HTTP Header Management in SuiteScript for NetSuite
Manage HTTP headers in SuiteScript effectively with guidance on blocked headers and best practices in NetSuite.
HTTP headers are crucial for transmitting additional information in HTTP requests and responses. Each header consists of a case-insensitive name followed by a colon (:) and its value, without line breaks. When working with custom headers in SuiteScript, it is important to ensure that header names do not contain underscores.
Understanding Blocked HTTP Headers
Certain HTTP headers are restricted in NetSuite, particularly when using the N/http module methods. If a script attempts to modify these headers, the values will be ignored. The following general headers are blocked:
| Blocked Header Name |
|---|
| Connection |
| Content-Length |
| Host |
| JSESSIONID |
| Trailer |
| Transfer-Encoding |
| Upgrade |
| Via |
Suitelet Response HTTP Header Restrictions
In addition to the general blocked headers, some headers are also restricted when dealing with http.ServerResponse objects in Suitelets. Scripts attempting to set these headers will trigger an SSS_INVALID_HEADER error. The restricted headers include:
| Blocked Suitelet Header Name |
|---|
| Allow |
| Content-Location |
| Content-MD5 |
| Content-Range |
| Date |
| Location |
| Proxy-Authenticate |
| Public-Key-Pins |
| Public-Key-Pins-Report-Only |
| Retry-After |
| Server |
| Strict-Transport-Security |
| Upgrade-Insecure-Requests |
| Warning |
| WWW-Authenticate |
Code Sample
Understanding how to manage headers is essential for effective communication with NetSuite's APIs. Below is a sample of how to add headers in SuiteScript:
// Sample code snippet to add a headerserverResponse.addHeader({ name: 'Accept-Language', value: 'en-us',});Key Considerations
- Custom Headers: Avoid underscores in the names of custom headers.
- Script Errors: Be mindful of the headers that trigger errors to ensure robust script execution.
By following these practices, you can effectively manage HTTP headers in your SuiteScript applications, ensuring compliance with NetSuite's handling of HTTP communication.
Frequently Asked Questions (4)
Can custom headers in SuiteScript include underscores in their names?
What happens if my script attempts to modify a blocked HTTP header using the N/http module?
What error will be triggered if a Suitelet script attempts to set a restricted header?
Do I need to consider additional restrictions when using http.ServerResponse objects in Suitelets?
Was this article helpful?
More in SuiteScript
- SuiteScript 2.1 Enhancements in NetSuite February Updates
SuiteScript 2.1 now supports async features and PATCH method. Discover the latest API and SuiteProcurement improvements.
- Scheduling Map/Reduce Script Deployments in NetSuite
Learn to schedule map/reduce script submissions, including one-time and recurring options in NetSuite.
- Binary File Support in N/https Module for SuiteScript
SuiteScript enhances capabilities with binary file support in the N/https module, allowing improved data handling in external communications.
- API Governance Units Calculation in NetSuite 2026.1
NetSuite 2026.1 introduces examples illustrating API governance unit calculations for both user event and scheduled scripts.
