Platform.sh User Documentation

HTTP Headers

Upsun Beta

Access our newest offering - Upsun!

Get your free trial by clicking the link below.

Get your Upsun free trial

Platform.sh adds a number of HTTP headers to both inbound and outbound messages. We don’t modify or block existing headers on either request or response.

Request headers Anchor to this heading

Platform.sh adds the following HTTP headers in the router to give the application information about the connection. These are stable and may be examined by the application as necessary.

  • X-Forwarded-Proto: The protocol forwarded to the application, for example: http, https.
  • X-Client-IP: The remote IP address of the request.
  • X-Client-SSL: Set “on” only if the client is using SSL connection, otherwise the header isn’t added.
  • X-Original-Route: The route in .platform/routes.yaml which is used currently, for example: https://{default}/.

Response headers Anchor to this heading

Platform.sh adds a number of response headers automatically to assist in debugging connections. These headers should be treated as a semi-private API. Do not code against them, but they may be inspected to help determine how Platform.sh handled the request to aid in debugging.

  • X-Platform-Cache: Either HIT or MISS to indicate if the router in your cluster served the response from its own cache or if the request was passed through to the application.
  • X-Platform-Cluster: The ID of the cluster that received the request. The cluster name is formed from the project ID and environment ID.
  • X-Platform-Processor: The ID of the container that generated the response. The container ID is the cluster ID plus the container name.
  • X-Platform-Router: The ID of the router that served the request. The router ID is the processor ID of the router container, specifically.
  • X-Debug-Info: This is a header added by the edge layer. It doesn’t contain any sensitive information or anything that could be misused. It has no relation to the PHP debugging tool Xdebug.

Classification data headers Anchor to this heading

Platform.sh sends classification data to your backend system through the following HTTP headers.

HTTP header Type Description
Client-Cdn string When a CDN that is supported by Platform.sh is used, this header displays its name (Fastly, Cloudflare, or Cloudfront).
Client-Country string The two-character ISO 3166-1 country code of the end-client IP (after CDN handling for the CDNs that Platform.sh supports).
The geolocation data sent through this header is provided by MaxMind GeoLite2.
Client-Abuse-Score integer The abuse score of the end-client IP. A score >= 100 indicates a near certainty that the request comes from an abusive IP.
The abuse data sent through this header is provided by AbuseIPDB.
Client-Asn integer The Autonomous System number of the end-client IP.
The geolocation data sent through this header is provided by MaxMind GeoLite2.

Custom headers Anchor to this heading

Apart from those listed above, your application is responsible for setting its own response headers.

You can also add headers to static files.

Is this page helpful?