Custom HTTP response header to identify server in a farm.

We wanted to follow recommendation from http://omaralzabir.com/best_practices_for_creating_websites_in_iis_6_0/ to

“add “From” header and set the server name. I do this on each webserver and specify different names on each box. It’s handy to see from which servers requests are being served. When you are trying to troubleshoot load balancing issues, it comes handy to see if a particular server is sending requests”

 

However one of the client of our rest service reported that From value in the response header is not valid and causing the .net HttpClient to throw an exception.

Innermost Message: The header cannot be added. Make sure to add request headers to HttpRequestMessage, response headers to HttpResponseMessage, and content headers to HttpContent objects.

Innermost Source: Microsoft.Net.Http

Innermost StackTrace: at System.Net.Http.Headers.HttpHeaders.CheckHeaderName(String name)

  at System.Net.Http.Headers.HttpHeaders.AddWithoutValidation(String name, String value)

  at System.Net.Http.HttpClientChannel.AddHeaderValues(WebHeaderCollection source, Int32 index, String header, HttpHeaders destination)

  at System.Net.Http.HttpClientChannel.CreateResponseMessage(HttpWebResponse webResponse, HttpRequestMessage request)

  at System.Net.Http.HttpClientChannel.GetResponseCallback(IAsyncResult ar)

HTTP/1.1 200 OK

Date: Fri, 09 Mar 2012 07:29:25 GMT

Server: Microsoft-IIS/6.0

From: FARMSRV04


According to http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html

The From request-header field, if given, SHOULD contain an Internet e-mail address for the human user who controls the requesting user agent. The address SHOULD be machine-usable, as defined by “mailbox” in RFC 822 [9] as updated by RFC 1123 [8]:


 

      From   = “From” “:” mailbox

An example is:       From: webmaster@w3.org

This header field MAY be used for logging purposes and as a means for identifying the source of invalid or unwanted requests. It SHOULD NOT be used as an insecure form of access protection. The interpretation of this field is that the request is being performed on behalf of the person given, who accepts responsibility for the method performed. In particular, robot agents SHOULD include this header so that the person responsible for running the robot can be contacted if problems occur on the receiving end.

Actually standard doesn’t specify From as expected RESPONSE header(only as request).
however we should rename the custom header to something else to avoid conflicts, e.g.


FromServer: FARMSRV04

Advertisements