Contact Us 1-800-596-4880

Add Request/Response Headers, Remove Request/Response Headers

The prerequisites for using the header policies are:

  • Assume the role of Organization Administrators or API Versions Owner for an API version you want to manage in Anypoint Platform. Applying policies is an API version management task.

  • Ensure that you are licensed to use API Manager functionality (Mule 3.8.x runtime) or API Gateway runtime 2.x.

Downloading Add or Remove Header Policies

Currently, the add or remove header policies are available on Anypoint Exchange. Follow the step-by-step procedures to download, set up, and apply these policies.

To download the header policies:

  1. Login to Anypoint Platform and go to Exchange.

  2. Search for and download the policies, or use these URLs:

    • Add Request Headers Policy

      https://anypoint.mulesoft.com/exchange/?search=Add%20Request%20Headers%20Policy

    • Remove Request Headers Policy

      https://anypoint.mulesoft.com/exchange/?search=Remove%20Request%20Headers%20Policy

    • Add Response Headers Policy

      https://anypoint.mulesoft.com/exchange/?search=Add%20Response%20Headers%20Policy

    • Remove Response Headers Policy

      https://anypoint.mulesoft.com/exchange/?search=Remove%20Response%20Headers%20Policy

  3. Unzip each policy archive.

An XML and YAML file appears in each of the folders created by unzipping the archives. For example, the add-request-header-policy folder contains the following files:

  • add-request.xml

  • add-request.yaml

You use these files to set up the policy as described later.

Setting Up and Applying Header Policies

If you have configured custom policies in Anypoint Platform, the process is basically the same for add or remove header policies. The following steps show how to set up and apply the policies in Anypoint Platform.

To set up header policies:

  1. Go to the main API Administration page.

  2. On the main menu drop-down, select Custom policies. (Top right corner)

    Custom Policies appears listing custom policies, if there are any, that are available for the API.

  3. Click Add Custom Policy.

  4. In Name, enter a name for the policy, for example add request header policy.

  5. In Policy Definition, click Choose File to locate the YAML file, add-request.yaml in this example, that you downloaded.

  6. In Policy Configuration, choose the XML file, for example, add-request.xml, that you downloaded.

  7. Click Add.

    gw add custom pol

    The policy, add request header policy in this example, appears on the Custom Policies page.

    gw custom pol list

Applying the Add Request/Response Header Policies

Continuing with example of the add request header policy, follow steps in this procedure to apply either of the following policies:

  • Add request header policy

  • Add response header policy

To apply add the request header policies or add response header policies:

  1. Assuming you already deployed the API version, select the version on the API Administration page.

  2. On the API version details page, select Policies from the list of items.

    The add request header policy, for example, appears in Available Policies.

    If the header was already provided by the client or another policy, the value is overwritten by the one you provide in this policy.

  3. Click Apply.

    The Apply add request header policy dialog box appears.

  4. Type the name and value of a header. For example, type extra-header on the left and myvalue on the right.

  5. Optionally, include MEL expressions in the value of the header.

    For example, include the following expression to substitute the name of the user-agent in the header text.

    '#[message.inboundProperties['user-agent']]'

  6. Click gw apply pol plus icon.

  7. Optionally add more names and values of headers to add in the same manner, and click Apply.

    The policy you applied moves from Available Policies to the Applied Policies list.

Applying the Remove Request/Response Header Policies

Perform the steps in this procedure to apply either of the following policies:

  • Remove request header policy

  • Remove response header policy

To apply the remove request header or remove response header policies:

  1. Scroll to the bottom of the version page and select Policies from the list of items.

    The policy, remove request header policy in this example, appears in Available Policies.

    If the header was already provided by the client or another policy, the value is overwritten by the one you provide in this policy.

  2. Click Apply.

    The Apply remove request headers policy dialog box appears.

  3. Type the name of each header that you want to remove, separated by commas.

    You can use wildcards to remove properties that have similar names. For example, using foo-* removes foo-bar, foo-test.

  4. Click Apply.

    The policy you applied moves from the Available policies list to the Applied policies list.

Testing Policy Applications

To test the execution of policies, follow the steps in this section to apply a policy and use curl, for example curl http://localhost:8081 -vvv to test the policies.

Add Request Header Policy

The procedure for testing the add or remove request header policies assume that you created a mule application that logs the headers received by the backend service.

  1. Apply the add request header policy to add a header as described in the previous section.

  2. Run curl.

  3. Check the log of the backend service to verify that request includes the additional header name and value you configured in step 1.

Remove Request Header Policy

The procedure for testing the remove request header policy assumes that you created a mule application that logs the headers received by the backend service.

  1. Apply the remove request header policy to remove a header as described in the previous section.

  2. Run curl.

  3. Verify that the backend service excludes the extra header by checking the log.

Add Response Header Policy

  1. Run curl.

  2. Check the response to see which headers are being received by the client.

  3. Apply the add response header policy to add a response to the header.

  4. Run curl again.

  5. Verify that the specified header is received.

Remove Response Header Policy

  1. Run curl.

  2. Check the response to see which headers are being received by the client.

  3. Apply the remove response header policy to remove a response from the header.

  4. Run curl again.

  5. Verify that the specified header is removed.