Is there a DEFAULT header? If I just send some PHP to a browser without specifying a header.. what header will it apply to it?
There are lots of different HTTP headers that mean different things. PHP will give you defaults for the important ones if you don't set them yourself.
I think the header you're specifically talking about is Content-Type. This tells the browser what kind of file you're sending it. If you say text/html, it will try to display what you give it as a web page. If you say application/pdf, it'll try to display or download it as a PDF file.
PHP defaults to sending Content-Type: text/html. If that's all you want, you don't have to call header('Content-Type: ...'); at all. However, if you are using any non-ASCII Unicode characters, you may wish to set Content-Type to text/html;charset=something, where something is the encoding you're using for them (often, utf-8). Otherwise the browser will have to guess and might get it wrong. The commonly-seen <meta http-equiv="Content-Type" content="text/html;charset=something"/> tag is an alternative way of doing the same thing; if you want to be really safe about it, you can use both.
If you serve a JPEG image as text/html, which is what will be happening if you follow “someone”'s questionable advice by removing the header() call, then going to the URL of the image in the browser will try to display the binary image as HTML, which will give you a big old load of garbage on the screen. That's not very good, really.
However in many browsers, such a broken JPEG will still usually work when you point an <img src> tag at it. This is because when you use an <img>, the browser knows it's going to be fetching an image, and ignores you when you say it's actually HTML. It then has to to ‘sniff’ the contents of the file to see whether it looks like a JPEG, a GIF, a PNG, or some other kind of image it knows about, so it knows how to display it. Browsers have done this because there are so many poorly-written sites out there that forget to send the header. Boo!
So definitely send header('Content-Type: image/jpeg') when you're writing a JPEG, or any other non-HTML type. For HTML pages, you can often get away without it.
html - How to set Headers correctly in PHP - Stack Overflow
Why would some programmers use include'header.php' instead of just making it as a function header();
http redirect - PHP header(Location: ...): Force URL change in address bar - Stack Overflow
PHP header(location) function not working
Videos
Is there a DEFAULT header? If I just send some PHP to a browser without specifying a header.. what header will it apply to it?
There are lots of different HTTP headers that mean different things. PHP will give you defaults for the important ones if you don't set them yourself.
I think the header you're specifically talking about is Content-Type. This tells the browser what kind of file you're sending it. If you say text/html, it will try to display what you give it as a web page. If you say application/pdf, it'll try to display or download it as a PDF file.
PHP defaults to sending Content-Type: text/html. If that's all you want, you don't have to call header('Content-Type: ...'); at all. However, if you are using any non-ASCII Unicode characters, you may wish to set Content-Type to text/html;charset=something, where something is the encoding you're using for them (often, utf-8). Otherwise the browser will have to guess and might get it wrong. The commonly-seen <meta http-equiv="Content-Type" content="text/html;charset=something"/> tag is an alternative way of doing the same thing; if you want to be really safe about it, you can use both.
If you serve a JPEG image as text/html, which is what will be happening if you follow “someone”'s questionable advice by removing the header() call, then going to the URL of the image in the browser will try to display the binary image as HTML, which will give you a big old load of garbage on the screen. That's not very good, really.
However in many browsers, such a broken JPEG will still usually work when you point an <img src> tag at it. This is because when you use an <img>, the browser knows it's going to be fetching an image, and ignores you when you say it's actually HTML. It then has to to ‘sniff’ the contents of the file to see whether it looks like a JPEG, a GIF, a PNG, or some other kind of image it knows about, so it knows how to display it. Browsers have done this because there are so many poorly-written sites out there that forget to send the header. Boo!
So definitely send header('Content-Type: image/jpeg') when you're writing a JPEG, or any other non-HTML type. For HTML pages, you can often get away without it.
Headers are not specific to browsers, it's a part of the HTTP protocol.
A request for a page (or any other resource like images) will cause the client (e.g. Internet browser) to send a request header. This could contain an header for language (Accept-Language) for example.
The first line of a HTTP request is in the format METHOD RESOURCE HTTP/VERSION. Example: GET /resource HTTP/1.0.
HTTP/1.1 requires the Host-header. An example HTTP/1.1 request:
GET / HTTP/1.1
Host: example.com
The server responds with at least a status code: HTTP/1.1 200 OK
Most servers will send additional headers. Common headers are: Content-Type, Date, Server and Content-Length.
This is an example request (raw data):
$ nc example.com 80
GET / HTTP/1.0
HTTP/1.1 200 OK
Date: Sat, 11 Sep 2010 19:12:13 GMT
Server: Apache
Last-Modified: Fri, 30 Jul 2010 15:30:18 GMT
ETag: "573c1-254-48c9c87349680"
Accept-Ranges: bytes
Content-Length: 596
Connection: close
Content-Type: text/html; charset=UTF-8
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<TITLE>Example Web Page</TITLE>
</HEAD>
<body>
<p>You have reached this web page by typing "example.com",
"example.net","example.org"
or "example.edu" into your web browser.</p>
<p>These domain names are reserved for use in documentation and are not available
for registration. See <a href="http://www.rfc-editor.org/rfc/rfc2606.txt">RFC
2606</a>, Section 3.</p>
</BODY>
</HTML>
It's up to the client (Internet browser) whether to parse a header or not. All modern Internet browsers parses the Content-Type header, and use it to determine how to display a resource (is it a HTML page, an image, a text file or something else?). The Server header is ignored by browsers, servers use it to identify themselves. But some crawler might use it for statistics.
A quote from the HTTP specification:
Multiple message-header fields with the same field-name MAY be present in a message if and only if the entire field-value for that header field is defined as a comma-separated list [i.e., #(values)]. It MUST be possible to combine the multiple header fields into one "field-name: field-value" pair, without changing the semantics of the message, by appending each subsequent field-value to the first, each separated by a comma.
That means that multiple Content-Type fields are not valid, and the behaviour is undefined (although it's common to use the last defined one).
This Wikipedia article contains a list of headers with a description.
Try changing:
header("Location : blabla")
^
|
(whitespace)
To
header("Location: blabla")
Well, if the server sends a correct redirection header, the browser redirects and therefore "changes the url". It might be a browser issue, then. I don't know if it has anything to do with it, but you should not send a relative url in the location header ("HTTP/1.1 requires an absolute URI as argument to » Location: including the scheme, hostname and absolute path, but some clients accept relative URIs. ", http://php.net/manual/en/function.header.php), and "location" must be capitalized, like:
header('Location: http://myhost.com/mypage.php');