问题
What is the difference between sending data through the request header and sending data through the request body. Under what circumstances, we have to send the data through the header/body and when shouldn't we send the data through header/body ?
回答1:
It is usually a good idea to use the headers for metadata and the body for the data that is used by the business logic.
Some points to consider:
1) If the data is sent via HTTP instead of HTTPS, the proxy servers can modify the headers.
2) If you are using the REST protocol for communication among microservices, interoperability could be important. Most APIs usually do not provide the capability to add/modify custom headers.
3) It is better to have the data that is used by routers/firewalls in the HTTP header and limit the body to application specific information.
回答2:
A message(request) body is the one which carries actual HTTP request data (including form data and uploaded etc.) and HTTP response data from the server (including files, images etc).
While request header can not contain actual data as mentioned above, you can use request header to send some specific header and based on that you can apply your logic. For instance, while creating a REST API you can send AUTHENTICATION header to verify if request is coming from an allowed user or not.
来源:https://stackoverflow.com/questions/33339906/sending-data-via-request-header-vs-sending-data-via-request-body