Skip to contentSkip to navigationSkip to topbar
Rate this Page:

Setting and modifying Headers and Cookies


It is also possible to set headers and cookies on the response that your Twilio Function returns. The Response object exposes the following methods to allow you to customize what headers are sent in response to incoming requests.


Headers

headers page anchor

setHeaders(headers)

setheaders page anchor

This method allows you to set multiple headers in a single command. It accepts an object of key-value pairs of headers and their corresponding values. You may also set multi-value headers by making the intended header an array.

If you include the Set-Cookie header in this object, cookies will also be set to that value in addition to any other changes. Cookies must be strings with the key and value delimited by an = sign, such as 'Key=Value' or as a list of values such as [‘Key=Value', ‘Agent=Smith'].

Method Parameters

NameType
headersObject<string, string | string[]>

Examples


_13
exports.handler = (context, event, callback) => {
_13
const response = new Twilio.Response();
_13
response.setHeaders({
_13
// Set a single header
_13
'content-type': 'application/json',
_13
// You can set a header with multiple values by providing an array
_13
'cache-control': ['no-cache', 'private'],
_13
// You may also optionally set cookies via the "Set-Cookie" key
_13
'set-cookie': 'Foo=Bar',
_13
});
_13
_13
return callback(null, response);
_13
};


_10
exports.handler = (context, event, callback) => {
_10
const response = new Twilio.Response();
_10
response.setHeaders({
_10
// You may also set cookie attributes by including a semicolon
_10
// (`;`) delimited list of attributes
_10
'set-cookie': ['Foo=Bar;Max-Age=86400', 'Agent=Smith;HttpOnly;Secure'],
_10
});
_10
_10
return callback(null, response);
_10
};

appendHeader(key, value)

appendheader page anchor

This method allows you to add a single header to the response. It accepts the name of the header and its intended value.

(information)

Info

If Response.appendHeader is called with the name of a header that already exists, that header will be converted from a string to an array, and the provided value will be concatenated to that array of values.

Method Parameters

NameTypeExample
keystring'content-type'
valuestring | string[]'application/json'

Examples


_12
exports.handler = (context, event, callback) => {
_12
const response = new Twilio.Response();
_12
response
_12
.appendHeader('content-type', 'application/json')
_12
// You can append a multi-value header by passing a list of strings
_12
.appendHeader('yes', ['no', 'maybe', 'so'])
_12
// Instead of setting the header to an array, it's also valid to
_12
// pass a comma-separated string of values
_12
.appendHeader('cache-control', 'no-store, max-age=0');
_12
_12
return callback(null, response);
_12
};


_13
exports.handler = (context, event, callback) => {
_13
const response = new Twilio.Response();
_13
response
_13
.appendHeader('never', 'gonna')
_13
// Appending a header that already exists will convert that header to
_13
// a multi-value header and concatenate the new value
_13
.appendHeader('never', 'give')
_13
.appendHeader('never', 'you')
_13
.appendHeader('never', 'up');
_13
// The header is now `'never': ['gonna', 'give', 'you', 'up']`
_13
_13
return callback(null, response);
_13
};


(information)

Info

Commands to set, modify, and delete cookies are only available when your Function is running @twilio/runtime-handler version 1.2.0 or later. Consult the Runtime Handler guide to learn more about the latest version and how to update.

setCookie(key, value, attributes?)

setcookie page anchor

This method allows you to add a cookie to your Function's response. It accepts the name of the cookie, its value, and any optional attributes to be assigned to the cookie.

Method Parameters

NameTypeExample
keystring'tz'
valuestring | string[]'America/Los_Angeles'
attributes (optional)string[]?['HttpOnly', 'Secure', 'SameSite=Strict', 'Max-Age=86400']

Examples


_13
exports.handler = (context, event, callback) => {
_13
const response = new Twilio.Response();
_13
response
_13
.setCookie('has_recent_activity', 'true')
_13
.setCookie('tz', 'America/Los_Angeles', [
_13
'HttpOnly',
_13
'Secure',
_13
'SameSite=Strict',
_13
'Max-Age=86400',
_13
]);
_13
_13
return callback(null, response);
_13
};

(information)

Info

Cookie attributes such as HttpOnly and Secure are shown in these examples, however, you don't need to add them yourself. Runtime automatically adds the HttpOnly and Secure attributes to your cookies by default unless you have already manually set those values.

If you do not set a Max-Age or Expires on a cookie, it will be considered a Session cookie(link takes you to an external page). If you set both Max-Age and Expires on a cookie, Max-Age takes precedence.

(error)

Danger

If you set the Max-Age or Expires of a cookie to greater than 24 hours, your Function will return a 400 error: Cookies max-age cannot be greater than a day.

removeCookie(key)

removecookie page anchor

This method allows you to effectively remove a specific cookie from the response of your Twilio Function. It accepts the name of the cookie to be removed, and sets the Max-Age attribute of the cookie equal to 0 so that clients and browsers will remove the cookie upon receiving the response.

Method Parameters

method-parameters page anchor
NameTypeExample
keystring'tz'

In the following example, the client may contain a cookie tz and send it along with the request. Upon receiving this response from your Function, tz will be removed from the client's cookie store and not sent with subsequent requests to your Function's domain.


_10
exports.handler = (context, event, callback) => {
_10
const response = new Twilio.Response();
_10
response.removeCookie('tz');
_10
_10
return callback(null, response);
_10
};


Now that you more about how to set and modify the headers in your Function responses, let's go over some of the limitations on headers and cookies so that you don't encounter as many errors.


Rate this Page: