Is there any way to completely override some / all of the headers that
rails outputs by default?
I would use response.headers["Set-Cookie"], etc, but as we all know,
this doesn't work a lot of the time for headers which rails sets
The reason I'm asking is I'm a HTTP proxy and in order to pass the
headers (content-type, set-cookie), from the requested page from the
proxy to the client, I need complete control over them.
why it doesn't work for you? I think the most important is to really
pay attention to params hash can have a hash in it, so harder to find
if we make mistake.
Here the second part is your answer, and I think the examples are good
to understand how to override it totally if you wish.
If it has problems, please share it here,
All I can find in this guide is the original response.headers["header"]
= "whatever", that I posted in my question. This doesn't work for most
common headers for me, including Location redirects, Set-Cookie, and
Content-Type, which I am assuming happens because rails uses these
headers again later down the line.
For example, when I do this:
response.headers["Content-type"] = "text/css"
render :text => css
the final content-type header which comes out of the application is
"Content-type: utf8; text/html"
However, when I do this
render :text => css, :content-type => "text/css", the final header is
what I want, "Content-type: utf8; text/css"
I can't do this for every header, like set-cookie, location redirects,
status codes, etc, I need to mass assign headers for this, which brings
us back to my original question. (and yes I would rewrite cookie names
to prevent against xss).