HTTPHeader allows EZproxy administrators to configure EZproxy to pass through custom HTTP headers created by browser applications to pass information to EZproxy. Without the HTTPheader directive, EZproxy will ignore these custom headers, and allow only those headers it has been explicitly configured to handle.
HTTPHeader was enhanced with EZproxy V6.1.3. This page is divided to provide details for users with EZproxy V6.0.8 or earlier installed and for users with EZproxy V6.1 or later.
HTTPHeader is a position-independent directive that specifies additional HTTP headers that should be allowed to pass through EZproxy to remote web servers. When a web browser makes a request to a web server, it provides additional information using headers. For example, if the browser is configured to specify that English is the preferred language of its user, the browser will add:
where Accept-Language is the header, and en-us is the value for the header.
To avoid conflicts, EZproxy is configured to only pass through headers that is has been explicitly configured to handle. Information on how to handle the majority of headers required by most browsers is already built in to EZproxy.
With the advent of AJAX technology, applications running in browsers may now create and use their own custom headers to pass information to web applications. Since these custom headers are unknown to EZproxy, it blocks them, which can prevent the application from working properly. The HTTPHeader directive can be used to authorize the passing of custom headers. When determining if a header in the request matches a wildheader specified with HTTPHeader, EZproxy performs a case-insensitive comparison.
The HTTPHeader directive takes the following form:
The following qualifier can be used with the HTTPHeader directive to customize your EZproxy configuration.
|wildheader||The header to authorize, which may include the * wildcard to match zero or more characters and the ? wildcard to match any one character.
HTTPHeader still works to specify additional HTTP headers for EZproxy to allow to pass through, but this directive can now be configured to allow arbitrary processing of both the headers sent from the user to the content provider and from the content provider back to the user. This directive only applies when proxying content and not when the user is interacting with internal EZproxy services such as the login page or administration pages.
The HTTPHeader directive takes the following form:
HTTPHeader [-global] [-ignoreGlobal] -direction -method header [expression]
Any entries using the previous standard form of
HTTPHeader wildheader will be read in V6.1 and later as:
HTTPHeader -request -global CustomHeader
The following qualifiers can be used with the HTTPHeader directive to customize how EZproxy processes headers.
||Apply this directive to all database stanzas except those that contain HTTPHeader -ignoreGlobal.
||Within the current database stanza, ignore all HTTPHeader -global directives defined in config.txt. The HTTPHeader directive with this qualifier must be placed AFTER the Title directive to apply to this stanza.
|-direction: Use these options to designate the direction from which the request is being sent.
||Designates the header is in the request from the user's browser to the content provider.|
||Designates the header is in response from the content provider to the user's browser.
|-method: Use these options to designate how EZproxy should process the header.|
||Process the header by allowing EZproxy to perform standard processing on the header's value or allow a header that EZproxy would normally block to pass through.
||Block the header and its value.|
||Treat the value of the header as a URL and rewrite it into EZproxy form (this is typically used with -response).
||Treat the value of the header as a URL that is rewritten in EZproxy form that needs to be unrewritten into its original form (typically used with -request).
||Provide the header as hh:header and its value as hh:value to the user-specified expression; if the returned value is non-empty, send the header with that value; if the returned value is empty, suppress the header.
||Provide the header as hh:header to the user-specified expression; if the returned value is non-empty, send the header with that value; if the returned value is empty, suppress the header.
||HTTP header to be affected.|
||Required by -edit and -inject.|
If a database provider created a custom header that must be allowed to pass through as part of a database configuration, you might need to add the following to you stanza:
Title Research Database
Because this directive is position-independent, it does not need to be placed within the database stanza to work. Even when placed within a stanza, it will apply to the entire config.txt file. This should not cause any problems as these headers are usually specific to certain resources and will not impact the proxying behavior of other resources.
Most of the time, these HTTPHeader directives will be in the default stanza suggested by the content provider. If an HTTPHeader directive with the specified custom header already exists in config.txt, you do not need to add it again to the database stanza for the given resource.
The HTTPHeader syntax in this version of EZproxy allows you to apply the HTTPHeader directive selectively to database stanzas. For example, the header specified in the following stanza will only be applied to this single resource since it is placed after the Title directive and does not contain the -global qualifier:
Title First Database
HTTPHeader -request CustomHeader
The following configuration will apply the first HTTPHeader directive to the first and third database stanzas as well as any others in config.txt, but not the middle stanza because it includes the HTTPHeader -ignoreGlobal directive after the Title directive. Using the -ignoreGlobal qualifier with this directive will cause this stanza to ignore ALL global HTTPHeader directives that are located anywhere in config.txt.
HTTPHeader -global SpecialHeader
Title Science Database
Title History Database
HTTPHeader -ignoreGlobal SpecialHeader
Title Literature Database
This page last revised: September 23, 2015.