HTTP Headers - How Websites Actually Talk

Andrii RAndrii R
3 min read

Today I finally started to get how the whole browser-to-server interaction works on a deeper level. You know when you visit a website and everything just magically loads? Yeah, turns out there’s a whole conversation happening in the background - and that convo is made up of HTTP headers.

Let me break it down.

Headers - Tiny Messages with Big Meaning

HTTP headers are like the post-it notes attached to web requests and responses. They don’t carry the main content (like a full webpage or image), but they tell both the browser and the server how to deal with that content.

There are request headers (sent from your browser to the server) and response headers (coming back from the server).

Common Request Headers (Browser → Server)

Here are some of the ones I found useful:

  • User-Agent - tells the server what browser and version you’re using. This helps the site adapt if needed.

  • Host - identifies the website you’re requesting. Useful if the server hosts multiple sites.

  • Content-Length - tells the server how much data you're sending (for example, when submitting a form).

  • Accept-Encoding - lists the compression methods your browser supports (like gzip, br, etc).

  • Cookie - if you’ve been to the site before, this header quietly sends your ID or session data back to the server.

Common Response Headers (Server → Browser)

These tell the browser how to handle what it receives:

  • Content-Type - tells the browser what kind of data is coming (HTML? Image? JSON?).

  • Content-Encoding - says how the content was compressed.

  • Cache-Control - explains how long the browser can cache the response.

  • Set-Cookie - this one sets a cookie in your browser. It’s how the server says: “Hey, remember this person!”

Cookies = Server Memory

HTTP is stateless by default, so cookies are how the server “remembers” who you are between visits. You might never enter a name, but the server can still assign you a random ID and say:

“Here, store this cookie. I’ll know it’s you next time.”

And your browser just silently agrees. Kinda spooky, right?

Then Came the Hands-On Part

At the end of the lesson, I got to mess around in a built-in emulator that simulated real HTTP requests. I had to send:

  • GET requests to fetch data

  • POST requests to send login info

  • PUT requests to update stuff

  • DELETE requests to remove things

You could set parameters like username=admin or password=letmein, and watch how everything played out based on the method you used and the data you sent.

Super satisfying, and also kinda addictive once it clicks.

What I Took Away

  • Headers are tiny, but they carry a ton of meaning

  • You can be tracked without ever typing anything - all thanks to cookies

  • Forms send data with POST, and servers often respond with a Set-Cookie to remember you

  • Most of the time, your browser’s just quietly handing over details in the background

If you’ve ever wanted to understand what’s really going on when you visit a site - this is it. Headers are the whispers in the hallway between your browser and the server. And now I can read them.

0
Subscribe to my newsletter

Read articles from Andrii R directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Andrii R
Andrii R