The following headers are not accessible within a Function. Avoid developing any code that depends on these headers or their variants.
You cannot interact with the pre-flight OPTIONS request that is sent by browsers. The Runtime client will automatically respond to
OPTIONS requests with
Access-Control-Allow-Headers: *, and pass along all included request headers to the targeted Function (unless they are in the exclusions list above). In addition, the Runtime client allows all origins by returning
Headers and cookies in both incoming requests and outgoing responses are subject to these limits:
- Max header size: 4kb (including cookies)
- Max header count: 75 (including cookies)
If either of these limits is exceeded, your Function will throw a
431 error. The error will include the message
Request headers or cookies too long if the limits are exceeded by a request, or
Response headers or cookies too long if you've constructed a response that exceeds these limits.
This will also generate a Twilio Error 82008.
- Runtime automatically adds the
Secureattributes to your cookies by default, unless you manually set those values.
- You cannot manually set the value of the
Domainattribute on a cookie. The value will be removed and set to the domain of the Function creating the response.
- If you do not set a
Expireson a cookie, it will be considered a Session cookie.
- If you set both
Expireson a cookie,
- If you set the
Expiresof a cookie to greater than 24 hours, your Function will return a
400error with the message
Cookies max-age cannot be greater than a day.