Remove 'server' and 'via' headers from heroku?

Question

When I'm sending a request to my local server here are my response headers:

Connection → close
Content-Length → 7
Content-Type → application/json; charset=utf-8
Date → Thu, 27 Aug 2015 11:40:19 GMT

After deploying to heroku, the same code results in those headers:

Connection → keep-alive
Content-Length → 7
Content-Type → application/json; charset=utf-8
Date → Thu, 27 Aug 2015 11:41:34 GMT
Set-Cookie: connect.sid=s%3alz-zheycqsruc40pukndy8; path=/
Server → Cowboy
Via → 1.1 vegur

Here is my code:

var express     = require('express');
var app         = express();

app.disable('etag');
app.disable('x-powered-by');

var router = express.Router(); // get an instance of the express Router
router.route('/cool').post(function (req, res) {
    res.removeHeader('Access-Control-Allow-Credentials');
    res.removeHeader('Access-Control-Allow-Origin');
    res.removeHeader('server');
    res.removeHeader('set-cookie');
    res.removeHeader('via');
    res.set('Connection', 'close');
    return res.json({"t": 5});
});

How can I get rid of the server, via, set-cookie headers? and why Connection becomes keep-alive ?

Answer 1

I opened a support ticket in Heroku for that, and they responded it is not possible.

Dan,

Unfortunately, there is no way to remove those headers on a per-application basis.

Cheers, Damien

Here is the conversation: