Microflow® does not forward all the headers of the incoming request to the back-end services, but maintains an internal white list of the headers to be passed on by default. Headers other than those in the white list are either irrelevant, or we cannot tell the exact behavior if they are passed on since it is really service dependent. This white list can be expanded in the future to include more headers if they are believed to be relevant and not harmful.
The following is the white list of request headers. By default, Microflow only forwards those headers to backend services:
'Accept', 'Accept-Language', 'Referer', 'Connection', 'Authorization', 'Accept-Charset'
The following is the whitelist of response headers. By default, Microflow only forward those headers to client:
To forward the headers to the backend service or from the backend service to the client, you can use the
req.allowHeader() function can be used to pass on a header in the incoming request that is not included in the white list.
The following sample code shows how to allow a “AS2-Version” custom header, used in AS2 B2B protocol, to be passed on to the back-end service.
res.allowHeader() allows a header received from a backend service to be passed on to the client.
Adding Custom Headers
res.addHeader() functions can be used to add your own headers when the request is forwarded to the backend service or when the response from backend service is forwarded to the client.
The following sample code shows how to add the
authorization header to the backend system.
req.addHeader('authorization', 'basic: WEwwewe232de'); done(req);
Similarly, you can use
res.addHeader() to add a custom header that you wish to send back to client.