v.23.7Improvement

Allow Filtering of HTTP Headers in URL/S3 Table Functions with http_forbid_headers Configuration

Published: November 25, 2025

Allow filtering HTTP headers for the URL/S3 table functions with the new http_forbid_headers section in config. Both exact matching and regexp filters are available. #51038 (Nikolay Degterinsky).

Added a new http_forbid_headers configuration section to filter HTTP headers in URL and S3 table functions, supporting both exact and regexp-based matching.

Why it matters

This feature allows users to control and restrict which HTTP headers can be sent during requests made by URL and S3 table functions, enhancing security and preventing the transmission of unwanted or sensitive headers.

How to use it

Users can enable this feature by adding the http_forbid_headers section in the ClickHouse configuration file, specifying the headers to block either via exact names or regular expressions. This configuration will then apply filtering automatically to HTTP headers used by URL and S3 table functions.

Related resources

Pull Request #51038