The AddHeader method adds an HTML header with a specified value. This method always adds a new HTTP header to the response. It will not replace an existing header of the same name. Once a header has been added, it cannot be removed.
This method is for advanced use only. If another Response method will provide the functionality you require, it is recommended that you use that method instead.
Response.AddHeader name, value
To avoid name ambiguity, name should not contain any underscore (_) characters. The ServerVariables collection interprets underscores as dashes in the header name. For example, the following script causes the server to search for a header named MY-HEADER.
<% Request.ServerVariables("HTTP_MY_HEADER") %>
Because HTTP protocol requires that all headers be sent before content, you must call AddHeader in your script before any output (such as that generated by HTML code or the Write method) is sent to the client. The exception to this rule is when the Buffer property is set to TRUE. If the output is buffered, you can call the AddHeader method at any point in the script, as long as it precedes any calls to Flush. Otherwise, the call to AddHeader will generate a run-time error.
The following two .asp files illustrate this point.
-------file1.asp---------
<% Response.AddHeader "WARNING", "Error Message Text" %>
<HTML>
Some text on the Web page.
</HTML>
In the preceding example, the page is not buffered. The script works, however, because the AddHeader method is called before the server sends the output
Some text on the Web page
to the client. If the order were reversed, the call to the AddHeader method would generate a run-time error.
------file2.asp----------
<% Response.Buffer = TRUE %>
<HTML>
Here's some text on your Web page.
<% Response.AddHeader "WARNING", "Error Message Text" %> Here's some more interesting and illuminating text.
<% Response.Flush %>
<%= Response.Write("some string") %>
</HTML>
In the preceding example, the page is buffered, and as a result, the server will not send output to the client until all the ASP scripts on the page have been processed or until the Flush method is called. With buffered output, calls to AddHeader can appear anywhere the script, so long as they precede any calls to Flush. If the call to AddHeader appeared below the call to Flush in the preceding example, the script would generate a run-time error.
You can use this method to send multiple copies of the same header with different values, as with WWW-Authenticate headers.
The following example uses the AddHeader method to request that the client use BASIC authentication.
<% Response.Addheader "WWW-Authenticate", "BASIC" %>
Note The preceding script merely informs the client browser which authentication to use. If you use this script in your Web applications, you should ensure that the Web server has BASIC authentication enabled.