Custom HTTP Headers¶
SWS allows customizing the server HTTP Response headers on demand.
Structure¶
The Server HTTP response headers should be defined mainly as an Array of Tables.
Each table entry should have two key/value pairs:
- One
source
key containing a string glob pattern. - One
headers
key containing a set or hash table describing plain HTTP headers to apply.
A particular set of HTTP headers can only be applied when a source
matches against the request URI.
Custom HTTP headers take precedence over existing ones
Whatever custom HTTP header could replace an existing one if it was previously defined (e.g. server default headers) and matches its source
.
The header's order is important because determines its precedence.
Example: If the feature --cache-control-headers=true
is enabled but also a custom cache-control
header was defined then the custom header will have priority.
Source¶
The source is a Glob pattern that should match against the URI that is requesting a resource file.
Headers¶
A set of valid plain HTTP headers to be applied.
Examples¶
Below are some examples of how to customize server HTTP headers in three variants.
One-line version¶
[advanced]
[[advanced.headers]]
source = "**/*.{js,css}"
headers = { Access-Control-Allow-Origin = "*" }
Multiline version¶
[advanced]
[[advanced.headers]]
source = "*.html"
[advanced.headers.headers]
Cache-Control = "public, max-age=36000"
Content-Security-Policy = "frame-ancestors 'self'"
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
Multiline version with explicit header key (dotted)¶
[advanced]
[[advanced.headers]]
source = "**/*.{jpg,jpeg,png,ico,gif}"
headers.Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"