Handling of special headers

Connection-oriented headers

Before processing the request/response actions, all connection-oriented headers are silently removed (no log message is written).

  • This includes the following headers:
  • Accept-Encoding
  • Connection
  • Expect
  • HTTP2-Settings
  • Keep-Alive
  • Upgrade

Content-encoding header

The "Content-Encoding" header is removed when a compressed request/response body is decompressed by Airlock Gateway.


Cookies are transported in HTTP headers but have special characteristics. Airlock Gateway handles cookies separately and does not treat them like other headers. Typically, cookies are stored in the cookie store and do not reach the client. Cookie handling is configured on mappings (tab "Basic", Section – Application ). Cookie headers can be modified with the Cookies and Rewrite Raw Cookie response actions.


The Front-End-Https header is set to "on" if HTTPS is used on the client-side.