'my file(2).txt'; var header = "content-disposition: attachment; filename*=utf-8''" + encoderfc5987valuechars(filename); console.log(header); // logs "content-disposition: attachment; filename*=utf-8''my%20...

Critical rendering path - Web Performance
the server returns the html - response headers and data.

Populating the page: how browsers work - Web Performance
once the server receives the request, it will reply with relevant response headers and the contents of the html.

Web Performance
this article explains the tls handshake process, and offers some tips for reducing this time, such as ocsp stapling, hsts preload headers, and the potential role of resource hints in masking tls latency for third parties.

Media - Progressive web apps (PWAs)
for example, the mozilla browser supplies default margins, headers, and footers for printing.

Introduction - SVG: Scalable Vector Graphics
basic ingredients html provides elements for defining headers, paragraphs, tables, and so on.

mimeTypes.rdf corruption - SVG: Scalable Vector Graphics
actually, in mozilla firefox 1.5, the media type for files embedded into html using the html <embed> and <object> tags is (unfortunately) obtained in the same way as it's obtained for local files instead of using the http headers as it should.

Web security
http x-content-type-options the x-content-type-options response http header is a marker used by the server to indicate that the mime types advertised in the content-type headers should not be changed and be followed.