cfheader

Generates custom HTTP response headers to return to the client.

 <cfheader>

 cfheader();

Attribute Reference for the cfheader tag

name

Required: No
Header name
Required if statusCode not specified

value

Required: No
HTTP header value

charset

Required: No
The character encoding in which to encode the header value.

For more information on character encodings, see:
www.w3.org/International/O-charset.html. Values:
  • utf-8
  • iso-8859-1
  • windows-1252
  • us-ascii
  • shift_jis
  • iso-2022-jp
  • euc-jp
  • euc-kr
  • big5
  • euc-cn
  • utf-16

statuscode

Required: No
HTTP status code
Required if name not specified

statustext

Required: No
Explains status code

Links more information about cfheader

Examples sample code using the cfheader tag


Set a HTTP Response Header

Use cfheader to return a Content-Security-Policy HTTP response header.

<cfheader name="Content-Security-Policy" value="default-src 'self'">

Return a Custom Status Code and Status Text

Uses cfheader to return a 405 Method Not Allowed status when method is not POST.

<cfif uCase(cgi.request_method) IS NOT "POST">
    <cfheader statuscode="405" statustext="Method Not Allowed">
    Sorry POST only.<cfabort>
</cfif>

Fork me on GitHub