Cannot add response headers

Question

This is the script I'm using:

const securityHeaders = [
  {
    key: 'X-XSS-Protection',
    value: '1; mode=block'
  },
  {
    key: 'Referrer-Policy',
    value: 'origin-when-cross-origin'
  }
]

module.exports = {
  async headers() {
    return [
      {
        // Apply these headers to all routes in your application.
        source: '/:path*{/}?',
        headers: securityHeaders,
      },
    ]
  },
}

But when I run npm run start and check the Response Headers for localhost, none of these headers appears.

Using next version 9.5.2

For the routing one would use `/[...path]` to match `/a`, `/a/b`, `/a/b/c`, and so on. Maybe it's the same here (?) — majusebetter, Jul 13 '22 at 23:17
@majusebetter I tried `source: '/',` and tested on Home (localhost:3000) without success. — marcelo2605, Jul 13 '22 at 23:21

score 0 · Answer 1 · answered Jul 13 '22 at 23:06

0

You can use source: "/(.*?)", or source: '/:path*',

answered Jul 13 '22 at 23:06

Yahya Eddhissa

49
7

Thanks, but none of these source works. – marcelo2605 Jul 13 '22 at 23:10
1

Maybe the headers are not set because pages that can be statically exported will be exported to plain .html files. And .html files require no code execution on a server so there is no place to add a custom HTTP header. – Yahya Eddhissa Jul 13 '22 at 23:21
1

Check out [this answer](https://stackoverflow.com/a/61814207/18075667). It might help. – Yahya Eddhissa Jul 13 '22 at 23:22

Cannot add response headers

1 Answers1