Want-Content-Digest header
The HTTPWant-Content-Digestrequest andresponse header indicates a preference for the recipient to send aContent-Digest integrity header in messages associated with the request URI and representation metadata.
The header includes hashing algorithm preferences that the recipient can use in subsequent messages.The preferences only serve as a hint, and the recipient may ignore the algorithm choices, or the integrity headers entirely.
Some implementations may send unsolicitedContent-Digest headers without requiring aWant-Content-Digest header in a previous message.
| Header type | Representation header |
|---|---|
| Forbidden request header | No |
Syntax
Want-Content-Digest: <algorithm>=<preference>Want-Content-Digest: <algorithm>=<preference>, …, <algorithmN>=<preferenceN>Directives
<algorithm>The requested algorithm to create a digest of the message content.Only two registered digest algorithms are considered secure:
sha-512andsha-256.The insecure (legacy) registered digest algorithms are:md5,sha(SHA-1),unixsum,unixcksum,adler(ADLER32) andcrc32c.<preference>An integer from 0 to 9 where
0means "not acceptable", and the values1to9convey ascending, relative, weighted preference.In contrast to earlier drafts of the specifications, the weighting isnot declared viaqquality values.
Examples
Using Want-Content-Digest in requests
The following message asks the recipient to send aContent-Digest header using SHA-512 algorithm:
Want-Content-Digest: sha-512=9Want-Content-Digest with multiple values
The following header contains three algorithms, and indicates that SHA-256 is the preferred digest algorithm that the recipient should use, followed by SHA-512, and MD5:
Want-Content-Digest: md5=1, sha-512=2, sha-256=3Specifications
| Specification |
|---|
| Digest Fields # section-4 |
Browser compatibility
This header has no specification-defined browser integration ("browser compatibility" does not apply).Developers can set and get HTTP headers usingfetch() in order to provide application-specific implementation behavior.
See also
Content-Digest,Repr-Digest,Want-Repr-Digestdigest headers- Digital Signatures for APIs SDK guide uses
Content-Digests for digital signatures in HTTP calls (developer.ebay.com)