
The following is NCSA HTTPd treatment of HTTP headers.  By Supported,
we mean that the server explicitly manipulates the headers.  This
doesn't include forwarding of headers to CGI scripts or including
headers from CGI scripts.

In
HTTP HEADER		     HTTP Section   Sup	  to/why			length		Used for?
Date                         1.0   General   N     Do I care what the clients date is?
MIME-Version		     1.0   General   N     The server isn't MIME Compliant
Pragma			     1.0   General   N     Only no-cache is defined, and this isn't a proxy server
Authorization		     1.0   Request   Y     reqInfo->inh_auth_line 	HUGE_STRING_LEN  Authentication (Basic/MD5/Keberos)
From			     1.0   Request   N     no one uses it
If-Modified-Since            1.0   Request   Y     reqInfo->inh_if_mod		MAX_STRING_LEN   304 Use Local Copy response
Referer                      1.0   Request   Y     reqInfo->inh_referer		HUGE_STRING_LEN  Logs
User-agent                   1.0   Request   Y     reqInfo->inh_agent		HUGE_STRING_LEN  Logs
Allow                        1.0   Entity    N	   not clear how useful in request
Content-Encoding             1.0   Entity    N
Content-Length               1.0   Entity    Y     reqInfo->inh_content_length	int		 POST content length
Content-Type                 1.0   Entity    Y     reqInfo->inh_content_type    MAX_STRING_LEN	 POST content should be application/x-www-form-urlencoded
Expires                      1.0   Entity    N     time request expires?
Last-Modified                1.0   Entity    N     last time request was modified?
Cache-Control		     1.1   General   N
Connection                   1.1   General   Y     Keep-Alive
Forwarded                    1.1   General   N
Keep-Alive                   1.1   General   N     max= timeout=    same
Upgrade                      1.1   General   N
Accept                       1.1   Request   N
Accept-Charset               1.1   Request   N
Accept-Encoding              1.1   Request   N
Accept-Language              1.1   Request   N
Host                         1.1   Request   Y	   reqInfo->inh_called_hostname	 MAX_STRING_LEN  to provide virtual host support with CNAMES
Proxy-Authorization          1.1   Request   N
Range                        1.1   Request   N
Unless                       1.1   Request   N
Content-Language             1.1   Entity    N
Content-MD5                  1.1   Entity    N
Content-Range                1.1   Entity    N
Content-Version              1.1   Entity    N
Derived-From                 1.1   Entity    N
Link                         1.1   Entity    N
Title                        1.1   Entity    N
Transfer-Encoding            1.1   Entity    N
URI-header                   1.1   Entity    N
Extension


Out 
HTTP HEADER		     HTTP Section   Sup	  from/why
Date                         1.0   General   Y     GMT Date in rfc 822 format
MIME-Version		     1.0   General   N     The server isn't MIME Compliant
Pragma			     1.0   General   N     Only no-cache is defined, and this isn't a proxy server
Location                     1.0   Response  Y     reqInfo->outh_location	HUGE_STRING_LEN		redirects
Server                       1.0   Response  Y     #define SERVER_VERSION
WWW-Authenticate             1.0   Response  Y     reqInfo->outh_www_auth	HUGE_STRING_LEN
Allow                        1.0   Entity    N	   We could make a list in evaluate_access(), but wouldn't that be a security hole?
Content-Encoding             1.0   Entity    Y	   reqInfo->outh_content_encoding MAX_STRING_LEN	AddEncoding
Content-Length               1.0   Entity    Y     reqInfo->outh_content_length  int              
Content-Type                 1.0   Entity    Y     reqInfo->outh_content_type    MAX_STRING_LEN   
Expires                      1.0   Entity    N     could add an AddExpires config option
Last-Modified                1.0   Entity    Y	   reqInfo->outh_last_mod	 MAX_STRING_LEN		client caching
Cache-Control		     1.1   General   N
Connection                   1.1   General   Y     keep_alive. stuff  Keep-Alive
Forwarded                    1.1   General   N
Keep-Alive                   1.1   General   Y     max= timeout=    same
Upgrade                      1.1   General   N
Proxy-Authenticate           1.1   Response  N
Public                       1.1   Response  N
Retry-After                  1.1   Response  N
Content-Language             1.1   Entity    N
Content-MD5                  1.1   Entity    Y     reqInfo->outh_content_md5    allocated		do you get what you asked for
Content-Range                1.1   Entity    N
Content-Version              1.1   Entity    N
Derived-From                 1.1   Entity    N
Link                         1.1   Entity    N
Title                        1.1   Entity    N
Transfer-Encoding            1.1   Entity    N
URI-header                   1.1   Entity    N
Annotations-cgi              reqInfo->hostInfo->annotation_server
Extension: Domain-Restricted reqInfo->bNotifyDomainRestricted && 
                             reqInfo->bSatisfiedDomain
