Menu

Expand
Rate this page:

Limitations

Headers

Restricted headers

The following headers are not accessible within a Function. Avoid developing any code that depends on these headers or their variants.

Header Name
Connection
Proxy-Connection
Expect
Host
Proxy-Authorization
Proxy-Authenticate
Referer
Trailer
Transfer-Encoding
Upgrade
Via
X-Accel-*
X-Forwarded-*
X-Real-IP

The OPTIONS request

You cannot interact with the pre-flight OPTIONS request that is sent by browsers. The Runtime client will automatically respond to OPTIONS requests with Access-Control-Allow-Headers: *, and pass along all included request headers to the targeted Function (unless they are in the exclusions list above). In addition, the Runtime client allows all origins by returning Access-Control-Allow-Origin: *.

Maximum header size

Headers and cookies in both incoming requests and outgoing responses are subject to these limits:

  • Max header size: 4kb (including cookies)
  • Max header count: 75 (including cookies)

If either of these limits is exceeded, your Function will throw a 431 error. The error will include the message Request headers or cookies too long if the limits are exceeded by a request, or Response headers or cookies too long if you've constructed a response that exceeds these limits.

This will also generate a Twilio Error 82008.

Cookies

  • Runtime automatically adds the HttpOnly and Secure attributes to your cookies by default, unless you manually set those values.
  • You cannot manually set the value of the Domain attribute on a cookie. The value will be removed and set to the domain of the Function creating the response.
  • If you do not set a Max-Age or Expires on a cookie, it will be considered a Session cookie.
  • If you set both Max-Age and Expires on a cookie, Max-Age takes precedence.
  • If you set the Max-Age or Expires of a cookie to greater than 24 hours, your Function will return a 400 error with the message Cookies max-age cannot be greater than a day.
Rate this page:

Need some help?

We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd by visiting Twilio's Stack Overflow Collective or browsing the Twilio tag on Stack Overflow.

Loading Code Sample...
        
        
        

        Thank you for your feedback!

        Please select the reason(s) for your feedback. The additional information you provide helps us improve our documentation:

        Sending your feedback...
        🎉 Thank you for your feedback!
        Something went wrong. Please try again.

        Thanks for your feedback!

        thanks-feedback-gif