NetSuite Changelog
SuiteScriptAPIRESTIntegrationNew FeatureRelease Notes

HTTP Request Headers Syntax in SuiteScript

Understand HTTP request headers in SuiteScript, including usage, limitations, and best practices for authentication.

·2 min read·1 views·View Oracle Docs

The header information included in an HTTP call consists of key-value pairs that represent request headers. Each header can be referenced using either lowercase or title case; however, for consistency, it is recommended to use lowercase whenever possible. Additionally, custom headers should not include underscores.

Important Note on Custom Headers

The Authorization header is specifically designated for OAuth-authenticated requests. If you intend to implement your own authentication mechanism, use custom header names like X-Authorization instead.

Header Variations and Filtering

Be aware that some headers are subject to change based on system conditions. When sending requests to a Suitelet, certain headers might be filtered out to prevent conflicts with NetSuite’s internal processing. Therefore, it’s crucial to test your headers to ensure they contain the expected values. If you find that some headers are filtered out, select alternative headers.

Object Type

  • Type: Object (read-only)
  • Module: [N/http Module]
  • Parent Object: [http.ServerRequest]

Error Handling

  • Error Code: READ_ONLY_PROPERTY
  • Thrown If: You attempt to edit this property, as it is read-only.

Code Sample

The following code snippet illustrates how to log the headers of a server request:

suitescript
1// Add additional code 
2...
3log.debug({
4    title: 'Server Request Headers',
5    details: request.headers
6});
7...
8// Add additional code

General Blocked HTTP Headers

Be mindful of specific headers that are not permitted when using the N/http module. Attempts to set the following headers will result in discarded values:

  • Connection
  • Content-Length
  • Host
  • JSESSIONID
  • Trailer
  • Transfer-Encoding
  • Upgrade
  • Via

Key Takeaways

  • Use lowercase for header names for consistency in HTTP calls.
  • Custom headers should avoid underscores.
  • Test headers for filtering when interacting with Suitelets.
  • Certain headers, like Authorization, have predefined roles in NetSuite scripts.
  • Understand the limitations of specific headers based on NetSuite’s restrictions.

Frequently Asked Questions (4)

What are the implications of using custom HTTP request headers with underscores in SuiteScript?
It is recommended to avoid using underscores in custom HTTP request headers within SuiteScript. Instead, use alternative naming conventions to prevent potential issues.
Are there any specific headers that are filtered out when making requests to a Suitelet?
Yes, certain headers might be filtered out during requests to a Suitelet to prevent conflicts with NetSuite internal processing. It's important to test headers to ensure they contain expected values.
What headers are automatically blocked when using the N/http module in SuiteScript?
The headers `Connection`, `Content-Length`, `Host`, `JSESSIONID`, `Trailer`, `Transfer-Encoding`, `Upgrade`, and `Via` are not allowed and will be discarded when using the N/http module.
In SuiteScript, is it possible to modify the request headers object?
No, the request headers object in SuiteScript is read-only, and attempting to modify it will result in an error with the code `READ_ONLY_PROPERTY`.
Source: Syntax Oracle NetSuite Help Center. This article was generated from official Oracle documentation and enriched with additional context and best practices.

Was this article helpful?

More in SuiteScript

View all SuiteScript articles →