24

When should we use headers in the HttpRequestMessage object over headers in the HttpClient?

We have need to add Authorization (always changing) and few custom headers (always changing).

Questions

  1. Which is the preferred method?

  2. Should I be adding common headers (same across all the requests) to the HttpClient and request based headers to the HttpRequestMessage object?

     //HttpRequestMessage Code
 HttpRequestMessage reqmsg =new HttpRequestMessage();
 reqmsg.Headers.Authorization =new AuthenticationHeaderValue("some scheme");
 reqmsg.Headers.Add("name","value");
 //HttpClient Code
 HttpClient client =new HttpClient();
 client.DefaultRequestHeaders.Authorization =new AuthenticationHeaderValue("some scheme");
 client.DefaultRequestHeaders.Add("name", "value");
Dale K
28.1k15 gold badges60 silver badges86 bronze badges
asked Oct 3, 2015 at 13:29
3
  • Perhaps a nitpick, but the current thinking seems to be to instantiate HttpClient as a singleton, not as a short-lived object (in which case, don't forget to Dispose/use 'using'). Commented Jul 23, 2018 at 11:01
  • @MaxBarraclough It would seem that the general consensus now is not to wrap HttpClient in a using block as it will leak connections instead of just recycling the HttpClient. Please see some of the comments in these SO questions: Question-1 and Question-2 Commented Mar 16, 2019 at 19:14
  • 1
    @AnthonyWalsh This article agrees with you: seems my first suggestion was good, but not my second one: aspnetmonsters.com/2016/08/2016-08-27-httpclientwrong Commented Mar 28, 2019 at 21:45

1 Answer 1

27
  1. Which is the preferred method ? Should i be adding common headers (same across all the requests) to the HttpClient
  2. and request based headers to the HttpRequestMessage object ??

Your questions are auto-answered themselves.

DefaultRequestHeaders are ones that will be part of any request, which is a plus because you'll be able to avoid repeating yourself adding some headers one over again. In the other hand, HttpRequestMessage.Headers will be only part of that request.

When should you use one over the other? I'm going to use two examples:

  • I need to send an OAuth bearer token as part of every request so I set the Authorization header in the HttpClient.DefaultRequestHeaders, and if I need to refresh the token, I just need to set it again there.

  • I need to send an entity serialized as JSON or XML depending on some condition. That is, I'll set the Content-type header in a per-request basis.

answered Oct 3, 2015 at 14:11
Sign up to request clarification or add additional context in comments.

2 Comments

"and if I need to refresh the token, I just need to set it again there." I don't think changing DefaultRequestHeaders is thread safe...
@Aldracor you are correct in that DefaultRequestHeaders isn't thread safe. Recommended practice is to use a static instance of HttpClient for the entire app. Never use DefaultRequestHeaders or BaseAddress, always use HttpRequestMessage.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.