Support rewriting HTTP headers
In order to have more control over accessing multiple services through one facade provided by Front Door it'd be nice to have an opportunity to rewrite/add some HTTP headers when it's needed. Using rewriting it'd be possible to protect apps by creating some checks on added header value (e.g. 'x-frontdoor-key') on the app side. It'd make possible to be sure that all request are coming through WAF
Header rewrite capabilities in front door like application gateway.
Cyrus Dargahi commented
This would be great as it would enable calling API Management with subscription authorization enable, for now that has to be switched off in API Management to get it to work, which has an impact on security
Simser, Bil commented
I would like to see this too. Disappointed that so many things you can already do in Application Gateway are not available in Front Door. I'm still looking for a way to be able to add some kind of header to specify which backend the request is coming from (without resorting to code changes). The x-azure-ref variable is cute but no idea how to correlate it to which backend the response came from.
Shahid Iqbal commented
I'd like header rewrite features similar to App Gateway v2 so I can add security headers like CSP etc to static hosting in storage