Why Is This Important?

HTTPHeader allows EZproxy administrators to configure EZproxy to pass through custom HTTP headers created by browser applications to pass information to EZproxy. Without the HTTPheader directive, EZproxy will ignore these custom headers, and allow only those headers it has been explicitly configured to handle.

HTTPHeader was enhanced with EZproxy V6.1.3. This page is divided to provide details for users with EZproxy V6.0.8 or earlier installed and for users with EZproxy V6.1 or later.

EZproxy V6.0.8 and Before

HTTPHeader is a position-independent directive that specifies additional HTTP headers that should be allowed to pass through EZproxy to remote web servers. When a web browser makes a request to a web server, it provides additional information using headers. For example, if the browser is configured to specify that English is the preferred language of its user, the browser will add:

Accept-Language: en-us

where Accept-Language is the header, and en-us is the value for the header.

To avoid conflicts, EZproxy is configured to only pass through headers that is has been explicitly configured to handle. Information on how to handle the majority of headers required by most browsers is already built in to EZproxy.

With the advent of AJAX technology, applications running in browsers may now create and use their own custom headers to pass information to web applications. Since these custom headers are unknown to EZproxy, it blocks them, which can prevent the application from working properly. The HTTPHeader directive can be used to authorize the passing of custom headers. When determining if a header in the request matches a wildheader specified with HTTPHeader, EZproxy performs a case-insensitive comparison. 


The HTTPHeader directive takes the following form:

HTTPHeader wildheader


The following qualifier can be used with the HTTPHeader directive to customize your EZproxy configuration.

Qualifier Description
wildheader The header to authorize, which may include the * wildcard to match zero or more characters and the ? wildcard to match any one character.

EZproxy V6.1 and Later

HTTPHeader still works to specify additional HTTP headers for EZproxy to allow to pass through, but this directive can now be configured to allow arbitrary processing of both the headers sent from the user to the content provider and from the content provider back to the user. This directive only applies when proxying content and not when the user is interacting with internal EZproxy services such as the login page or administration pages.


The HTTPHeader directive takes the following form:

HTTPHeader [-global] [-ignoreGlobal] -direction -method header [expression]

Any entries using the previous standard form of HTTPHeader wildheader will be read in V6.1 and later as: 

HTTPHeader -request -global CustomHeader


The following qualifiers can be used with the HTTPHeader directive to customize how EZproxy processes headers.

Qualifier Description
-global Apply this directive to all database stanzas except those that contain HTTPHeader -ignoreGlobal.
-ignoreGlobal Within the current database stanza, ignore all HTTPHeader -global directives defined in config.txt. The HTTPHeader directive with this qualifier must be placed AFTER the Title directive to apply to this stanza.
-direction: Use these options to designate the direction from which the request is being sent.


Designates the header is in the request from the user's browser to the content provider.


Designates the header is in response from the content provider to the user's browser.
-method: Use these options to designate how EZproxy should process the header.


Process the header by allowing EZproxy to perform standard processing on the header's value or allow a header that EZproxy would normally block to pass through.


Block the header and its value.


Treat the value of the header as a URL and rewrite it into EZproxy form (this is typically used with -response).


Treat the value of the header as a URL that is rewritten in EZproxy form that needs to be unrewritten into its original form (typically used with -request).


Provide the header as hh:header and its value as hh:value to the user-specified expression; if the returned value is non-empty, send the header with that value; if the returned value is empty, suppress the header.


Provide the header as hh:header to the user-specified expression; if the returned value is non-empty, send the header with that value; if the returned value is empty, suppress the header.
header HTTP header to be affected.
expression Required by -edit and -inject.

EZproxy V6.0.8 and Before

If a database provider created a custom header that must be allowed to pass through as part of a database configuration, you might need to add the following to you stanza:

HTTPHeader ResearchHeader
Title Research Database

Because this directive is position-independent, it does not need to be placed within the database stanza to work. Even when placed within a stanza, it will apply to the entire config.txt file. This should not cause any problems as these headers are usually specific to certain resources and will not impact the proxying behavior of other resources.

Most of the time, these HTTPHeader directives will be in the default stanza suggested by the content provider. If an HTTPHeader directive with the specified custom header already exists in config.txt, you do not need to add it again to the database stanza for the given resource.

EZproxy V6.1 and Later

The HTTPHeader syntax in this version of EZproxy allows you to apply the HTTPHeader directive selectively to database stanzas. For example, the header specified in the following stanza will only be applied to this single resource since it is placed after the Title directive and does not contain the -global qualifier:

Title First Database
HTTPHeader -request CustomHeader

The following configuration will apply the first HTTPHeader directive to the first and third database stanzas as well as any others in config.txt, but not the middle stanza because it includes the HTTPHeader -ignoreGlobal directive after the Title directive. Using the -ignoreGlobal qualifier with this directive will cause this stanza to ignore ALL global HTTPHeader directives that are located anywhere in config.txt.

HTTPHeader -global SpecialHeader

Title Science Database

Title History Database
HTTPHeader -ignoreGlobal SpecialHeader

Title Literature Database


See the following functions related to this directive on the Common Conditions and Actions page.


This page last revised: September 23, 2015.