Request Headers in Cloud Functions
An incoming HTTP request includes the HTTP headers sent by the client. Use this reference page for details about how these HTTP headers are processed in Cloud Functions requests.
Headers removed from incoming requests
For security purposes, some headers are sanitized or amended by intermediate proxies before they reach your function.
Headers with names that match the X-Google-* pattern are removed from
incoming requests if a client sends them. This name pattern is reserved for use
by Google.
In addition, the following headers are removed from incoming requests because they relate to the transfer of HTTP data between the client and server:
ConnectionKeep-AliveProxy-AuthorizationTETrailerTransfer-Encoding
Headers added for your use
Cloud Functions adds the following headers to all requests:
X-Cloud-Trace-Context
A unique identifier for the request used for Cloud Trace
and Cloud Logging. For example: "65011637f09e0a5179677a7429456db7/1027871334010811884;o=1"
X-Forwarded-For
A comma-delimited list of IP addresses through which the client request has been routed. The first IP in this list is generally the IP of the client that created the request. The subsequent IPs provide information about proxy servers that also handled the request before it reached the application server. For example:
X-Forwarded-For: clientIp, proxy1Ip, proxy2Ip
X-Forwarded-Proto
Shows http or https based on the protocol the client used to connect to
your application.
The Google Cloud Load Balancer terminates all https connections, and then
forwards traffic to Cloud Functions over http. For example,
if the request is sent to:
https://YOUR_PROJECT_ID.cloudfunctions.net/YOUR_FUNCTION_NAME
the X-Forwarded-Proto header value is https.