Header Injection

During processing a request, reverse proxy can add headers, cookies and url parameters. To configure the headers, first we need to define a Contect Provider.

Configuring Content Provider URI Pattern to add headers

Reverse proxy can add headers and cookies and url parameters, during processing Request.

To add header, cookie or url parameters, it is required to open Content Provider and select needed URI pattern. It will act like a filter, as headers or cookies will be applied only to requests that match specific URI pattern. Then in URI pattern, it is possible to create Meta data and fill it with needed values. Name of a header or a cookie should be specified, but value can be static, be some data from user, currently available username and password, or groovy script. It is possible to send any values via groove script, but there is a need to write this script.

  • Go to Content Providers


  • Click on edit on Content Provider where you want to add changes


  • Scroll down to URI Patterns Create new URI Pattern:


or click edit on existing:


For newly created URI pattern, configure it and add it.


  • On URI Pattern screen, scroll down to Meta Data and click a plus button


  • In opened dialog window, select Meta Data Type. For headers it should be Set Header, for cookies: Set Cookie


  • add Meta Data Name and click a plus button


  • In new dialog window, add needed header or cookie name in Property Name field and select Property Type. For this example Property Type is Static Value. But it possible to use different types, for example, User Name, Password or Groovy Script.


  • Add Property Value. For Static type it will be a string value. If you need an empty value, use special Property Type named Empty Value on previous step. For Groovy scripts, the name will be Groovy script.


  • Optionally you can uncheck Propagate Through Proxy. If it is checked (by default), header will be added to HTTP Response and will be visible in client's browser. If it is unchecked, header will be added to requests that proxy sends to backend server only and will not be visible in client's browser.


  • Optionally you can uncheck Propagate on Error. If this value is unchecked, headers will be added to successful responses only. If checked, headers also will be added to responses with all HTTP statuses. For example, to responses with HTTP status of 404, 500 or any others.


  • If you need more headers or cookies, repeat steps above as much as needed.


  • Finally, click on Save button.