Configure HTTP response headers
-
- UpdatedJan 30, 2025
- 4 minutes to read
- Yokohama
- Now Platform Capabilities
Configure standard name-value pairs for HTTP response headers. You designate if the configuration applies to all pages, or to specific types (Service Portal, UI Page, or UX application record).
Before you begin
Role required: An elevated access security_admin role is required to configure an All Pages type header. An admin role is required to configure a Specific Type header.
Procedure
-
Fill in the fields on the form.
Table 1. HTTP Response Header Field Description Active Check box that designates that this HTTP response header configuration is active. Application Application scope for this record. Applies to Type of record the HTTP response header configuration applies to. - Specific Type
- HTTP response header configuration is for the specific type and record you select in the Type and Record fields.
- All Pages
- HTTP response header configuration is for all
pages and record types.Note: Only users with an elevated access privilege security_admin role can configure HTTP response headers for the All Pages type header.
Type Type of record the HTTP response header configuration applies to. - Service Portal [sp_portal]
- Records related to the Service Portal.
- UI Page [sys_ui_page]
- Standard UI pages in the ServiceNow AI Platform.
- UX Application [sys_ux_page_registry]
- Standard UX applications in the ServiceNow AI Platform.
Record Specific record the HTTP response header configuration applies to. To select a record: - Click the Search (
) icon to access the Select the document
form. - In the Table name field, the default is the type you selected in the Type field. Do not change it.
- In the Document field, select
the record from the table.
For example, if you selected Service Portal [sp_portal], you select a specific Service Portal-related record in that table.
- Click OK.
You can only access this field if you selected Specific Type in the Applies to field.
Name Name you want to assign to the name-value pair for the HTTP response header. Value Value you want to assign to the name-value pair for the HTTP response header. Description Detailed description for the HTTP response header.
HTTP header configuration for advanced users
The HTTP response header table (sys_response_header) in the List view contains two additional columns - Add by and Order.
| Column | Description |
|---|---|
| Order | Adds a default integer order value to a header configuration
regardless of the type of header (All Pages
or a Specific page).
|
| Add By | Contains the following values:
|
You may have situations where a couple of similar All Pages type header configurations could overwrite a Specific Type type header configuration. An example of a Specific Type configuration would be one for a specific UI page. You can remedy this situation by adjusting the Add by and Order columns, as in the following examples.
Append example
The ServiceNow AI Platform is trying to set headers in the following order, and
Append is the default value for each in the
Add By column. 
In this example, the second (Header 2) and third (Header 3) response header configurations have the same name (Content-Security-Policy). In this case, Header 3 is appended to Header 2. If a request is made for a specific page you configured with a Header 3 response, the net HTTP response headers are both Header 2 and Header 3.
Overwrite
The ServiceNow AI Platform is
trying to set headers in the following order, and you've selected
Overwrite in the Add By column for
the third header. 
In this example, the second (Header 2) and third (Header 3) response header configurations have the same name (Content-Security-Policy). In this case, Header 3 overwrites Header 2. If a request is made for a specific page you configured with a Header 3 response, the net HTTP response header is only Header 3.
