Why the status code restriction on add_header?

Maxim Dounin mdounin at mdounin.ru
Thu Dec 5 13:36:01 UTC 2013


On Thu, Dec 05, 2013 at 11:54:56AM +0100, Richard Stanway wrote:

> Hello,
> I'm trying to add some custom headers to a 403 response, but had a hard
> time doing so. Looking through the docs, it seems add_header "Adds the
> specified field to a response header provided that the response code equals
> 200, 201, 204, 206, 301, 302, 303, 304, or 307. "
> I was wondering what the reasoning was behind this pre-set list of status
> codes and why it isn't possible for example to add a header to a 403 or 404
> response. Also, if there is any workaround that would make this possible,
> I'd be interested to hear it.

The "add_header" directive, much like "expires", is intended to be 
used to add headers to positive responses, like "Cache-Control" 
and so on.  Adding headers to error responses can easily end up in 
unexpected behaviour, e.g., due to an error response being cached 
for a year if you'll add an "expires 1y" to your static files 
location (assuming you'll only add new files and it's safe).  Due 
to the above headers are only added to response codes in a limited 

As of now, there is no easy way to add response headers to 
arbitrary responses.  You'll have to do it either with embedded 
perl or with 3rd party modules.

Maxim Dounin

More information about the nginx mailing list