HTTP Headers for Static Sites
Since static sites don't have a server-side component that can inject custom HTTP headers in responses, Render lets you define response headers for your static sites in your dashboard.
Header Syntax
The header path must be a relative path without the domain. It will be matched with all custom domains attached to your site.
You can use wildcards to match arbitrary request paths.
| Path | Effect |
|---|---|
/* | Matches all request paths. |
/blog/* | Matches /blog/, /blog/latest-post/, and all other paths under /blog/ |
/**/* | Matches /blog/, /assets/, and all other paths with at least two slashes. |
/*.css | Matches /tokens.css and /mode.css, but not /assets/theme.css |
/**/*.css | Matches /assets/theme.css but not /tokens.css |
The name is the case-insensitive name for the header. Examples include:
Cache-ControlX-Frame-OptionsReferrer-Policy
The value of the header is sent as-is in the response. Examples include:
public, max-age=86400DENYsame-origin
The header key is normalized and the value is appended to it to form the response:
cache-control: public, max-age=86400x-frame-options: DENYreferrer-policy: same-origin