Request & Response Headers
EdgeWrap attaches specific headers to requests forwarded to your origin, and injects metrics and status headers into responses returned to clients.
Headers Forwarded to Your Origin
Your origin server can inspect these headers to gather metadata about client geolocation, original IP address, and proxy metrics.
| Header | Description | Example |
|---|---|---|
| X-Forwarded-For | The original IP address of the client. | 203.0.113.195 |
| X-EdgeWrap-Request-ID | A unique identifier assigned to every incoming request. Useful for logs. | req_01jxyzabc123 |
| X-EdgeWrap-Country | Two-letter country code of the client IP (ISO 3166-1 alpha-2). | US |
| X-EdgeWrap-City | City name of the client IP (when available). | San Francisco |
| X-EdgeWrap-Signature | HMAC signature of the request body to verify authenticity. See Secret Shield. | sha256=a5b6c... |
Headers Returned to Clients
Clients receive status headers indicating if a request was served from edge cache, WAF decisions, and proxy latency.
| Header | Description | Example / Values |
|---|---|---|
| X-Cache | Indicates if the request was cached. | HIT | MISS | BYPASS |
| X-EdgeWrap-Time-Ms | Total milliseconds spent inside EdgeWrap proxy processing rules and scripts. | 14 |
| X-EdgeWrap-Version | Version identifier of the edge node configuration. | v2.1.0 |
Warning: To prevent headers spoofing, ensure your origin server validates that requests contain a valid
X-EdgeWrap-Signature or only accepts requests originating from EdgeWrap IP ranges.