Add global response header

Hi all,

Based on the following issue ((mw) global response header transform middleware · Issue #2453 · TykTechnologies/tyk · GitHub) and the corresponding pull request, we should be able to add a global response header for all responses of our API definition using the global_response_headers configuration and the response_processors configuration to register the response processor middleware. Currently, we are on version 2.9.1 of the Tyk API Gateway and looking at the code of that version, this functionality should be available (although not documented). However, it does not seem to be working for me and we’re clueless on what we’re missing here. Any ideas?

Our API definition looks like this (we’re trying to add the Strict-Transport-Security header to all responses):

{
   "name":"my-service-v1",
   "api_id":"my-service-v1",
   "active":true,
   "proxy":{
      "listen_path":"/my-service/v1/",
      "target_url":"http://my-service-v1:8080/",
      "strip_listen_path":true
   },
   "auth":{
      "auth_header_name":""
   },
   "version_data":{
      "not_versioned":true,
      "versions":{
         "Default":{
            "name":"Default",
            "global_headers":{
               "X-Path":"$tyk_context.path",
               "X-Request-Id":"$tyk_context.request_id",
               "X-Remote-Addr":"$tyk_context.remote_addr"
            },
            "global_headers_remove":[
               "Authorization"
            ],
            "global_response_headers":{
               "Strict-Transport-Security":"max-age=31536000; includeSubDomains"
            },
            "global_response_headers_remove":[
               
            ]
         }
      }
   },
   "slug":"my-service/v1",
   "openid_options":{
      "segregate_by_client":false
   },
   "enable_context_vars":true,
   "use_openid":false,
   "use_keyless":true,
   "global_rate_limit":{
      "rate":-1,
      "per":-1
   },
   "response_processors":[
      {
         "name":"header_injector"
      }
   ]
}

Thanks!

Hi!

Global response headers was added as part of Release 3.
Thats why it probably does not work for you.

Thanks.

Hm, I had found the code that was added in the pull request for this issue in tag 2.9.1 in the repository. For example:

and

So that’s why I concluded that it was already part of v2.9.1 as well. Am I making the wrong conclusion then?

Anyone has some input on my question above? :sweat_smile:

Hello @djairhogeuens those features could have not been enabled then. I will look further into this and confirm. Is there a reason to why you’re using 2.9.1 and not switching to 3.x?

I just switched to the latest available version 3.1.2 and this resolved the issue indeed. I had not yet looked into the release notes so I was afraid there would be too much impact but it was flawless :slight_smile:

I still find it strange that the 2.9.1 tag already includes this code will it doesn’t work. But at least my problem is solved now.

Hello @djairhogeuens yes. The code is in there however, it was not enabled at that point.

For future references Tyk has backward and forward compatibility so you should have no problem moving between versions. The only thing you will lose in backward compatibility is the features associated with the versions.

1 Like

Oh thanks @zaid for clarifying that. I was indeed unaware of this and now I understand!

1 Like