Limitations
Headers
Restricted headers
The following headers are not accessible within a Function. Avoid developing any code that depends on these headers or their variants.
Header Name |
---|
Connection Proxy-Connection |
Expect |
Host |
Proxy-Authorization Proxy-Authenticate |
Referer |
Trailer |
Transfer-Encoding |
Upgrade |
Via |
X-Accel-* |
X-Forwarded-* X-Real-IP |
The OPTIONS request
You cannot interact with the pre-flight OPTIONS request that is sent by browsers. The Runtime client will automatically respond to OPTIONS
requests with Access-Control-Allow-Headers: *
, and pass along all included request headers to the targeted Function (unless they are in the exclusions list above). In addition, the Runtime client allows all origins by returning Access-Control-Allow-Origin: *
.
Maximum header size
Headers and cookies in both incoming requests and outgoing responses are subject to these limits:
- Max header size: 4kb (including cookies)
- Max header count: 75 (including cookies)
If either of these limits is exceeded, your Function will throw a 431
error. The error will include the message Request headers or cookies too long
if the limits are exceeded by a request, or Response headers or cookies too long
if you've constructed a response that exceeds these limits.
This will also generate a Twilio Error 82008.
Cookies
- Runtime automatically adds the
HttpOnly
andSecure
attributes to your cookies by default, unless you manually set those values. - You cannot manually set the value of the
Domain
attribute on a cookie. The value will be removed and set to the domain of the Function creating the response. - If you do not set a
Max-Age
orExpires
on a cookie, it will be considered a Session cookie. - If you set both
Max-Age
andExpires
on a cookie,Max-Age
takes precedence. - If you set the
Max-Age
orExpires
of a cookie to greater than 24 hours, your Function will return a400
error with the messageCookies max-age cannot be greater than a day
.
Need some help?
We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd by visiting Twilio's Stack Overflow Collective or browsing the Twilio tag on Stack Overflow.