This feature is in beta. If you would like to use it, please contact support@strattic.com.
Header Rules
Header Rules allow you to override any existing HTTP headers such as request headers, cookies, and arguments in request and response headers.
Strattic now allows you to control HTTP Headers from the Strattic Dashboard.
For setting up the header rules, please note that Strattic uses Path-to-regex formatting.
Path-to-regex is a library that is commonly used in web frameworks to match incoming requests to specific routes or endpoints. It works by converting a route string, which defines the structure of a URL, into a regular expression that can be used to match incoming requests.
For example, let’s say we have a web application with the following route:
/users/:path
This route will match any URL that starts with /users/ followed by a dynamic segment called :path. The :path segment is a placeholder that will match any value, and the actual value will be available as a parameter in the request object.
To create a site-wide rule, you would use: /:path(.*)
Create a new Header Rule
- In your Strattic Dashboard, go to the Site Details page for a selected site and then to the Rules Engine > Header Rules
- Select “Live Site” or “Preview Site” depending on where you want to create the Header rule. Click “Add Rule” and you’ll see a popup which allows you to enter the following fields. Once you’ve filled in the fields, click “Add”.
- Source URI: is where you would like the header rule to be applied. For example, if you’d like to create a Content Security Policy across your whole site, you would use /:path(.*).Please see above about how to use Path-to-regex to create a dynamic Source URI.
- Header Name and Header Value will depend on what kind of header you’re trying to create. For example, for a Content Security Policy, the Header Name would be: Content-Security-Policy and the Header Value could be: default-src “self” depending on what you’re trying to achieve.
- Conditions: allow you to set the conditions determining how the header rule should be triggered. Currently only query parameters are supported.
- Once you’ve created your Header Rule, click “Deploy”. Deploying your changes can take several minutes. There is no need to go into your WordPress site and publish.
Additional Actions:
- Export/Import: Exporting will create a JSON file that can be imported to another site via the Import option
- Export CSV: Export will create a CSV file that can be exported and then imported to another site via the Import CSV option
- Import CSV: To import an existing list of Header Rules, you can create a CSV file that has the following columns:
- uri
- header name
- header value
- description
- conditions
- status
- Sync to Preview / Sync to Live: You can copy your header rules to the Preview or Live site. Please note that this will overwrite any existing header rules you have on that site.
Additional Actions per Header Rule:
- Edit: You can edit a Header Rule and then click Deploy to deploy the changes to the Preview or Live site. While editing a Header Rule, you can also make a rule active or disabled.
- Move Up / Move to First / Move Down / Move to Last: The redirects will be handled in the order that they are listed.