TOML different headers for different contexts

I would like to use basic-auth on all deployments EXCEPT production. This has been covered before by Selective Password Protection but that involves copying the _headers file during build which is a bit messy:

  • Requires multiple configuration files (netlify.toml, _headers) so you can’t know the complete configuration by looking at the TOML file. (Aside from a comment).
  • Requires an extra step in every build, has to be set up in every repository.
  • If you want some common headers and some unique headers, I’m not sure what the optimum settings would be? Shared headers in .TOML and different _headers files for production and others?

Ideally we would be able to nest [[headers]] within [context...] sections in netlify.toml, and Netlify would choose the appropriate value for a given header following the same override hierarchy as other settings.

I tried a couple different formats in netlify.toml but was unable to find something that worked, and the docs don’t speak to nesting headers. Is there something I’m missing, or is it just not possible?

Hi @df-1, you can modify headers and redirect in the toml file at build time using something like sed and your header can be set in an ENV VAR. For example:

sed -i s/HEADER_PLACEHOLDER/${BASIC_AUTH_HEADER}/g netlify.toml && yarn build

Let me know if that works for you.