Overview
Language

Custom Request Headers

Learn how to add custom HTTP headers to cside requests to identify and filter them on your origin server.

Overview

Custom request headers allow you to attach your own HTTP headers to every request that cside makes to your origin server. This makes it easy to identify, authenticate, or filter cside traffic on your backend.

When cside fetches your scripts, the custom headers you configure are automatically included in the outgoing HTTP request to your origin.

Use Cases

  • Identifying cside traffic: Add a header like X-Request-Source: cside so your backend can distinguish cside requests from regular user traffic
  • Authentication: Include an authorization token so your origin can verify that the request is coming from cside
  • Filtering and logging: Tag requests with a custom identifier for easier log filtering and analytics
  • WAF / firewall rules: Allowlist cside requests by matching on a known header value

Configuring Custom Headers

Navigate to your domain settings in the cside dashboard and scroll to the Custom Request Headers section.

Adding a Header

  1. Enter the header name in the Header name field (e.g. X-Request-Id)
  2. Enter the header value in the Value field (e.g. my-value)
  3. To add additional headers, click + Add header
  4. Click Save request headers to apply your changes
Note

Changes to custom headers take effect within a few minutes as the configuration is updated across all edge regions.

Removing a Header

To remove a header, click the remove button next to the header row you want to delete, then click Save request headers.

How It Works

When cside makes a request to your origin server to fetch script content, any custom headers you’ve configured are injected into the outgoing HTTP request. Your origin server receives these headers alongside the standard request headers.

Example: If you configure a header X-Cside-Token with value abc123, your origin will receive requests like:

GET /your-script.js HTTP/1.1
Host: yourdomain.com
X-Cside-Token: abc123

You can then use this header in your server configuration to identify or authorize cside requests. For example, in NGINX:

location /scripts/ {
    if ($http_x_cside_token = "abc123") {
        # Request is from cside
    }
}

Permissions

Managing custom request headers requires the Manage Domains permission on your team. Contact your team administrator if you don’t have access to this setting.