http-kinder- Generic kinds and types for working with HTTP

Safe HaskellNone




Defines the types and kinds for working with type and value level headers.

In particular, this module exports a datatype, HeaderName which is meant to be used with DataKinds providing one type, e.g. 'Accept for every common header name (and an override one CustomHeader). It also exports Sing values for each HeaderName-kinded type each merely being the name of that type prepended with S.

Finally, it exports a set of type synonms for each HeaderName-kinded type so that they can be referenced without the quote prefix '.


Functions and types for working with HeaderName Sings

data SomeHeaderName where Source

It's difficult to get ahold of values of HeaderName directly since they may contain Symbol values which do not exist. Instead, we can get almost the same effect through an existential which holds a singleton at the HeaderName kind

Note that while the Haddocks show this as taking any Sing type it is actually constrained only to have Sings of kind HeaderName.


SomeHeaderName :: forall h. Sing h -> SomeHeaderName 

headerName :: forall s h. IsString s => Sing h -> s Source

Extract a string-like representation of a HeaderName Sing.

parseHeaderName :: CI Text -> SomeHeaderName Source

Construct a HeaderType Sing from a string representation. This will try to use a standard header type if possible or will default to CustomHeader.

The HeaderName type/kind

data HeaderName Source

A data type representing names describing headers in an HTTP request or response. Much more importantly, with DataKinds enabled this becomes a kind describing types, one for each such header name.

It's worth noting that values of this type can be had, but one branch, CustomHeader will not work since it requires Symbol values which cannot be had. For this reason prefer using values of SomeHeaderName instead of values of HeaderName directly.


CustomHeader Symbol

Inject an arbitatry symbol in as a HeaderName. This can be used to implement any sort of custom header


Used to specify directives that must be obeyed by all caching mechanisms along the request-response chain. Tells all caching mechanisms from server to client whether they may cache this object. It is measured in seconds

Cache-Control: no-cache


Control options for the current connection and list of hop-by-hop request fields

Connection: keep-alive Connection: Upgrade


The length of the request body in octets (8-bit bytes)

Content-Length: 348


The MIME type of the body of the request (used with POST and PUT requests)

Content-Type: application/x-www-form-urlencoded


The date and time that the message was sent (in HTTP-date format as defined by RFC 7231 Date/Time Formats)

Date: Tue, 15 Nov 1994 08:12:31 GMT


Implementation-specific fields that may have various effects anywhere along the request-response chain.

Pragma: no-cache


Ask the server to upgrade to another protocol.

Upgrade: HTTP2.0, SHTTP1.3, IRC6.9, RTAx11


Informs the server of proxies through which the request was sent.

Via: 1.0 fred, 1.1 (Apache/1.1)


A general warning about possible problems with the entity body.

Warning: 199 Miscellaneous warning


Content-Types that are acceptable for the response.

Accept: text/plain


Character sets that are acceptable

Accept-Charset: utf-8


List of acceptable encodings.

Accept-Encoding: gzip, deflate


List of acceptable human languages for response.

Accept-Language: en-US


Used when issuing a preflight request to let the server know what HTTP method will be used when the actual request is made.

Access-Control-Request-Method: POST


Used when issuing a preflight request to let the server know what HTTP headers will be used when the actual request is made.

Access-Control-Request-Headers: X-PINGOTHER


Authentication credentials for HTTP authentication

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==


An HTTP cookie previously sent by the server with Set-Cookie (below)

Cookie: $Version=1; Skin=new;


Indicates that particular server behaviors are required by the client

Expect: 100-continue


The email address of the user making the request



The domain name of the server (for virtual hosting), and the TCP port number on which the server is listening. The port number may be omitted if the port is the standard port for the service requested.

Host: Host:


Only perform the action if the client supplied entity matches the same entity on the server. This is mainly for methods like PUT to only update a resource if it has not been modified since the user last updated it.

If-Match: "737060cd8c284d8af7ad3082f209582d"


Allows a 304 Not Modified to be returned if content is unchanged

If-Modified-Since: Sat, 29 Oct 1994 19:43:31 GMT


Allows a 304 Not Modified to be returned if content is unchanged, see HTTP ETag

If-None-Match: "737060cd8c284d8af7ad3082f209582d"


If the entity is unchanged, send me the part(s) that I am missing; otherwise, send me the entire new entity

If-Range: "737060cd8c284d8af7ad3082f209582d"


Only send the response if the entity has not been modified since a specific time.

If-Unmodified-Since: Sat, 29 Oct 1994 19:43:31 GMT


Limit the number of times the message can be forwarded through proxies or gateways.

Max-Forwards: 10


Initiates a request for cross-origin resource sharing (asks server for an 'Access-Control-Allow-Origin' response field).



Authorization credentials for connecting to a proxy.

Proxy-Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==


Request only part of an entity. Bytes are numbered from 0.

Range: bytes=500-999


This is the address of the previous web page from which a link to the currently requested page was followed. (The word “referrer” has been misspelled in the RFC as well as in most implementations to the point that it has become standard usage and is considered correct terminology)



The transfer encodings the user agent is willing to accept: the same values as for the response header field Transfer-Encoding can be used, plus the "trailers" value (related to the "chunked" transfer method) to notify the server it expects to receive additional fields in the trailer after the last, zero-sized, chunk.

TE: trailers, deflate


The user agent string of the user agent

User-Agent: Mozilla5.0 (X11; Linux x86_64; rv:12.0) Gecko20100101 Firefox/21.0


A de facto standard for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer

X-Forwarded-For: client1, proxy1, proxy2 X-Forwarded-For:,


A de facto standard for identifying the original host requested by the client in the Host HTTP request header, since the host name and/or port of the reverse proxy (load balancer) may differ from the origin server handling the request.

X-Forwarded-Host: X-Forwarded-Host:


A de facto standard for identifying the originating protocol of an HTTP request, since a reverse proxy (or a load balancer) may communicate with a web server using HTTP even if the request to the reverse proxy is HTTPS.


Used to prevent cross-site request forgery.

X-Csrf-Token: i8XNjC4b8KVok4uw5RftR38Wgp2BFwql


When responding to a CORS request this lists either an origin or * describing the server's CORS policy for the requested resource

Access-Control-Allow-Origin: * Access-Control-Allow-Origin: http://foo.example Access-Control-Allow-Origin: https://foo.example


This header lets a server whitelist headers that browsers are allowed to access.

Access-Control-Expose-Headers: X-My-Custom-Header, X-Another-Custom-Header


This header indicates how long the results of a preflight request can be cached.

Access-Control-Max-Age: delta-seconds


Indicates whether or not the response to the request can be exposed when the credentials flag is true. When used as part of a response to a preflight request, this indicates whether or not the actual request can be made using credentials. Note that simple GET requests are not preflighted, and so if a request is made for a resource with credentials, if this header is not returned with the resource, the response is ignored by the browser and not returned to web content.

Access-Control-Allow-Credentials: true | false


Specifies the method or methods allowed when accessing the resource. This is used in response to a preflight request.

Access-Control-Allow-Methods: method[, method]*


Used in response to a preflight request to indicate which HTTP headers can be used when making the actual request.


Specifies which patch document formats this server supports

Accept-Patch: text/example;charset=utf-8


What partial content range types this server supports via byte serving

Accept-Ranges: bytes


The age the object has been in a proxy cache in seconds

Age: 12


Valid actions for a specified resource. To be used for a 405 Method not allowed

Allow: GET, HEAD


An opportunity to raise a "File Download" dialogue box for a known MIME type with binary format or suggest a filename for dynamic content. Quotes are necessary with special characters.

Content-Disposition: attachment; filename="fname.ext"


The type of encoding used on the data.

Content-Encoding: gzip


The natural language or languages of the intended audience for the enclosed content

Content-Language: da


An alternate location for the returned data

Content-Location: /index.htm


Where in a full body message this partial message belongs

Content-Range: bytes 21010-47021/47022


Content Security Policy definition.

Content-Security-Policy: default-src self


An identifier for a specific version of a resource, often a message digest

ETag: "737060cd8c284d8af7ad3082f209582d"


Gives the date/time after which the response is considered stale (in HTTP-date format as defined by RFC 7231)

Expires: Thu, 01 Dec 1994 16:00:00 GMT


The last modified date for the requested object (in HTTP-date format as defined by RFC 7231)

Last-Modified: Tue, 15 Nov 1994 12:45:26 GMT


Used to express a typed relationship with another resource, where the relation type is defined by RFC 5988

Link: /feed; rel="alternate"


Used in redirection, or when a new resource has been created.



Request authentication to access the proxy.

Proxy-Authenticate: Basic


HTTP Public Key Pinning, announces hash of website's authentic TLS certificate

Public-Key-Pins: max-age=2592000; pin-sha256="E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=";


If an entity is temporarily unavailable, this instructs the client to try again later. Value could be a specified period of time (in seconds) or a HTTP-date.

Retry-After: 120 Retry-After: Fri, 07 Nov 2014 23:59:59 GMT


An HTTP cookie

Set-Cookie: UserID=JohnDoe; Max-Age=3600; Version=1


A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

Strict-Transport-Security: max-age=16070400; includeSubDomains


The Trailer general field value indicates that the given set of header fields is present in the trailer of a message encoded with chunked transfer coding.

Trailer: Max-Forwards


The form of encoding used to safely transfer the entity to the user. Currently defined methods are: chunked, compress, deflate, gzip, identity.

Transfer-Encoding: chunked


Tells downstream proxies how to match future request headers to decide whether the cached response can be used rather than requesting a fresh one from the origin server.

Vary: * Vary: Accept-Language


Indicates the authentication scheme that should be used to access the requested entity.

WWW-Authenticate: Basic


SingI HeaderName CacheControl Source 
SingI HeaderName Connection Source 
SingI HeaderName ContentLength Source 
SingI HeaderName ContentType Source 
SingI HeaderName Date Source 
SingI HeaderName Pragma Source 
SingI HeaderName Upgrade Source 
SingI HeaderName Via Source 
SingI HeaderName Warning Source 
SingI HeaderName Accept Source 
SingI HeaderName AcceptCharset Source 
SingI HeaderName AcceptEncoding Source 
SingI HeaderName AcceptLanguage Source 
SingI HeaderName AccessControlRequestMethod Source 
SingI HeaderName AccessControlRequestHeaders Source 
SingI HeaderName Authorization Source 
SingI HeaderName Cookie Source 
SingI HeaderName Expect Source 
SingI HeaderName From Source 
SingI HeaderName Host Source 
SingI HeaderName IfMatch Source 
SingI HeaderName IfModifiedSince Source 
SingI HeaderName IfNoneMatch Source 
SingI HeaderName IfRange Source 
SingI HeaderName IfUnmodifiedSince Source 
SingI HeaderName MaxForwards Source 
SingI HeaderName Origin Source 
SingI HeaderName ProxyAuthorization Source 
SingI HeaderName Range Source 
SingI HeaderName Referer Source 
SingI HeaderName TE Source 
SingI HeaderName UserAgent Source 
SingI HeaderName XForwardedFor Source 
SingI HeaderName XForwardedHost Source 
SingI HeaderName XForwardedProto Source 
SingI HeaderName XCsrfToken Source 
SingI HeaderName AccessControlAllowOrigin Source 
SingI HeaderName AccessControlExposeHeaders Source 
SingI HeaderName AccessControlMaxAge Source 
SingI HeaderName AccessControlAllowCredentials Source 
SingI HeaderName AccessControlAllowMethods Source 
SingI HeaderName AccessControlAllowHeaders Source 
SingI HeaderName AcceptPatch Source 
SingI HeaderName AcceptRanges Source 
SingI HeaderName Age Source 
SingI HeaderName Allow Source 
SingI HeaderName ContentDisposition Source 
SingI HeaderName ContentEncoding Source 
SingI HeaderName ContentLanguage Source 
SingI HeaderName ContentLocation Source 
SingI HeaderName ContentRange Source 
SingI HeaderName ContentSecurityPolicy Source 
SingI HeaderName ETag Source 
SingI HeaderName Expires Source 
SingI HeaderName LastModified Source 
SingI HeaderName Link Source 
SingI HeaderName Location Source 
SingI HeaderName ProxyAuthenticate Source 
SingI HeaderName PublicKeyPins Source 
SingI HeaderName RetryAfter Source 
SingI HeaderName SetCookie Source 
SingI HeaderName StrictTransportSecurity Source 
SingI HeaderName Trailer Source 
SingI HeaderName TransferEncoding Source 
SingI HeaderName Vary Source 
SingI HeaderName WWWAuthenticate Source 
SingI Symbol s => SingI HeaderName (CustomHeader s) Source 
data Sing HeaderName where Source 

data family Sing a

The singleton kind-indexed data family.


data Sing Bool where 
data Sing Ordering where 
data Sing Nat where 
data Sing Symbol where 
data Sing () where 
data Sing HeaderName where 
data Sing Verb where 
data Sing Status where 
data Sing [a0] where 
data Sing (Maybe a0) where 
data Sing (TyFun k1 k2 -> *) = SLambda {} 
data Sing (Either a0 b0) where 
data Sing ((,) a0 b0) where 
data Sing ((,,) a0 b0 c0) where 
data Sing ((,,,) a0 b0 c0 d0) where 
data Sing ((,,,,) a0 b0 c0 d0 e0) where 
data Sing ((,,,,,) a0 b0 c0 d0 e0 f0) where 
data Sing ((,,,,,,) a0 b0 c0 d0 e0 f0 g0) where 

Type synonyms for more convenient use of HeaderNames

type Age = Age Source

type TE = TE Source

type Via = Via Source