
Reputation: 36937

Creating Restful API what kind of headers should be put out before the response?

I am not finding a whole lot of information on this, maybe I am just searching wrong, who knows.. What I want to know or try to figure out is what kind of headers should I output for API responses example

header('Content-Type: application/json');

Is something I would put out for the type of data, but are there others for time, expiration, or anything else for that matter that I should concern myself with?

Ultimately I am attempting to make an API for an app I want to develope so I am trying to figure out early what will be cross platform compliant and what needs are so I can try to build them into my idea of what would be part of standard dev

Upvotes: 1

Views: 2546

Answers (2)


Reputation: 2756

Now this is all you want.

Primary file:

    class REST {

        public $_allow = array();
        public $_content_type = "application/json";
        public $_request = array();

        private $_method = "";        
        private $_code = 200;

        public function __construct(){

        public function get_referer(){
            return $_SERVER['HTTP_REFERER'];

        public function response($data,$status){
            $this->_code = ($status)?$status:200;
            echo $data;

        private function get_status_message(){
            $status = array(
                        100 => 'Continue',  
                        101 => 'Switching Protocols',  
                        200 => 'OK',
                        201 => 'Created',  
                        202 => 'Accepted',  
                        203 => 'Non-Authoritative Information',  
                        204 => 'No Content',  
                        205 => 'Reset Content',  
                        206 => 'Partial Content',  
                        300 => 'Multiple Choices',  
                        301 => 'Moved Permanently',  
                        302 => 'Found',  
                        303 => 'See Other',  
                        304 => 'Not Modified',  
                        305 => 'Use Proxy',  
                        306 => '(Unused)',  
                        307 => 'Temporary Redirect',  
                        400 => 'Bad Request',  
                        401 => 'Unauthorized',  
                        402 => 'Payment Required',  
                        403 => 'Forbidden',  
                        404 => 'Not Found',  
                        405 => 'Method Not Allowed',  
                        406 => 'Not Acceptable',  
                        407 => 'Proxy Authentication Required',  
                        408 => 'Request Timeout',  
                        409 => 'Conflict',  
                        410 => 'Gone',  
                        411 => 'Length Required',  
                        412 => 'Precondition Failed',  
                        413 => 'Request Entity Too Large',  
                        414 => 'Request-URI Too Long',  
                        415 => 'Unsupported Media Type',  
                        416 => 'Requested Range Not Satisfiable',  
                        417 => 'Expectation Failed',  
                        500 => 'Internal Server Error',  
                        501 => 'Not Implemented',  
                        502 => 'Bad Gateway',  
                        503 => 'Service Unavailable',  
                        504 => 'Gateway Timeout',  
                        505 => 'HTTP Version Not Supported');
            return ($status[$this->_code])?$status[$this->_code]:$status[500];

        public function get_request_method(){
            return $_SERVER['REQUEST_METHOD'];

        private function inputs(){
                case "POST":
                    $this->_request = $this->cleanInputs($_POST);
                case "GET":
                case "DELETE":
                    $this->_request = $this->cleanInputs($_GET);
                case "PUT":
                    $this->_request = $this->cleanInputs($this->_request);

        private function cleanInputs($data){
            $clean_input = array();
                foreach($data as $k => $v){
                    $clean_input[$k] = $this->cleanInputs($v);
                    $data = trim(stripslashes($data));
                $data = strip_tags($data);
                $clean_input = trim($data);
            return $clean_input;

        private function set_headers(){
            header("HTTP/1.1 ".$this->_code." ".$this->get_status_message());

API Functions in file api.php

    error_reporting(E_ALL ^ E_DEPRECATED);

    class API extends REST {

        public $data = "";

        const DB_SERVER = "host";
        const DB_USER = "username";
        const DB_PASSWORD = "asdfgf";
        const DB = "database name";

        private $db = NULL;

        public function __construct(){
            parent::__construct();                // Init parent contructor
            $this->dbConnect();                    // Initiate Database connection

           Database connection 
        private function dbConnect(){
            $this->db = mysql_pconnect(self::DB_SERVER,self::DB_USER,self::DB_PASSWORD);
            if (!$this->db)
              echo "Please try later.";

         * Public method for access api.
         * This method dynmically call the method based on the query string
        public function processApi(){
            $func = strtolower(trim(str_replace("/","",$_REQUEST['rquest'])));
            if((int)method_exists($this,$func) > 0)
                $this->response('',400);                // If the method not exist with in this class, response would be "Page not found".

        /*************API SPACE START*******************/

        private function about(){

            if($this->get_request_method() != "POST"){
                $error = array('status' => 'WRONG_CALL', "msg" => "The type of call cannot be accepted by our servers.");
                $error = $this->json($error);
            $data = array('version' => '0.1', 'desc' => 'This API is created by Blovia Technologies Pvt. Ltd., for the public usage for accessing data about vehicles.');
            $data = $this->json($data);


        /*************API SPACE END*********************/

            Encode array into JSON
        private function json($data){
                return json_encode($data, JSON_PRETTY_PRINT);


    // Initiiate Library

    $api = new API;

Now finally configure .htaccess

Create a file named .htaccess in the same folder where you place api.php and

RewriteBase /
RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-s
RewriteRule ^(.*)$ api.php?rquest=$1 [QSA,NC,L]

RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*)$ api.php [QSA,NC,L]

RewriteCond %{REQUEST_FILENAME} -s
RewriteRule ^(.*)$ api.php [QSA,NC,L]   

Now call your API like


where about is the function. You can dynamically check whether it is GET or POST inside the function, and send response text and codes as required. I have given you entirely what you want.

Considering api.php and are both in /, (that is what in RewriteBase in .htaccess file)

If you want to place the files in some other directory or folder, for example /beta/v1/

Change the RewriteBase from / to /beta/v1

Note. Place the .htaccess in the same folder.

And both the files in the same directory. The directory should be placed in the htaccess in RewriteBase

If you have any issues understanding the above, let me know.

Upvotes: 2

Jerrod Horton
Jerrod Horton

Reputation: 1692

One good thing that I include in my response headers is a correlation id for the request that was sent. This allows consumers of your API to correlate a question or a potential bug with a request and allow you to look up information pertaining to that request.

This, of course, requires you to log information associated to the correlation id but it has proven to be very useful for me.

Upvotes: 0

Related Questions