Can I do my own HTTP header attribute?

Question

Hi, can I make my own headers in HTTP request?

e.g. This is normal HTTP request

GET / HTTP/1.1
Host: google.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT x.x; xx; rv:x.x.x.x) xxx        Firefox/3.0.10 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: xx,en-us;q=0.7,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: windows-1250,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive

and this is header with my "attribute"

GET / HTTP/1.1
Host: google.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT x.x; xx; rv:x.x.x.x) xxx        Firefox/3.0.10 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: xx,en-us;q=0.7,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: windows-1250,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Name: John

and I will have "attribute" in server response. I'll use "attrubutes" in HTTP headers instead of sessions attributes...

BTW.Sorry for my english... ;)

Answer 1

Try this: response.setHeader(name, value)

Answer 2

Yes, I believe you may. Try to make sure you aren't reusing a header someone allready uses. Also keep in mind, that web servers and proxies might filter your headers for security reasons.

In fact, I think sessions in jsp are created with special headers...

Answer 3

Seems that your question is about headers in REQUEST, i.e. coming to server from client. You cannot force client to send any custom header from server side.

Using response.setHeader("Name", "John") will only send this header in response, but client will not send it back to you. Sorry.

Answer 4

You could do this with XMLHttpRequest, but not with a normal browser request.

Answer 5

Are you trying to reinvent cookies?

You know, cookies are just that. A value that the server sends in a header and that the client will return with every request.

Answer 6

Yes, you can. But, why would you want to?

The HTTP protocol allows you to set your own custom headers. However, it would also mean that your server would need o understand your custom headers. Therefore, this solution will only work on your custom application and not across the board. It may also make it more difficult to maintain/debug in the future unless you document all these customisations accurately.

I would second what wmeyer said, use cookies.

Answer 7

You could write a little proxy application. It receives the client request, add the proper attribute and forward it to the server. I suggest this solution because in my experience it happens that you colud need to enrich the http header content to realize an integration between several web application.

The behaviour I've just described is implemented for instance by Tivoli Access Manager to forward LDAP retrieved information to back-end app. servers.

Sorry if my answer would seem out of topic.