HTTP transport channel custom properties
If we are using an HTTP transport channel, we can add any of the following custom properties to the configuration settings for that channel.
To add a custom property, complete the following task:
- In the administrative console, click...
-
Servers | Server Types
...and then select one of the following options, depending on the type of chain we are creating...
- Application servers | server | Web Container Settings | Web container transport chains | chain_name | HTTP Inbound Channel | Custom Properties | New
- WebSphere Proxy servers | server. Under HTTP Proxy Server Settings |Proxy server transports | [HTTPS_PROXY_CHAIN | HTTP_PROXY_CHAIN] | HTTP Inbound Channel | Custom Properties | New
- Under General Properties specify the name of the custom property in the Name field and a value for this property in the Value field. We can also specify a description of this property in the Description field.
- Click Apply or OK.
- Click Save to save the configuration changes.
- Restart the server.
Properties
- accessLogFormat
- CookiesConfigureNoCache
- DoNotAllowDuplicateSetCookies
- EnableBuildBackupList
- HonorTransferEncoding
- limitFieldSize
- limitNumHeaders
- localLogFilenamePrefix
- loggingDisable
- QuoteAddedNoCacheValue
- RemoveCLHeaderInTempStatusRespRFC7230compat
- RemoveServerHeader
- sameSiteLax
- sameSiteNone
- sameSiteStrict
- ServerHeaderValue
- trustedHeadOrigin
- trustedSensitiveHeadOrigin
- SustainedHighVolumeLogging
- UseCaseSensitiveKeyMatcher
- v0CookieDateRFC1123compat
- WaitForEndOfMessage
accessLogFormat
Specify the information to include in the NCSA access log for an HTTP transport channel, and how we want that information formatted. The value for this property is a space separated list of options. The order specified the options determines the format of this information in the log.
Each option can be enclosed in quotation marks, but the quotation marks are not required. Unless otherwise noted, a value of - is printed for an option if the requested information cannot be obtained for that option.
The Following list indicates the available options and the information that is printed if that option is specified as part of the value specified for this property.
| %a | Remote IP address |
| %A | Local IP address |
| %b | Response size in bytes excluding headers |
| %B | Response size in bytes excluding headers. 0 is printed instead of - if no value is found. |
| %{CookieName}C or %C | The request cookie specified within the brackets, or if the brackets are not included, prints all of the request cookies. |
| %D | The elapsed time of the request - millisecond accuracy, microsecond precision |
| %h | Remote host |
| %i or %{HeaderName}i | HeaderName header value from the request |
| %m | Request method |
| %o or %{HeaderName}o | HeaderName header value from the response |
| %q | Output the query string with any password escaped |
| %r | First line of the request |
 %{R}W
| Service time of the request from the moment the request is received until the first set of bytes of the response is sent - millisecond accuracy, microsecond precision
|
| %s | Status code of the response |
| %t | NCSA format of the start time of the request |
| %(t)W | The current time when the message to the access log is queued to be logged in normal NCSA format |
| %u | Remote user according to the WAS specific $WSRU header |
| %U | URL Path, not including the query string |
| %{X}W | Cross Component Tracing (XCT) Context ID |
For example, we might specify the following directives as the value for this property:
%h %i %u %t "%r" %s %b
Based on this setting, the NCSA access log will include the following information for each request in the specified order:
- The remote host
- The HeaderName header value from the request
- The remote user according to the WebSphere Specific $WSRU header
- The NCSA format of the start time of the request
- The first line of the request
- The status code of the response
- The response size in bytes excluding headers
If we use this custom property, ensure that the Use chain-specific logging option is selected as part of the configuration settings for NCSA access logging. By default, the Use global logging service option is selected for NCSA access logging.
CookiesConfigureNoCache
Specify whether the presence of a Set-Cookie header in an HTTP response message triggers the addition of several cache related headers. If set to true, an Expires header with a very old date, and a Cache-Control header that explicitly tells the client not to cache the Set-Cookie header are automatically added. These headers are not automatically added if this property is set to false.
This property is functionality equivalent to the com.ibm.websphere.cookies.no.header property that was available in previous versions of the product.
| Information | Value |
|---|---|
| Data type | Boolean |
| Default | True |
DoNotAllowDuplicateSetCookies
Prevent the HTTP Channel from sending multiple Set-Cookie headers with the same name. The default is false.
| Information | Value |
|---|---|
| Default | False |
EnableBuildBackupList
Enable the HTTP channel to scan for the history files in the access and error logs directory, and rolling these files over with any newer log files created.
When true, the HTTP Channel scans for the history files in the access and error logs directory, and rolls these files over with any newer log files created.
- After configuring the HTTP error log and the NCSA access log, make sure that the Enable NCSA access logging field is selected for the HTTP channels for which we want logging to occur. To verify that this field is selected for an HTTP channel, click Servers > Server Types > Application servers > server > Web Container Transport Chains > HTTP Inbound Channel. This setting has to be enabled before setting this custom property to true has any effect on the HTTP channel functionality.
- If we use this custom property we must also ensure that the Use chain-specific logging option is selected as part of the configuration settings for NCSA access logging. By default, the Use global logging service option is selected for NCSA access logging.
| Information | Value |
|---|---|
| Data type | Boolean |
| Default | False |
HonorTransferEncoding
Indicate whether the HTTP transport channels should convert a chunked message to a content-length delimited message when there is only one chunk.
When true, the HTTP transport channels write out the chunks instead of switching to a content-length message even if the message only consists of one chunk. There is a performance impact to this setting because the HTTP transport channels does two writes for every single-chunk message: the first write is for the message, and the second write is for the zero byte chunk that marks the end of the message
When false, the HTTP transport channels convert a chunked message to a content-length delimited message when there is only one chunk. This setting improves channel performance because the channel only does one write for a single-chunk message that is converted to a content-length message.
| Information | Value |
|---|---|
| Data type | Boolean |
| Default | False |
limitFieldSize
Enforce the size limits on various HTTP fields, such as request URLs, or individual header names or values. Enforcing the size limits of these fields guards against possible Denial of Service attacks. An error is returned to the remote client if a field exceeds the allowed size.
| Information | Value |
|---|---|
| Data type | Integer |
| Default | 32768 |
| Range | 50-32768 |
limitNumHeaders
Limit the number of HTTP headers that can be present in an incoming message. If this limit is exceeded, an error is returned to the client.
| Information | Value |
|---|---|
| Data type | Integer |
| Default | 500 |
| Range | 50 to 4000 |
localLogFilenamePrefix
Specify a prefix for the filename of the network log file. Normally, when inprocess optimization is enabled, requests through the inprocess path are logged based on the logging attributes set up for the web container's network channel chain. Use this property to add a prefix to the filename of the network log file. This new filename is then used as the filename for the log file for inprocess requests. Requests sent through the inprocess path are logged to this file instead of to the network log file. For example, if the log file for a network transport chain is named .../httpaccess.log, and this property is set to local for the HTTP channel in that chain, the filename of the log file for inprocess requests to the host associated with that chain is …/localhttpaccess.log.
If we specify a value for the localLogFilenamePrefix custom property, we must also set the accessLogFileName HTTP channel custom property to the fully qualified name of the log file we want to use for in process requests. We cannot specify a variable, such as $(SERVER_LOG_ROOT), as the value for this custom property.
| Information | Value |
|---|---|
| Data type | String |
loggingDisable
Disable NCSA, FRCA, and error logging on the specified chain.
| Information | Value |
|---|---|
| Data type | Boolean |
| Default | False |
QuoteAddedNoCacheValue
Add a quoted no-cache attribute to a Cache-Control response header that doesn't already have the attribute on it.
The HTTP Channel will correctly add the quoted no-cache attribute to the header. In the following example, the no-cache attribute is added to this header supplied on the response: Cache-Control: public, max-age=604800, no-cache="set-cookie".
| Information | Value |
|---|---|
| Default | False |
RemoveCLHeaderInTempStatusRespRFC7230compat
Ensure that the HTTP Channel prevents sending the Content-Length header on response messages with an information status of 1xx or 204.
| Information | Value |
|---|---|
| Default | False |
RemoveServerHeader
Force the removal of any server header from HTTP responses that the application server sends, thereby hiding the identity of the server program.
| Information | Value |
|---|---|
| Data type | Boolean |
| Default | False |
(v9.0.5.4) sameSiteLax
Provide a list of cookie names or patterns for the Lax value that is set on the SameSite attribute.We can specify a single wildcard character (*) as a stand-alone value, or as a character that follows a cookie name prefix. Any cookie name or pattern in the list must be unique. Also, the cookie name or pattern must not be in any configurations that are created by specifying the None value or Strict value on the SameSite attribute.
(v9.0.5.4) sameSiteNone
Provide a list of cookie names or patterns for the None value that is set on the SameSite attribute.We can specify a single wildcard character (*) as a stand-alone value, or as a character that follows a cookie name prefix. Any cookie name or pattern in the list must be unique. Also, the cookie name or pattern must not be in any configurations that are created by specifying the Lax value or Strict value on the SameSite attribute. Each cookie that is modified to contain a SameSite
(v9.0.5.4) sameSiteStrict
Provide a list of cookie names or patterns for the Strict value that is set on the SameSite attribute.We can specify a single wildcard character (*) as a stand-alone value, or as a character that follows a cookie name prefix. Any cookie name or pattern in the list must be unique. Also, the cookie name or pattern must not be in any configurations that are created by specifying the Lax value or None value on the SameSite attribute.
ServerHeaderValue
Replace the default value of the Server header that is added to all outgoing HTTP responses by server if a Server header does not already exist. The default value for the Server header is WAS v/x.x, where x.x is the version of WAS running on the system.
Prior to v8.5.0.2, if a Server header does not already exist, either the default Server header, or the header we specify as the value of this property, is added to all outgoing HTTP responses by server.
Starting with v8.5.0.2, a Server header is no longer automatically added to all outgoing HTTP responses if a Server header does not already exist. If we add this property with a value, that value is included in the Server header that appears in the response. If we specify the value DefaultServerValue, WAS v/x.x is used as the Server header value.
| Information | Value |
|---|---|
| Data type | String |
trustedHeaderOrigin
Access control list for the receipt of private headers. For example, the $WSPR private headers are sent by proxy servers. This property accepts a list of comma-separated IP addresses, a value of *, or a value of none. The list denotes IP addresses of proxy servers that are allowed to send WebSphere Application Server private headers to the server. When the value is *, any remote host can send private headers. However, when the value is none, no remote hosts are allowed to send private headers.If the web container custom property of trusted is set to false, no inbound private headers are processed, regardless of the setting for the trustedHeaderOrigin property. Additionally, any IP addresses that are defined in the trustedSensitiveHeaderOrigin custom property are implicitly trusted to send non-sensitive private headers, regardless of the setting for the trustedHeaderOrigin property.
| Information | Value |
|---|---|
| Data type | String |
trustedSensitiveHeaderOrigin
Access control list for the receipt of sensitive private headers, which can be sent by proxy servers. This property accepts a list of comma-separated IP addresses that denote the IP addresses of proxy servers that are allowed to send sensitive WebSphere Application Server private headers to the server. The property can also be set to * or none. When the property is set to *, any remote host can send private headers. However, when the value is set to none, no remote hosts are allowed to send private headers.When the web container custom property of trusted is set to false, no inbound private headers are processed, regardless of this property.
| Information | Value |
|---|---|
| Data type | String |
SustainedHighVolumeLogging
Allow the logging code to attempt to catch up with the backlog of entries. Set in the Admin console Application Servers > Server Name > Web Container Transport Chains > Chain Name > HTTP Channel Name > Custom Properties.
UseCaseSensitiveKeyMatcher
UseCaseSensitiveKeyMatcher is to be used in conjunction to accessLogFormat.
Setting this property to true will allow the Key Matcher used in accessLogFormat to be case sensitive. This addresses the case where directives exist both in lower and upper case (i.e. %u and %U).
| Information | Value |
|---|---|
| Default | False |
v0CookieDateRFC1123compat
Indicate that the value for the V0 Set-Cookie header Expires attribute is specified in the four digit year format instead of the two digit year format.
By default, the value for the V0 Set-Cookie header Expires attribute is specified in the two digit year format. Set the v0CookieDateRFC1123compat property to true if we need to use the older RFC1123, which requires a four digit year format value for the V0 Set-Cookie Expires attribute.
| Information | Value |
|---|---|
| Data type | Boolean |
| Default | False |
WaitForEndOfMessage
Use this custom property to force the channel to wait for the end of message to be read before starting to service the response.
| Information | Value |
|---|---|
| Default | False |