How do you add a custom HTTP response header in Rails?

I'm looking to add custom HTTP response headers to a Ruby on Rails app that is currently hosted on Heroku.

60504 次浏览

Use:

response.headers['HEADER NAME'] = 'HEADER VALUE'

either in a specific method or to a before_filter method of your application controller depending on whether you need this to be added in a specific or to all of your responses.

UPDATE for Rails 5 - February 24th, 2018

As noted by @BrentMatzelle in the comments, for Rails 5:

response.set_header('HEADER NAME', 'HEADER VALUE')

In rails 4, set the response headers in the application.rb or respective environment files. Once you done that, you can override the header value wherever you required in the controller. Refer this url for more details.

In rails 5, the following solution works (in action methods)

response.set_header("Header-Name", "Header value")

Reference: edgeapi

In rails 4 works following:

class API::V1::BaseController
after_action :set_version_header


protected
def set_version_header
response.headers['X-ComanyName-Api-Version'] = 'V1'
end
end

In Rails 3 or above, simply

headers['Header-Name'] = 'header value'

works in controllers. This is even the recommended way; according to the documentation,

Response is mostly a Ruby on Rails framework implementation detail, and should never be used directly in controllers. Controllers should use the methods defined in ActionController::Base instead. For example, if you want to set the HTTP response’s content MIME type, then use ActionController::Base#headers instead of Response#headers.

And this is still true in Rails 7.0.

If your headers are static, e.g. your own custom Server header, you can simply update config.action_dispatch.default_headers. The following example sets a custom Server header; add it to your config/application.rb or config/environments/...:

config.action_dispatch.default_headers["Server"] = "MyServer/#{config.version}"

(Assuming you set config.version earlier)

For more, see Rails Guides: Configuring Rails Applications: Configuring Action Dispatch:

config.action_dispatch.default_headers is a hash with HTTP headers that are set by default in each response.

This will be less work each request than running a controller callback.

NB: For more than one header use merge! to not remove existing essential XSS etc headers.