How to get HTTP headers in PHP

Hello Guys,

You have already know that generally you send external API request, you also need to send Content-Type in header. Some API only accepts request if you sent proper headers. When the API call succeed, the server also send headers in response.

Headers are the additional data which are send with the request and response. Generally the header data contains information about data-type, request source and authentication credentials etc.

You may want to get information about headers and validate request. PHP gives you several ways to get headers from request and response.

In this article, we will discuss few ways how to get headers from request and response sent by server.

CURL request:

The first and widely used to get headers from request is using PHP curl. This method also used to get headers from all type of request.

Here is the below example how you can get headers array:

<?php

$url = 'https://hackthestuff.com';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, true); // this will include headers in request
curl_setopt($ch, CURLOPT_NOBODY, true); // this option will remove body from response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$response = curl_exec($ch);

curl_close($ch);

$headers = explode(PHP_EOL, $response);

print_r($headers);

This will return header array in response:

Array
(
    [0] => HTTP/2 301 
    [1] => location: https://www.google.com/
    [2] => content-type: text/html; charset=UTF-8
    [3] => date: Tue, 10 Aug 2021 11:45:33 GMT
    [4] => expires: Thu, 09 Sep 2021 11:45:33 GMT
    [5] => cache-control: public, max-age=2592000
    [6] => server: gws
    [7] => content-length: 220
    [8] => x-xss-protection: 0
    [9] => x-frame-options: SAMEORIGIN
    [10] => alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
    [11] => 
    [12] => 
)

You can convert headers in key:value format using below loop.

$data = [];
foreach ($headers as $value) {
    $parts = explode(':', $value);
    if (count($parts) === 2) {
        $data[trim($parts[0])] = trim($parts[1]);
    }
}

print_r($data);
Array
(
    [content-type] => text/html; charset=UTF-8
    [cache-control] => public, max-age=2592000
    [server] => gws
    [content-length] => 220
    [x-xss-protection] => 0
    [x-frame-options] => SAMEORIGIN
)

apache_request_headers() function

apache_request_headers() function returns all headers for current request. The function returns associative array of all the HTTP headers in the current request. It returns false on failure.

<?php

$headers = apache_request_headers();

print_r($headers);

This will return response for my localhost web request:

Array
(
    [Host] => localhost
    [Connection] => keep-alive
    [Cache-Control] => max-age=0
    [sec-ch-ua] => "Chromium";v="92", " Not A;Brand";v="99", "Google Chrome";v="92"
    [sec-ch-ua-mobile] => ?0
    [Upgrade-Insecure-Requests] => 1
    [User-Agent] => Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
    [Accept] => text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    [Sec-Fetch-Site] => none
    [Sec-Fetch-Mode] => navigate
    [Sec-Fetch-User] => ?1
    [Sec-Fetch-Dest] => document
    [Accept-Encoding] => gzip, deflate, br
    [Accept-Language] => en-GB,en-US;q=0.9,en;q=0.8
)

get_headers() function

get_headers() function returns all response headers sent by the server.

Below example shows the response headers for Google homepage:

<?php

$headers = get_headers('https://www.google.com');

print_r($headers);

It will return the array of headers sent by Google server:

Array
(
    [0] => HTTP/1.0 200 OK
    [1] => Date: Tue, 10 Aug 2021 12:01:20 GMT
    [2] => Expires: -1
    [3] => Cache-Control: private, max-age=0
    [4] => Content-Type: text/html; charset=ISO-8859-1
    [5] => P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    [6] => Server: gws
    [7] => X-XSS-Protection: 0
    [8] => X-Frame-Options: SAMEORIGIN
    [9] => Set-Cookie: 1P_JAR=2021-08-10-12; expires=Thu, 09-Sep-2021 12:01:20 GMT; path=/; domain=.google.com; Secure
    [10] => Set-Cookie: NID=221=SEbyqqBM0d_cZ4I1qqC6o7sLHRQOpWg7qRdWMat3qN2ROYtC_XgyHQYfLZeMoKH9EiSNh_mglxQBtpJPkQnRiaFiEdvVn0MUypVN6VshIN16-OOaMU3JFZ3leCaioetNW0c5H8YfrUst2dIlBud4dRzoWA-YmnhjnsPbeOD_f9Q; expires=Wed, 09-Feb-2022 12:01:20 GMT; path=/; domain=.google.com; HttpOnly
    [11] => Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
    [12] => Accept-Ranges: none
    [13] => Vary: Accept-Encoding
)

I hope you liked the article and help in your web development.

Tags:

Was this article helpful?

0 out of 0 person found this article helpful.

Leave a comment

Or

No Comment