Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.

service

alt-svc

The date and time that the message was sent.

This and all future requests should be directed to the given URI. The request method can change.

Inform all caching mechanisms from server to client whether they may cache this object.

The time a browser should remember a site can only be accessed with https (seconds).

Intermediate cache or proxy cannot modify the response or certain headers.

The length of the response body in octets (8-bit bytes).

A cookie sent from the server to be set on the client

The client will only send the cookie when requesting this path, or subdirectories, from the server.

Prevents access to the cookie through JavaScript.

The cookie is only sent when requesting from a https domain.

Cookie is not sent on cross-site requests but is when following a link to the origin.

A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

Added by proxies to track a request through proxies and to avoid loops.

Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.