Web service HTTP headers

The RESTful web services communicate by using the HTTP protocol. Some HTTP headers that need special consideration are described in the following table.

Table 1. HTTP headers that require special consideration
Header Values Example Description
X-CSRF-Protection Any value. For example, true. X-CSRF-Protection: true This header is required for manipulating web services when cross-site request forgery (XSRF/CSRF) prevention is enabled.
Accept
  • application/json
  • application/xml
Accept: application/xml Specifies whether the response payload data is requested to be in the XML or the JSON representation.
Content-Type
  • application/json
  • application/xml
Content-Type: application/json Specifies whether the request payload data is provided in the XML or the JSON representation.
If-None-Match The ETag information can be obtained from an earlier GET operation for a single entity. If-None-Match: tsMTTp5rF8zvlUHY83Pk4EXWw== If an If-None-Match header is included in the request header, the server determines whether the information provided in the ETag matches a calculated version of the requested entity. If the information matches, the entity did not change since the last request, and the server returns HTTP status code 304. If the information does not match, the GET request is processed.