Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Additional headers on dispatcher vhost

Sriga311
Level 2
Level 2

Hi All , 

We are planning to add below  additional header in vhost of the application. Can you please suggest ways to implement it.

Header name: endpointRequested

 

Thanks.

1 Accepted Solution
Asutosh_Jena_
Correct answer by
Community Advisor
Community Advisor

@Sriga311 

 

I don't see it has any value. Can you try the below?

 

Header set X-endPointRequested "www.google.com"

 You need to read the ednPoint dynamically and apply here as variable. Before that ensure it is working by hardcoding some value like I did for google.com

 

Thanks!

View solution in original post

2 Replies
Asutosh_Jena_
Community Advisor
Community Advisor

Hi @Sriga311 

 

You can add additional request headers in the v-host file like below:

 

<VirtualHost *:443>
ServerName ${SERVER_IP}
ServerAlias ${NO_SUBDOMAIN_ALIAS}
Header always append X-Frame-Options SAMEORIGIN
Header set Keep-Alive 'timeout=10, max=98'
Header set X-XSS-Protection "1; mode=block"
Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
Header set X-Content-Type-Options nosniff
</VirtualHost>
Raja-kp
Level 5
Level 5

Hi - Can we also add the header "endpointRequested" in the clientheader section in farm file ?

Sriga311
Level 2
Level 2

Hi @Asutosh_Jena_ ,

W e have added the additional header as below in the vhost .But on restarting the  dispatcher , it got failed .So ,could you please let me know whether this is a wrong approach.

 

<IfModule mod_headers.c>
Header set endpointRequested
</IfModule>

 

Thanks.

Asutosh_Jena_
Correct answer by
Community Advisor
Community Advisor

@Sriga311 

 

I don't see it has any value. Can you try the below?

 

Header set X-endPointRequested "www.google.com"

 You need to read the ednPoint dynamically and apply here as variable. Before that ensure it is working by hardcoding some value like I did for google.com

 

Thanks!

View solution in original post

Sriga311
Level 2
Level 2

This works but can you please suggest how to dynamically read the domain name.

 

Thanks

Sriga

Asutosh_Jena_
Community Advisor
Community Advisor

Can you tell me where the endPoint URL will come? and based on what parameter it will be updated? Is it based on each individual or how it is defined?

 

Thanks!

Sriga311
Level 2
Level 2

It is based on individual vhost where we define the server name as below .

ServerName www.xyz.com
ServerAlias www.xyz.com preview.xyz.com

 

Thanks

 

Asutosh_Jena_
Community Advisor
Community Advisor

I mean what value are you expecting here. Let's say your website URL is www.mywebsite.com

so when I access anypage with this domain what is the expected value for endPointURL header? Also does this value changes anytime or it remains constant always irrespective of any user accessing the page?

Sriga311
Level 2
Level 2

Header endPointURL should remain as the domain name  www.mywebsite.com irrespective of any user accessing the page.

Asutosh_Jena_
Community Advisor
Community Advisor

Then it's going to be static always so you do not have to make it dynamic.

 

Header set X-endPointRequested "www.mywebsite.com"

Or

 

Header set X-endPointRequested ${SERVER_NAME}

 

Here the ${SERVER_NAME} should be defined as a variable in the environment configuration file.

 

Define SERVER_NAME "www.mydomain.com"

 

This is overkill if we do not re use this variable at other places. So directly adding the domain should be good here.

 

Thanks!

Sriga311
Level 2
Level 2

Hi @Asutosh_Jena_ ,

Alternatively, could you please let me know how to allow the additional header in vhost file without setting any value to the header.

 

Thanks.

ArunaSurukunta
Level 5
Level 5

I think this is another wy of adding client headers through farm file along with Virtual host.

 

I think this also another way of setting client headers through farm file.

 

Below are the allowed client headers. h

 

/clientheaders
{
"CSRF-Token"
"X-Forwarded-Proto"
"referer"
"user-agent"
"authorization"
"from"
"content-type"
"content-length"
"accept-charset"
"accept-encoding"
"accept-language"
"accept"
"host"
"if-match"
"if-none-match"
"if-range"
"if-unmodified-since"
"max-forwards"
"proxy-authorization"
"proxy-connection"
"range"
"cookie"
"cq-action"
"cq-handle"
"handle"
"action"
"cqstats"
"depth"
"translate"
"expires"
"date"
"dav"
"ms-author-via"
"if"
"lock-token"
"x-expected-entity-length"
"destination"
"PATH"
}

Thanks,

Aruna