Interface HttpServletResponse
- All Superinterfaces:
ServletResponse
- All Known Implementing Classes:
HttpServletResponseWrapper
ServletResponse
interface to provide HTTP-specific functionality in sending a response. For
example, it has methods to access HTTP headers and cookies.
The servlet container creates an HttpServletResponse
object and passes it as an argument to the
servlet's service methods (doGet
, doPost
, etc).
- See Also:
-
Field Summary
Modifier and TypeFieldDescriptionstatic final int
Status code (202) indicating that a request was accepted for processing, but was not completed.static final int
Status code (502) indicating that the HTTP server received an invalid response from a server it consulted when acting as a proxy or gateway.static final int
Status code (400) indicating the request sent by the client was syntactically incorrect.static final int
Status code (409) indicating that the request could not be completed due to a conflict with the current state of the resource.static final int
Status code (100) indicating the client can continue.static final int
Status code (201) indicating the request succeeded and created a new resource on the server.static final int
Status code (417) indicating that the server could not meet the expectation given in the Expect request header.static final int
Status code (403) indicating the server understood the request but refused to fulfill it.static final int
Status code (302) indicating that the resource reside temporarily under a different URI.static final int
Status code (504) indicating that the server did not receive a timely response from the upstream server while acting as a gateway or proxy.static final int
Status code (410) indicating that the resource is no longer available at the server and no forwarding address is known.static final int
Status code (505) indicating that the server does not support or refuses to support the HTTP protocol version that was used in the request message.static final int
Status code (500) indicating an error inside the HTTP server which prevented it from fulfilling the request.static final int
Status code (411) indicating that the request cannot be handled without a definedContent-Length
.static final int
Status code (405) indicating that the method specified in theRequest-Line
is not allowed for the resource identified by theRequest-URI
.static final int
Status code (301) indicating that the resource has permanently moved to a new location, and that future references should use a new URI with their requests.static final int
Status code (302) indicating that the resource has temporarily moved to another location, but that future references should still use the original URI to access the resource.static final int
Status code (300) indicating that the requested resource corresponds to any one of a set of representations, each with its own specific location.static final int
Status code (204) indicating that the request succeeded but that there was no new information to return.static final int
Status code (203) indicating that the meta information presented by the client did not originate from the server.static final int
Status code (406) indicating that the resource identified by the request is only capable of generating response entities which have content characteristics not acceptable according to the accept headers sent in the request.static final int
Status code (404) indicating that the requested resource is not available.static final int
Status code (501) indicating the HTTP server does not support the functionality needed to fulfill the request.static final int
Status code (304) indicating that a conditional GET operation found that the resource was available and not modified.static final int
Status code (200) indicating the request succeeded normally.static final int
Status code (206) indicating that the server has fulfilled the partial GET request for the resource.static final int
Status code (402) reserved for future use.static final int
Status code (412) indicating that the precondition given in one or more of the request-header fields evaluated to false when it was tested on the server.static final int
Status code (407) indicating that the client MUST first authenticate itself with the proxy.static final int
Status code (413) indicating that the server is refusing to process the request because the request entity is larger than the server is willing or able to process.static final int
Status code (408) indicating that the client did not produce a request within the time that the server was prepared to wait.static final int
Status code (414) indicating that the server is refusing to service the request because theRequest-URI
is longer than the server is willing to interpret.static final int
Status code (416) indicating that the server cannot serve the requested byte range.static final int
Status code (205) indicating that the agent SHOULD reset the document view which caused the request to be sent.static final int
Status code (303) indicating that the response to the request can be found under a different URI.static final int
Status code (503) indicating that the HTTP server is temporarily overloaded, and unable to handle the request.static final int
Status code (101) indicating the server is switching protocols according to Upgrade header.static final int
Status code (307) indicating that the requested resource resides temporarily under a different URI.static final int
Status code (401) indicating that the request requires HTTP authentication.static final int
Status code (415) indicating that the server is refusing to service the request because the entity of the request is in a format not supported by the requested resource for the requested method.static final int
Status code (305) indicating that the requested resource MUST be accessed through the proxy given by theLocation
field. -
Method Summary
Modifier and TypeMethodDescriptionvoid
Adds the specified cookie to the response.void
addDateHeader
(String name, long date) Adds a response header with the given name and date-value.void
Adds a response header with the given name and value.void
addIntHeader
(String name, int value) Adds a response header with the given name and integer value.boolean
containsHeader
(String name) Returns a boolean indicating whether the named response header has already been set.encodeRedirectUrl
(String url) Deprecated.As of version 2.1, use encodeRedirectURL(String url) insteadencodeRedirectURL
(String url) Encodes the specified URL for use in thesendRedirect
method or, if encoding is not needed, returns the URL unchanged.Deprecated.As of version 2.1, use encodeURL(String url) insteadEncodes the specified URL by including the session ID, or, if encoding is not needed, returns the URL unchanged.Gets the value of the response header with the given name.Gets the names of the headers of this response.getHeaders
(String name) Gets the values of the response header with the given name.int
Gets the current status code of this response.Gets the supplier of trailer headers.void
sendError
(int sc) Sends an error response to the client using the specified status code and clears the buffer.void
Sends an error response to the client using the specified status and clears the buffer.void
sendRedirect
(String location) Sends a temporary redirect response to the client using the specified redirect location URL and clears the buffer.void
setDateHeader
(String name, long date) Sets a response header with the given name and date-value.void
Sets a response header with the given name and value.void
setIntHeader
(String name, int value) Sets a response header with the given name and integer value.void
setStatus
(int sc) Sets the status code for this response.void
Deprecated.As of version 2.1, due to ambiguous meaning of the message parameter.default void
setTrailerFields
(Supplier<Map<String, String>> supplier) Sets the supplier of trailer headers.Methods inherited from interface jakarta.servlet.ServletResponse
flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getOutputStream, getWriter, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentLengthLong, setContentType, setLocale
-
Field Details
-
SC_CONTINUE
static final int SC_CONTINUEStatus code (100) indicating the client can continue.- See Also:
-
SC_SWITCHING_PROTOCOLS
static final int SC_SWITCHING_PROTOCOLSStatus code (101) indicating the server is switching protocols according to Upgrade header.- See Also:
-
SC_OK
static final int SC_OKStatus code (200) indicating the request succeeded normally.- See Also:
-
SC_CREATED
static final int SC_CREATEDStatus code (201) indicating the request succeeded and created a new resource on the server.- See Also:
-
SC_ACCEPTED
static final int SC_ACCEPTEDStatus code (202) indicating that a request was accepted for processing, but was not completed.- See Also:
-
SC_NON_AUTHORITATIVE_INFORMATION
static final int SC_NON_AUTHORITATIVE_INFORMATIONStatus code (203) indicating that the meta information presented by the client did not originate from the server.- See Also:
-
SC_NO_CONTENT
static final int SC_NO_CONTENTStatus code (204) indicating that the request succeeded but that there was no new information to return.- See Also:
-
SC_RESET_CONTENT
static final int SC_RESET_CONTENTStatus code (205) indicating that the agent SHOULD reset the document view which caused the request to be sent.- See Also:
-
SC_PARTIAL_CONTENT
static final int SC_PARTIAL_CONTENTStatus code (206) indicating that the server has fulfilled the partial GET request for the resource.- See Also:
-
SC_MULTIPLE_CHOICES
static final int SC_MULTIPLE_CHOICESStatus code (300) indicating that the requested resource corresponds to any one of a set of representations, each with its own specific location.- See Also:
-
SC_MOVED_PERMANENTLY
static final int SC_MOVED_PERMANENTLYStatus code (301) indicating that the resource has permanently moved to a new location, and that future references should use a new URI with their requests.- See Also:
-
SC_MOVED_TEMPORARILY
static final int SC_MOVED_TEMPORARILYStatus code (302) indicating that the resource has temporarily moved to another location, but that future references should still use the original URI to access the resource. This definition is being retained for backwards compatibility. SC_FOUND is now the preferred definition.- See Also:
-
SC_FOUND
static final int SC_FOUNDStatus code (302) indicating that the resource reside temporarily under a different URI. Since the redirection might be altered on occasion, the client should continue to use the Request-URI for future requests.(HTTP/1.1) To represent the status code (302), it is recommended to use this variable.- See Also:
-
SC_SEE_OTHER
static final int SC_SEE_OTHERStatus code (303) indicating that the response to the request can be found under a different URI.- See Also:
-
SC_NOT_MODIFIED
static final int SC_NOT_MODIFIEDStatus code (304) indicating that a conditional GET operation found that the resource was available and not modified.- See Also:
-
SC_USE_PROXY
static final int SC_USE_PROXYStatus code (305) indicating that the requested resource MUST be accessed through the proxy given by theLocation
field.- See Also:
-
SC_TEMPORARY_REDIRECT
static final int SC_TEMPORARY_REDIRECTStatus code (307) indicating that the requested resource resides temporarily under a different URI. The temporary URI SHOULD be given by theLocation
field in the response.- See Also:
-
SC_BAD_REQUEST
static final int SC_BAD_REQUESTStatus code (400) indicating the request sent by the client was syntactically incorrect.- See Also:
-
SC_UNAUTHORIZED
static final int SC_UNAUTHORIZEDStatus code (401) indicating that the request requires HTTP authentication.- See Also:
-
SC_PAYMENT_REQUIRED
static final int SC_PAYMENT_REQUIREDStatus code (402) reserved for future use.- See Also:
-
SC_FORBIDDEN
static final int SC_FORBIDDENStatus code (403) indicating the server understood the request but refused to fulfill it.- See Also:
-
SC_NOT_FOUND
static final int SC_NOT_FOUNDStatus code (404) indicating that the requested resource is not available.- See Also:
-
SC_METHOD_NOT_ALLOWED
static final int SC_METHOD_NOT_ALLOWEDStatus code (405) indicating that the method specified in theRequest-Line
is not allowed for the resource identified by theRequest-URI
.- See Also:
-
SC_NOT_ACCEPTABLE
static final int SC_NOT_ACCEPTABLEStatus code (406) indicating that the resource identified by the request is only capable of generating response entities which have content characteristics not acceptable according to the accept headers sent in the request.- See Also:
-
SC_PROXY_AUTHENTICATION_REQUIRED
static final int SC_PROXY_AUTHENTICATION_REQUIREDStatus code (407) indicating that the client MUST first authenticate itself with the proxy.- See Also:
-
SC_REQUEST_TIMEOUT
static final int SC_REQUEST_TIMEOUTStatus code (408) indicating that the client did not produce a request within the time that the server was prepared to wait.- See Also:
-
SC_CONFLICT
static final int SC_CONFLICTStatus code (409) indicating that the request could not be completed due to a conflict with the current state of the resource.- See Also:
-
SC_GONE
static final int SC_GONEStatus code (410) indicating that the resource is no longer available at the server and no forwarding address is known. This condition SHOULD be considered permanent.- See Also:
-
SC_LENGTH_REQUIRED
static final int SC_LENGTH_REQUIREDStatus code (411) indicating that the request cannot be handled without a definedContent-Length
.- See Also:
-
SC_PRECONDITION_FAILED
static final int SC_PRECONDITION_FAILEDStatus code (412) indicating that the precondition given in one or more of the request-header fields evaluated to false when it was tested on the server.- See Also:
-
SC_REQUEST_ENTITY_TOO_LARGE
static final int SC_REQUEST_ENTITY_TOO_LARGEStatus code (413) indicating that the server is refusing to process the request because the request entity is larger than the server is willing or able to process.- See Also:
-
SC_REQUEST_URI_TOO_LONG
static final int SC_REQUEST_URI_TOO_LONGStatus code (414) indicating that the server is refusing to service the request because theRequest-URI
is longer than the server is willing to interpret.- See Also:
-
SC_UNSUPPORTED_MEDIA_TYPE
static final int SC_UNSUPPORTED_MEDIA_TYPEStatus code (415) indicating that the server is refusing to service the request because the entity of the request is in a format not supported by the requested resource for the requested method.- See Also:
-
SC_REQUESTED_RANGE_NOT_SATISFIABLE
static final int SC_REQUESTED_RANGE_NOT_SATISFIABLEStatus code (416) indicating that the server cannot serve the requested byte range.- See Also:
-
SC_EXPECTATION_FAILED
static final int SC_EXPECTATION_FAILEDStatus code (417) indicating that the server could not meet the expectation given in the Expect request header.- See Also:
-
SC_INTERNAL_SERVER_ERROR
static final int SC_INTERNAL_SERVER_ERRORStatus code (500) indicating an error inside the HTTP server which prevented it from fulfilling the request.- See Also:
-
SC_NOT_IMPLEMENTED
static final int SC_NOT_IMPLEMENTEDStatus code (501) indicating the HTTP server does not support the functionality needed to fulfill the request.- See Also:
-
SC_BAD_GATEWAY
static final int SC_BAD_GATEWAYStatus code (502) indicating that the HTTP server received an invalid response from a server it consulted when acting as a proxy or gateway.- See Also:
-
SC_SERVICE_UNAVAILABLE
static final int SC_SERVICE_UNAVAILABLEStatus code (503) indicating that the HTTP server is temporarily overloaded, and unable to handle the request.- See Also:
-
SC_GATEWAY_TIMEOUT
static final int SC_GATEWAY_TIMEOUTStatus code (504) indicating that the server did not receive a timely response from the upstream server while acting as a gateway or proxy.- See Also:
-
SC_HTTP_VERSION_NOT_SUPPORTED
static final int SC_HTTP_VERSION_NOT_SUPPORTEDStatus code (505) indicating that the server does not support or refuses to support the HTTP protocol version that was used in the request message.- See Also:
-
-
Method Details
-
addCookie
Adds the specified cookie to the response. This method can be called multiple times to set more than one cookie.- Parameters:
cookie
- the Cookie to return to the client
-
containsHeader
Returns a boolean indicating whether the named response header has already been set.- Parameters:
name
- the header name- Returns:
true
if the named response header has already been set;false
otherwise
-
encodeURL
Encodes the specified URL by including the session ID, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary.For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.
If the URL is relative, it is always relative to the current HttpServletRequest.
- Parameters:
url
- the url to be encoded.- Returns:
- the encoded URL if encoding is needed; the unchanged URL otherwise.
- Throws:
IllegalArgumentException
- if the url is not valid
-
encodeRedirectURL
Encodes the specified URL for use in thesendRedirect
method or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary. Because the rules for making this determination can differ from those used to decide whether to encode a normal link, this method is separated from theencodeURL
method.All URLs sent to the
HttpServletResponse.sendRedirect
method should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.If the URL is relative, it is always relative to the current HttpServletRequest.
- Parameters:
url
- the url to be encoded.- Returns:
- the encoded URL if encoding is needed; the unchanged URL otherwise.
- Throws:
IllegalArgumentException
- if the url is not valid- See Also:
-
encodeUrl
Deprecated.As of version 2.1, use encodeURL(String url) instead- Parameters:
url
- the url to be encoded.- Returns:
- the encoded URL if encoding is needed; the unchanged URL otherwise.
- Throws:
IllegalArgumentException
- if the url is not valid
-
encodeRedirectUrl
Deprecated.As of version 2.1, use encodeRedirectURL(String url) instead- Parameters:
url
- the url to be encoded.- Returns:
- the encoded URL if encoding is needed; the unchanged URL otherwise.
- Throws:
IllegalArgumentException
- if the url is not valid
-
sendError
Sends an error response to the client using the specified status and clears the buffer. The server defaults to creating the response to look like an HTML-formatted server error page containing the specified message, setting the content type to "text/html". The caller is not responsible for escaping or re-encoding the message to ensure it is safe with respect to the current response encoding and content type. This aspect of safety is the responsibility of the container, as it is generating the error page containing the message. The server will preserve cookies and may clear or update any headers needed to serve the error page as a valid response.
If an error-page declaration has been made for the web application corresponding to the status code passed in, it will be served back in preference to the suggested msg parameter and the msg parameter will be ignored.
If the response has already been committed, this method throws an IllegalStateException. After using this method, the response should be considered to be committed and should not be written to.
- Parameters:
sc
- the error status codemsg
- the descriptive message- Throws:
IOException
- If an input or output exception occursIllegalStateException
- If the response was committed
-
sendError
Sends an error response to the client using the specified status code and clears the buffer. The server will preserve cookies and may clear or update any headers needed to serve the error page as a valid response. If an error-page declaration has been made for the web application corresponding to the status code passed in, it will be served back the error pageIf the response has already been committed, this method throws an IllegalStateException. After using this method, the response should be considered to be committed and should not be written to.
- Parameters:
sc
- the error status code- Throws:
IOException
- If an input or output exception occursIllegalStateException
- If the response was committed before this method call
-
sendRedirect
Sends a temporary redirect response to the client using the specified redirect location URL and clears the buffer. The buffer will be replaced with the data set by this method. Calling this method sets the status code toSC_FOUND
302 (Found). This method can accept relative URLs;the servlet container must convert the relative URL to an absolute URL before sending the response to the client. If the location is relative without a leading '/' the container interprets it as relative to the current request URI. If the location is relative with a leading '/' the container interprets it as relative to the servlet container root. If the location is relative with two leading '/' the container interprets it as a network-path reference (see RFC 3986: Uniform Resource Identifier (URI): Generic Syntax, section 4.2 "Relative Reference").If the response has already been committed, this method throws an IllegalStateException. After using this method, the response should be considered to be committed and should not be written to.
- Parameters:
location
- the redirect location URL- Throws:
IOException
- If an input or output exception occursIllegalStateException
- If the response was committed or if a partial URL is given and cannot be converted into a valid URL
-
setDateHeader
Sets a response header with the given name and date-value. The date is specified in terms of milliseconds since the epoch. If the header had already been set, the new value overwrites the previous one. ThecontainsHeader
method can be used to test for the presence of a header before setting its value.- Parameters:
name
- the name of the header to setdate
- the assigned date value- See Also:
-
addDateHeader
Adds a response header with the given name and date-value. The date is specified in terms of milliseconds since the epoch. This method allows response headers to have multiple values.- Parameters:
name
- the name of the header to setdate
- the additional date value- See Also:
-
setHeader
Sets a response header with the given name and value. If the header had already been set, the new value overwrites the previous one. ThecontainsHeader
method can be used to test for the presence of a header before setting its value.- Parameters:
name
- the name of the headervalue
- the header value If it contains octet string, it should be encoded according to RFC 2047 (http://www.ietf.org/rfc/rfc2047.txt)- See Also:
-
addHeader
Adds a response header with the given name and value. This method allows response headers to have multiple values.- Parameters:
name
- the name of the headervalue
- the additional header value If it contains octet string, it should be encoded according to RFC 2047 (http://www.ietf.org/rfc/rfc2047.txt)- See Also:
-
setIntHeader
Sets a response header with the given name and integer value. If the header had already been set, the new value overwrites the previous one. ThecontainsHeader
method can be used to test for the presence of a header before setting its value.- Parameters:
name
- the name of the headervalue
- the assigned integer value- See Also:
-
addIntHeader
Adds a response header with the given name and integer value. This method allows response headers to have multiple values.- Parameters:
name
- the name of the headervalue
- the assigned integer value- See Also:
-
setStatus
void setStatus(int sc) Sets the status code for this response.This method is used to set the return status code when there is no error (for example, for the SC_OK or SC_MOVED_TEMPORARILY status codes).
If this method is used to set an error code, then the container's error page mechanism will not be triggered. If there is an error and the caller wishes to invoke an error page defined in the web application, then
sendError(int, java.lang.String)
must be used instead.This method preserves any cookies and other response headers.
Valid status codes are those in the 2XX, 3XX, 4XX, and 5XX ranges. Other status codes are treated as container specific.
- Parameters:
sc
- the status code- See Also:
-
setStatus
Deprecated.As of version 2.1, due to ambiguous meaning of the message parameter. To set a status code usesetStatus(int)
, to send an error with a description usesendError(int, String)
. Sets the status code and message for this response.- Parameters:
sc
- the status codesm
- the status message
-
getStatus
int getStatus()Gets the current status code of this response.- Returns:
- the current status code of this response
- Since:
- Servlet 3.0
-
getHeader
Gets the value of the response header with the given name.If a response header with the given name exists and contains multiple values, the value that was added first will be returned.
This method considers only response headers set or added via
setHeader(java.lang.String, java.lang.String)
,addHeader(java.lang.String, java.lang.String)
,setDateHeader(java.lang.String, long)
,addDateHeader(java.lang.String, long)
,setIntHeader(java.lang.String, int)
, oraddIntHeader(java.lang.String, int)
, respectively.- Parameters:
name
- the name of the response header whose value to return- Returns:
- the value of the response header with the given name, or null if no header with the given name has been set on this response
- Since:
- Servlet 3.0
-
getHeaders
Gets the values of the response header with the given name.This method considers only response headers set or added via
setHeader(java.lang.String, java.lang.String)
,addHeader(java.lang.String, java.lang.String)
,setDateHeader(java.lang.String, long)
,addDateHeader(java.lang.String, long)
,setIntHeader(java.lang.String, int)
, oraddIntHeader(java.lang.String, int)
, respectively.Any changes to the returned
Collection
must not affect thisHttpServletResponse
.- Parameters:
name
- the name of the response header whose values to return- Returns:
- a (possibly empty)
Collection
of the values of the response header with the given name - Since:
- Servlet 3.0
-
getHeaderNames
Collection<String> getHeaderNames()Gets the names of the headers of this response.This method considers only response headers set or added via
setHeader(java.lang.String, java.lang.String)
,addHeader(java.lang.String, java.lang.String)
,setDateHeader(java.lang.String, long)
,addDateHeader(java.lang.String, long)
,setIntHeader(java.lang.String, int)
, oraddIntHeader(java.lang.String, int)
, respectively.Any changes to the returned
Collection
must not affect thisHttpServletResponse
.- Returns:
- a (possibly empty)
Collection
of the names of the headers of this response - Since:
- Servlet 3.0
-
setTrailerFields
Sets the supplier of trailer headers.The trailer header field value is defined as a comma-separated list (see Section 3.2.2 and Section 4.1.2 of RFC 7230).
The supplier will be called within the scope of whatever thread/call causes the response content to be completed. Typically this will be any thread calling close() on the output stream or writer.
The trailers that run afoul of the provisions of section 4.1.2 of RFC 7230 are ignored.
The RFC requires the name of every key that is to be in the supplied Map is included in the comma separated list that is the value of the "Trailer" response header. The application is responsible for ensuring this requirement is met. Failure to do so may lead to interoperability failures.
- Parameters:
supplier
- the supplier of trailer headers- Throws:
IllegalStateException
- if it is invoked after the response has has been committed, or the trailer is not supported in the request, for instance, the underlying protocol is HTTP 1.0, or the response is not in chunked encoding in HTTP 1.1.- Since:
- Servlet 4.0
-
getTrailerFields
Gets the supplier of trailer headers.- Returns:
Supplier
of trailer headers- Since:
- Servlet 4.0
-