Custom HTTP Response Headers

In some cases, it is useful to apply custom HTTP response headers to resources, for example to allow CORS. If you want to specify headers, create either an Excel Workbook or a Google Sheets Workbook in the /.helix folder of your website in Sharepoint or Google Drive called headers.xlsx in SharePoint or headers in Google Drive.

If your site uses the configuration service, see here for instructions how to apply custom headers.

The workbook should have only one sheet and can define response headers using the url/key/value format as shown below.

The URL column is a glob pattern matching the pages that should have the header should be applied to. A wildcard * can be used as a prefix or suffix, allowing for flexible matches on the URL pathname. Typical examples include /docs/** or **/docs/**.

After you update the sheet, you need to preview (activate) it. Note that the headers are applied to both the preview and live versions of the content. Caches will be purged automatically, so your changes will take effect immediately. See the Admin API documentation for more information.

Note: If the changes apply to code resources, the changes won’t take effect until the code is synced again, either by updating the code in its repository or by manually updating via the Admin API.