Tilda adds various headers to requests and responses to provide additional information and functionality. This guide explains the headers you can use in your application.
These headers are added to incoming requests before they reach your application:
tilda-client-geo-country - Two-letter country code of the client (e.g., "US", "CA", "GB")tilda-client-geo-region - Region code within the country (e.g., "CA" for California, "ON" for Ontario)tilda-client-geo-region-name - Full name of the region (e.g., "California", "Ontario")tilda-client-geo-region-l1 - Combined country and region code (e.g., "US-CA", "CA-ON")tilda-client-geo-city - City name (e.g., "San Francisco", "Nampa")tilda-client-geo-postalcode - Postal code (e.g., "94105", "T0H")tilda-client-geo-continent - Two-letter continent code (e.g., "NA", "EU", "AS")tilda-client-geo-lat - Latitude coordinatetilda-client-geo-lon - Longitude coordinatetilda-client-geo-tz - Timezone identifier (e.g., "America/Toronto", "Europe/London")tilda-client-geo-is-eu - Whether the location is in the European Union ("true" or "false")tilda-ip-threat-score - Threat score for the client IP (0-100, where 0 is safe and 100 is high risk)tilda-attack-score-class - Classification of potential threats (e.g., "clean", "likely-clean", "likely-attack", "attack")tilda-contains-leaked-credentials - Whether the request contains known leaked credentials ("true" or "false")tilda-is-known-good-bot - Whether the client is a verified good bot ("true" or "false")tilda-client-ip-asnum - Autonomous System Number of the client IPtilda-request-id - Unique identifier for the request (e.g., "9107b9a69878a234-IAD")x-forwarded-for - Original client IP addressx-forwarded-proto - Original protocol (http/https) used by the clientx-forwarded-port - Original port number used by the clientThere are some response headers that are added by Tilda platform to share information about the request and response. There are also Cache Control headers that can be set in your application's responses to control caching behavior.
The following headers can be set in your application's responses to control caching behavior. For detailed information about caching strategies and examples, see the Caching documentation.
Cache-Control - Standard HTTP header to control caching behaviorTilda-Cache-Control - Tilda-specific header that provides additional caching controlsTilda-Cache-Tags - Tags for selective cache purgingtilda-cdn-cache - CDN cache status for the request. Possible values:HIT - Content served from CDN cacheMISS - Content fetched from originSTALE - Served stale contentBYPASS - Cache was bypassedtilda-cdn-cache-hits - Number of CDN cache hits for this contenttilda-corecache - CoreCache status for the request. Possible values:HIT - Content served from CoreCacheMISS - Content not found in CoreCachex-served-by - Identifies the servers that handled the request (e.g., "cache-iad-kiad7000123-IAD, cache-yyz4554-YYZ")x-tilda-dbg - Debug information for Tilda supportx-robots-tag - Default robots directives for development environments. Tilda adds x-robots-tags: noindex, nofollow, noarchive to all responses that are served from tilda.build domain names. This makes sure that search engines do not index non-production versions of your site.You can access these headers in your application code to implement features like:
For caching-related headers and their usage, refer to the Caching documentation.