HTTP(s) Headers are key-value pairs that are used to pass additional information with an HTTP(s) request or response. Developers often desire the ability to easily modify the headers of traffic that pass through their browsers.
Requestly provides a simple solution to accomplish this, allowing developers to add new headers, remove existing headers and override existing header values in a few clicks.
- Source Condition: Source condition is where you set criteria for the rules. You can use
Equalsto match the source request. Learn more about source conditions here.
- Request Headers : Select this tab to modify the Request Headers of the Request.
- Response Headers : Select this tab to modify the Response Headers of the Request.
- Header Modification : This is where the header modification will happen. You can
- Source Filters : You can define better targeting conditions and restrict rules to be applied on specific web pages (or domains), request types, request methods, or request payloads. Learn more about source filters here.
Popular use cases
- Open websites in an iframe for testing: Response headers like X-Frame-Options and Content-Security-Policy don’t allow you to open pages in iframes to prevent clickjacking. Using Requestly, you can modify this header to allow the websites to be opened in an iframe.
- Remove Content-Security-Policy: Content-Security-Policy response header is added to the website to prevent injection of external scripts. Requestly can be used to remove the CSP response header for testing purposes.
- Debugging CORS Issues: To debug CORS errors in the browser, you can modify response headers like
- Modify Headers in Safari: Download the Requestly desktop app to modify headers in safari and other apps.
- Access the Kubernetes dashboard: You can access the Kubernetes dashboard by modifying the Authorization header. In order to do that, you need to pass Authorization: Bearer
<token>in every request to Dashboard. You can find more information here.
Response Headers not showing in browser network panel
Due to technical constraints, response headers modified using Requestly won't show up in the browser network panel. But the headers actually received by the request are modified.