How do you add a custom http header?
Solution 1
Use:
response.headers['HEADER NAME'] = 'HEADER VALUE'
either in a specific method or to a before_filter method of your application controller depending on whether you need this to be added in a specific or to all of your responses.
UPDATE for Rails 5 - February 24th, 2018
As noted by @BrentMatzelle in the comments, for Rails 5:
response.set_header('HEADER NAME', 'HEADER VALUE')
Solution 2
In rails 5, the following solution works (in action methods)
response.set_header("Header-Name", "Header value")
Reference: edgeapi
Solution 3
In Rails 3 or above, simply
headers['Header-Name'] = 'header value'
works in controllers. This is even the recommended way; according to the documentation,
Response is mostly a Ruby on Rails framework implementation detail, and should never be used directly in controllers. Controllers should use the methods defined in
ActionController::Baseinstead. For example, if you want to set the HTTP response’s content MIME type, then useActionController::Base#headersinstead ofResponse#headers.
And this is still true in Rails 7.0.
Solution 4
In rails 4, set the response headers in the application.rb or respective environment files. Once you done that, you can override the header value wherever you required in the controller. Refer this url for more details.
Solution 5
If your headers are static, e.g. your own custom Server header, you can simply update config.action_dispatch.default_headers. The following example sets a custom Server header; add it to your config/application.rb or config/environments/...:
config.action_dispatch.default_headers["Server"] = "MyServer/#{config.version}"
(Assuming you set config.version earlier)
For more, see Rails Guides: Configuring Rails Applications: Configuring Action Dispatch:
config.action_dispatch.default_headersis a hash with HTTP headers that are set by default in each response.
This will be less work each request than running a controller callback.
NB: For more than one header use merge! to not remove existing essential XSS etc headers.
Related videos on Youtube
17 : 38
03 : 35
03 : 28
06 : 02
06 : 10
05 : 33
06 : 25
22 : 20
Jngai1297
Updated on July 05, 2022Comments
-
Jngai1297 almost 2 years
I'm looking to add custom http headers to a Ruby on Rails app that is currently hosted on Heroku.
-
Avishai over 8 yearsMake sure that the value you set is a string, otherwise pow will give you strange errors
-
Hendrik almost 7 yearsTo add this to all actions in the controller use a
after_action. -
sekrett about 3 yearsThis is the most correct answer. Still most people ignore the documentation and use
responseobject. -
fatfrog over 2 yearsI don't understand the issue with using response, even the guides say "If you want to set custom headers for a response then response.headers is the place to do it." and headers are delegated from action controller to response. github.com/rails/rails/blob/v5.2.0/actionpack/lib/… -
Franklin Yu over 2 years@fatfrog I think this is called encapsulation. Using the public interface is more robust, even if it simply delegates to a private interface; for example, in future the Rails team might want to add something in theheadersmethod, which breaks you if you directly access theresponse. This is no new concept; in Java, many publicgetFoo()methods simply get you the private variablethis.foo. -
rmcsharry almost 2 yearsThis is not correct. You should not really access the response object. See instead: stackoverflow.com/a/44743475/1028679 and read the the comments!
