If you are not sure if the website you would like to visit is secure, you can verify it here. Enter the website address of the page and see parts of its content and the thumbnail images on this site. None (if any) dangerous scripts on the referenced page will be executed. Additionally, if the selected site contains subpages, you can verify it (review) in batches containing 5 pages.
favicon.ico: docs.cloud.google.com/load-balancing/docs/l7-internal/custom-headers - Create custom headers in URL m.

site address: docs.cloud.google.com/load-balancing/docs/l7-internal/custom-headers

site title: Create custom headers in URL maps     Cloud Load Balancing     Google Cloud Documentation

Our opinion (on Saturday 18 July 2026 17:45:18 UTC):

GREEN status (no comments) - no comments
After content analysis of this website we propose the following hashtags:


page from cache:  28 secunds ago
Meta tags:
description=Configure custom headers in URL maps used by regional HTTP(S) load balancers.;

Headings (most frequently used words):

headers, custom, in, and, create, url, maps, stay, organized, with, collections, save, categorize, content, based, on, your, preferences, before, you, begin, how, work, add, request, or, response, variables, that, can, appear, the, header, value, mutual, tls, limitations, regional, cross, region, products, pricing, support, resources, engage,

Text of the page (most frequently used words):
the (167), load (90), and (79), balancer (58), #header (53), set (49), backend (41), client (38), with (36), cloud (33), overview (32), backends (30), headers (29), for (28), custom (28), http (23), string (21), neg (21), application (19), region (19), certificate (18), name (18), that (18), google (17), tls (17), global (17), url (17), instance (17), balancers (16), group (16), internal (15), not (15), request (15), balancing (15), regional (14), using (14), use (14), are (13), empty (13), value (13), hybrid (13), zonal (13), cross (12), external (12), management (12), you (11), can (11), following (11), mtls (11), variables (11), ssl (11), add (11), other (10), values (10), https (10), maps (10), managed (10), information (9), client_cert_error (9), rfc (9), address (9), must (9), service (9), buckets (9), traffic (9), architecture (8), base64 (8), added (8), list (8), field (8), from (8), proxy (8), response (8), thumb (7), this (7), than (7), bytes (7), true (7), based (7), map (7), names (7), create (7), target (7), storage (7), negs (7), internet (7), capabilities (7), resources (6), more (6), connection (6), encoded (6), longer (6), valid (6), when (6), port (6), tcp (6), backendservices (6), headername (6), headervalue (6), backend_service_1 (6), health (6), serverless (6), premises (6), shared (6), vpc (6), run (6), code (5), policies (5), configure (5), services (5), comma (5), certificates (5), example (5), san (5), connects (5), between (5), only (5), network (5), forwarding (5), troubleshooting (5), metrics (5), redirect (5), português (4), español (4), support (4), see (4), down (4), last (4), otherwise (4), content (4), used (4), before (4), encoding (4), client_cert_leaf (4), passed (4), 512 (4), separated (4), extensions (4), spiffe (4), number (4), error (4), provided (4), during (4), handshake (4), time (4), these (4), forwarded (4), include (4), quic (4), tlsv1 (4), same (4), protocol (4), appear (4), defaultservice (4), matcher1 (4), priority (4), replace (4), how (4), gcloud (4), compute (4), curly (4), braces (4), check (4), tools (4), ipv6 (4), rules (4), view (4), logs (4), monitor (4), troubleshoot (4), terraform (4), examples (4), samples (3), sample (3), need (3), exceeds (3), client_cert_chain (3), validation (3), client_cert_subject_dn (3), client_cert_issuer_dn (3), client_cert_uri_sans (3), serial (3), fingerprint (3), strings (3), false (3), variable (3), mutual (3), data (3), origin (3), server (3), server_port (3), multiple (3), server_ip_address (3), client_port (3), next (3), client_ip_address (3), per (3), hosts (3), yaml (3), file (3), edit (3), regions (3), console (3), host (3), hop (3), authorization (3), work (3), guides (3), networking (3), connectivity (3), frontend (3), explore (3), tutorials (3), connected (3), networks (3), directory (3), registration (3), distribution (3), udp (3), migrate (3), classic (3), 한국어 (2), 日本語 (2), עברית (2), brasil (2), italiano (2), indonesia (2), français (2), américa (2), latina (2), deutsch (2), english (2), sign (2), third (2), terms (2), site (2), about (2), youtube (2), started (2), pricing (2), products (2), understand (2), missing (2), updated (2), 2026 (2), utc (2), page (2), licensed (2), under (2), license (2), send (2), feedback (2), limitations (2), size (2), delimited (2), order (2), chain (2), established (2), where (2), leaf (2), compliant (2), 9440 (2), full (2), subject (2), timestamp (2), date (2), format (2), which (2), 2022 (2), 01t18 (2), 3339 (2), client_cert_dnsname_sans (2), type (2), extracted (2), 2048 (2), conditions (2), configured (2), has (2), description (2), additional (2), geographic (2), estimates (2), provides (2), source (2), origin_request_header (2), parameters (2), cipher (2), suite (2), negotiated (2), defined (2), version (2), instead (2), lowercase (2), trailing (2), removed (2), common (2), resource (2), one (2), round (2), trip (2), smoothed (2), parameter (2), rtt (2), includes (2), resolves (2), note (2), hostrules (2), pathmatcher (2), pathmatchers (2), routerules (2), matchrules (2), prefixmatch (2), highest (2), routeaction (2), weightedbackendservices (2), backendservice (2), weight (2), 100 (2), headeraction (2), requestheaderstoadd (2), client_region (2), responseheaderstoadd (2), responseheaderstoremove (2), prefix (2), shows (2), url_map_name (2), path (2), matcher (2), cli (2), follows (2), whitespace (2), two (2), opening (2), single (2), brace (2), closing (2), blank (2), definition (2), 7230 (2), have (2), properties (2), reserved (2), authority (2), proxies (2), begin (2), user (2), specify (2), adds (2), requests (2), your (2), fail (2), update (2), transformations (2), latency (2), responses (2), documentation (2), sdk (2), languages (2), frameworks (2), infrastructure (2), costs (2), usage (2), access (2), security (2), observability (2), monitoring (2), migration (2), industry (2), solutions (2), distributed (2), multicloud (2), databases (2), analytics (2), pipelines (2), hosting (2), development (2), logging (2), pools (2), tags (2), checks (2), optimizations (2), workload (2), identity (2), failover (2), protocols (2), concepts (2), pool (2), convert (2), capacity (2), over (2), web (2), routing (2), app (2), engine (2), functions (2), constraints (2), product (2), reference (2), technology (2), areas (2), close (2), subscribe, newsletter, our, decade, climate, action, join, manage, cookies, privacy, tech, twitter, events, blog, engage, training, certification, center, getting, github, system, status, release, notes, community, forums, contact, sales, marketplace, all, easy, easytounderstand, solved, problem, solvedmyproblem, otherup, hard, hardtounderstand, incorrect, incorrectinformationorsamplecode, missingtheinformationsamplesineed, otherdown, tell, except, noted, details, java, registered, trademark, oracle, its, affiliates, developers, apache, creative, commons, attribution, apply, combined, client_cert_validated_chain_exceeded_size_limit, standard, including, unencoded, client_cert_validated_leaf_exceeded_size_limit, binary, der, without, line, breaks, spaces, characters, outside, alphabet, colons, either, side, client_cert_subject_dn_exceeded_size_limit, client_cert_issuer_dn_exceeded_size_limit, issuer, after, client_cert_valid_not_after, client_cert_valid_not_before, client_cert_dnsname_sans_exceeded_size_limit, dnsname, client_cert_uri_sans_exceeded_size_limit, uri, included, client_cert_spiffe_id_exceeded_size_limit, alternative, client_cert_spiffe_id, client_cert_serial_number_exceeded_size_limit, client_cert_serial_number, sha, 256, client_cert_sha256_fingerprint, predefined, representing, modes, verified, against, truststore, client_cert_chain_verified, client_cert_present, available, targethttpsproxy, updates, improve, accuracy, reflect, political, changes, even, original, contains, location, locations, contained, packets, received, does, expands, determine, their, ja4, tls_ja4_fingerprint, ja3, tls_ja3_fingerprint, four, hex, digits, tls_rsa_with_aes_128_gcm_sha256, unencrypted, connections, 009c, iana, registry, tls_cipher_suite, possible, tls_version, indication, hostname, converted, any, dot, 6066, tls_sni_hostname, destination, useful, share, reflects, sharing, cors, cases, communication, client_protocol, encrypted, client_encrypted, usually, unless, been, tampered, estimated, transmission, milliseconds, srtt, measured, stack, algorithm, deals, variations, anomalies, may, occur, measurements, 2988, client_rtt_msec, incoming, also, will, replaced, new, retained, placeholder, behaviors, requesteheaderstoremove, requestheaderstoremove, enter, section, leading, insignificant, allow, interprets, enclosed, expand, complete, allowed, rejected, obsolete, forms, disallowed, case, insensitive, encodes, once, both, special, keywords, modify, envoy, recommend, don, interfere, myhost, accordance, stored, caches, propagated, 2616, upgrade, trailer, transfer, keep, alive, amz, gfe, goog, enable, configuration, sets, returning, probes, requires, specific, packet, might, makes, components, necessary, latest, well, however, important, let, depending, detects, describes, save, categorize, preferences, stay, organized, collections, home, clean, setup, audit, operate, maintain, quota, units, subnets, endpoint, groups, dns, firewall, draining, advanced, customize, post, quantum, authenticated, private, encryption, self, secure, switch, deploy, hub, spoke, party, appliances, hops, affinity, weighted, passthrough, testing, optimize, deliver, published, domain, faster, performance, improved, protection, multi, best, practices, high, availability, rewrite, query, roll, back, project, bucket, organization, policy, iam, roles, permissions, get, feature, comparison, model, choose, discover, start, free, skip, main,


Text of the page (random words):
set up zonal negs proxy only subnets tags target pools target proxies url maps overview use url maps url map size and quota units operate and maintain audit logging information health check logging information clean up a load balancer setup ai and ml application development application hosting compute data analytics and pipelines databases distributed hybrid and multicloud industry solutions migration networking observability and monitoring security storage access and resources management costs and usage management infrastructure as code sdk languages frameworks and tools home documentation networking load balancing guides send feedback create custom headers in url maps stay organized with collections save and categorize content based on your preferences this page describes how custom headers work in url maps used by regional internal application load balancers and cross region internal application load balancers custom request and response headers let you specify additional headers that the load balancer can add to http s requests and responses depending on the information that the load balancer detects these headers can include the following information latency to the client parameters of the tls connection important global external application load balancers support header transformations in the url map as well as in the backend service however the regional internal application load balancers and cross region internal application load balancers only support header transformations in url maps before you begin if necessary update to the latest version of the google cloud cli gcloud components update how custom headers work custom headers work as follows when the load balancer makes a request to the backend the load balancer adds request headers the load balancer adds custom request headers only to the client requests not to the health check probes if your backend requires a specific header for authorization that is missing from the health check packet the health check might fail the load balancer sets response headers before returning a response to the client to enable custom headers for regional internal application load balancers and cross region internal application load balancers you specify a list of header names and header values in the url map configuration file header names must have the following properties the header name must be a valid http header field name definition per rfc 7230 the header name must not be x user ip the header name must not begin with x google x goog x gfe or x amz the following hop by hop headers must not be used keep alive transfer encoding te connection trailer and upgrade in accordance with rfc 2616 these headers are not stored by caches or propagated by the target proxies the header name must not be host or authority both host and authority are special keywords reserved by google cloud you can t modify these headers for envoy based load balancers instead we recommend that you create other custom headers for example myhost so that you don t interfere with the reserved header names a header name must not appear more than once in the list of headers header names are case insensitive when header names are passed to an http 2 backend the http 2 protocol encodes header names as lowercase header values must have the following properties the header value must be a valid http header field definition per rfc 7230 with obsolete forms disallowed the header value can t be blank blank headers are rejected the header value can include one or more variables enclosed by curly braces that expand to values that the load balancer provides for a complete list of variables allowed in the header value see variables that can appear in the header value in header values leading whitespace and trailing whitespace are insignificant and are not passed to the backend to allow for curly braces in header values the load balancer interprets two opening curly braces as a single opening brace and two closing curly braces as a single closing brace add request or response headers to add request or response headers use the gcloud cli to edit the url map as follows note if you are using the google cloud console to add the request and response headers in the url map you need to enter the host address in the hosts field and the path matcher section of the following yaml in the path matcher field regional gcloud compute url maps edit url_map_name region region following is a sample yaml file that shows you how to use variables in custom headers defaultservice regions region backendservices backend_service_1 name regional lb map region region region hostrules hosts pathmatcher matcher1 pathmatchers defaultservice regions region backendservices backend_service_1 name matcher1 routerules matchrules prefixmatch prefix priority priority 0 is highest routeaction weightedbackendservices backendservice regions region backendservices backend_service_1 weight 100 headeraction requestheaderstoadd headername x header 1 client region headervalue client_region headername x header 2 client ip port headervalue client_ip_address client_port replace true requestheaderstoremove header 3 name responseheaderstoadd headername x header 4 server ip port headervalue server_ip_address server_port replace true responseheaderstoremove header 5 name header 6 name cross region gcloud compute url maps edit url_map_name global following is a sample yaml file that shows you how to use variables in custom headers defaultservice global backendservices backend_service_1 name global lb map hostrules hosts pathmatcher matcher1 pathmatchers defaultservice global backendservices backend_service_1 name matcher1 routerules matchrules prefixmatch prefix priority priority 0 is highest routeaction weightedbackendservices backendservice global backendservices backend_service_1 weight 100 headeraction requestheaderstoadd headername x header 1 client region headervalue client_region headername x header 2 client ip port headervalue client_ip_address client_port replace true requesteheaderstoremove header 3 name responseheaderstoadd headername x header 4 server ip port headervalue server_ip_address server_port replace true responseheaderstoremove header 5 name header 6 name note the following behaviors if a response header with custom variables resolves to an empty string it is removed if a request header with custom variables resolves to an empty string it is retained with an empty string placeholder if a custom request header includes a custom variable and an incoming client request also includes the same header the client request header value will be replaced with the new value provided by the load balancer s custom header variables that can appear in the header value the following variables can appear in custom header values variable description client_rtt_msec estimated round trip transmission time between the load balancer and the http s client in milliseconds this is the smoothed round trip time srtt parameter measured by the load balancer s tcp stack per rfc 2988 smoothed rtt is an algorithm that deals with variations and anomalies that may occur in rtt measurements client_ip_address the client s ip address this is usually the same as the client ip address that is the next to last address in the x forwarded for header unless the client is using a proxy or the x forwarded for header has been tampered with client_port the client s source port client_encrypted true if the connection between the client and the load balancer is encrypted using https http 2 or http 3 otherwise false client_protocol the http protocol used for communication between the client and the load balancer one of http 1 0 http 1 1 http 2 or http 3 origin_request_header reflects the value of the origin header in the request for cross origin resource sharing cors use cases server_ip_address the ip address of the load balancer that the client connects to this can be useful when multiple load balancers share common backends this is the same as the last ip address in the x forwarded for header server_port the destination port number that the client connects to tls_sni_hostname server name indication as defined in rfc 6066 if provided by the client during the tls or quic handshake the hostname is converted to lowercase and with any trailing dot removed tls_version tls version negotiated between client and load balancer during the ssl handshake possible values include tlsv1 tlsv1 1 tlsv1 2 and tlsv1 3 if the client connects using quic instead of tls the value is quic tls_cipher_suite cipher suite negotiated during the tls handshake the value is four hex digits defined by the iana tls cipher suite registry for example 009c for tls_rsa_with_aes_128_gcm_sha256 this value is empty for quic and for unencrypted client connections tls_ja3_fingerprint ja3 tls ssl fingerprint if the client connects using https http 2 or http 3 tls_ja4_fingerprint ja4 tls ssl fingerprint if the client connects using https http 2 or http 3 the load balancer expands variables to empty strings when it can t determine their values for example tls parameters when tls is not in use the origin_request_header when the request does not include an origin header geographic values are estimates based on the client s ip address from time to time google updates the data that provides these values in order to improve accuracy and to reflect geographic and political changes even if the original x forwarded for header contains valid location information google estimates client locations by using the source ip address information contained in packets received by the load balancer mutual tls custom headers the following additional header variables are available if mutual tls mtls is configured on the load balancer s targethttpsproxy variable description client_cert_present true if the client has provided a certificate during the tls handshake otherwise false client_cert_chain_verified true if the client certificate chain is verified against a configured truststore otherwise false client_cert_error predefined strings representing the error conditions for more information about the error strings see mtls client validation modes client_cert_sha256_fingerprint base64 encoded sha 256 fingerprint of the client certificate client_cert_serial_number the serial number of the client certificate if the serial number is longer than 50 bytes the string client_cert_serial_number_exceeded_size_limit is added to client_cert_error and the serial number is set to an empty string client_cert_spiffe_id the spiffe id from the subject alternative name san field if the value is not valid or exceeds 2048 bytes the spiffe id is set to an empty string if the spiffe id is longer than 2048 bytes the string client_cert_spiffe_id_exceeded_size_limit is added to client_cert_error client_cert_uri_sans comma separated base64 encoded list of the san extensions of type uri the san extensions are extracted from the client certificate the spiffe id is not included in the client_cert_uri_sans field if the client_cert_uri_sans is longer than 512 bytes the string client_cert_uri_sans_exceeded_size_limit is added to client_cert_error and the comma separated list is set to an empty string client_cert_dnsname_sans comma separated base64 encoded list of the san extensions of type dnsname the san extensions are extracted from the client certificate if the client_cert_dnsname_sans is longer than 512 bytes the string client_cert_dnsname_sans_exceeded_size_limit is added to client_cert_error and the comma separated list is set to an empty string client_cert_valid_not_before timestamp rfc 3339 date string format before which the client certificate is not valid for example 2022 07 01t18 05 09 00 00 client_cert_valid_not_after timestamp rfc 3339 date string format after which the client certificate is not valid for example 2022 07 01t18 05 09 00 00 client_cert_issuer_dn base64 encoded full issuer field from the certificate if the client_cert_issuer_dn is longer than 512 bytes the string client_cert_issuer_dn_exceeded_size_limit is added to client_cert_error and client_cert_issuer_dn is set to an empty string client_cert_subject_dn base64 encoded full subject field from the certificate if the client_cert_subject_dn is longer than 512 bytes the string client_cert_subject_dn_exceeded_size_limit is added to client_cert_error and client_cert_subject_dn is set to an empty string client_cert_leaf the client leaf certificate for an established mtls connection where the certificate passed validation certificate encoding is compliant with rfc 9440 the binary der certificate is encoded using base64 without line breaks spaces or other characters outside the base64 alphabet and delimited with colons on either side if client_cert_leaf exceeds 16 kb unencoded the string client_cert_validated_leaf_exceeded_size_limit is added to client_cert_error and client_cert_leaf is set to an empty string client_cert_chain the comma delimited list of certificates in standard tls order of the client certificate chain for an established mtls connection where the client certificate passed validation not including the leaf certificate certificate encoding is compliant with rfc 9440 if the combined size of client_cert_leaf and client_cert_chain before base64 encoding exceeds 16 kb the string client_cert_validated_chain_exceeded_size_limit is added to client_cert_error and client_cert_chain is set to an empty string limitations the following limitations apply you can t configure custom headers on backend services used by regional internal application load balancers and cross region internal application load balancers send feedback except as otherwise noted the content of this page is licensed under the creative commons attribution 4 0 license and code samples are licensed under the apache 2 0 license for details see the google developers site policies java is a registered trademark of oracle and or its affiliates last updated 2026 07 10 utc need to tell us more easy to understand easytounderstand thumb up solved my problem solvedmyproblem thumb up other otherup thumb up hard to understand hardtounderstand thumb down incorrect information or sample code incorrectinformationorsamplecode thumb down missing the information samples i need missingtheinformationsamplesineed thumb down other otherdown thumb down last updated 2026 07 10 utc products and pricing see all products google cloud pricing google cloud marketplace contact sales support community forums support release notes system status resources github getting started with google cloud code samples cloud architecture center training and certification engage blog events x twitter google cloud on youtube google cloud tech on youtube about google privacy site terms google cloud terms manage cookies our third decade of climate action join us sign up for the google cloud newsletter subscribe english deutsch español español américa latina français indonesia italiano português por...
Images from subpage: "docs.cloud.google.com/load-balancing/docs/https/traffic-mana... " Verify
Images from subpage: "docs.cloud.google.com/load-balancing/docs/https/custom-heade... " Verify
Images from subpage: "docs.cloud.google.com/load-balancing/docs/https/setting-up-q... " Verify
Images from subpage: "docs.cloud.google.com/load-balancing/docs/https/setting-up-u... " Verify
Images from subpage: "docs.cloud.google.com/load-balancing/docs/https/setting-up-h... " Verify

Verified site has: 214 subpage(s). Do you want to verify them? Verify pages:

1-5 6-10 11-15 16-20 21-25 26-30 31-35 36-40 41-45 46-50
51-55 56-60 61-65 66-70 71-75 76-80 81-85 86-90 91-95 96-100
101-105 106-110 111-115 116-120 121-125 126-130 131-135 136-140 141-145 146-150
151-155 156-160 161-165 166-170 171-175 176-180 181-185 186-190 191-195 196-200
201-205 206-210 211-214


Top 50 hastags from of all verified websites.

Supplementary Information (add-on for SEO geeks)*- See more on header.verify-www.com

Header

HTTP/2 200
last-modified Fri, 10 Jul 2026 18:44:30 GMT
content-type text/html; charset=utf-8
vary Cookie
vary Accept-Encoding
content-security-policy base-uri self ; object-src none ; script-src strict-dynamic unsafe-inline https: http: nonce-GfwG+FNeXpI0+72s8knXkLViaEgCzz unsafe-eval ; frame-ancestors self htt????/developers.google.com/_d/analytics-iframe; report-uri htt????/csp.withgoogle.com/csp/devsite/v2
strict-transport-security max-age=63072000; includeSubdomains; preload
x-xss-protection 0
x-content-type-options nosniff
cache-control no-cache, must-revalidate
expires 0
pragma no-cache
content-encoding gzip
x-cloud-trace-context 104bb42802819552c9d79f0e415d5c27
date Sat, 18 Jul 2026 17:44:49 GMT
server Google Frontend
content-length 29072
alt-svc h3= :443 ; ma=2592000,h3-29= :443 ; ma=2592000

Meta Tags

title="Create custom headers in URL maps  |  Cloud Load Balancing  |  Google Cloud Documentation"
name="google-signin-client-id" content="721724668570-nbkv1cfusk7kk4eni4pjvepaus73b13t.apps.googleusercontent.com"
name="google-signin-scope" content="profile email htt????/www.googleapis.com/auth/developerprofiles htt????/www.googleapis.com/auth/developerprofiles.award htt????/www.googleapis.com/auth/devprofiles.full_control.firstparty"
property="og:site_name" content="Google Cloud Documentation"
property="og:type" content="website"
name="theme-color" content="#1a73e8"
charset="utf-8"
content="IE=Edge" http-equiv="X-UA-Compatible"
name="viewport" content="width=device-width, initial-scale=1"
property="og:title" content="Create custom headers in URL maps  |  Cloud Load Balancing  |  Google Cloud Documentation"
name="description" content="Configure custom headers in URL maps used by regional HTTP(S) load balancers."
property="og:description" content="Configure custom headers in URL maps used by regional HTTP(S) load balancers."
property="og:url" content="htt????/docs.cloud.google.com/load-balancing/docs/l7-internal/custom-headers"
property="og:image" content="htt????/docs.cloud.google.com/_static/cloud/images/social-icon-google-cloud-1200-630.png"
property="og:image:width" content="1200"
property="og:image:height" content="630"
property="og:locale" content="en"
name="twitter:card" content="summary_large_image"

Load Info

page size182397
load time (s)0.544944
redirect count0
speed download53441
server IP 172.217.22.174
* all occurrences of the string "http://" have been changed to "htt???/"