I have to pass a meta-information in my HTTP response so I figured out that I could use the response header, for instance "X-MyData: 123456". Is that safe? I mean, there is a possibility that a client proxy remove this header?
Thanks!
+5
A:
A client proxy could do anything it wanted, but in general would not strip any headers.
Headers starting with an X- are typically reserved for nonstandard usage (i.e. no future standard will introduce a header starting X-) but a proxy may understand them and choose to modify them as it wants.
MarkR
2009-11-27 23:06:54
+4
A:
It is possible for proxy servers or any intermediate links in the chain to modify your headers, but this usually isn't a problem.
More often than not, specifying custom headers is fine as long as they're unique enough not to conflict with other people's headers and you don't expect anyone else to use yours.
James Aaron
2009-11-27 23:07:25
+2
A:
For reference, X- headers are also referred to as user-defined ("X-") in section 5 of RFC 2047 and as Experimental headers in section 4.2.2.1 of the News Article Format draft.
Kevin Hakanson
2009-12-07 02:35:16