Using ModHeader for localization

What is localization?

Localization is the process of translating and adapting a product to a country or region. For example, some contents may be viewable in one country, but may be blocked in another country. Although this is very important for legal purpose, it creates a headache for the engineering team to test their features across different regions.

A popular way in which many engineering teams have used to solve this problem is to use a special request header to switch between different locales or regions. For example, one may use X-Forced-Region: FR to simulate as if the request is coming from France.

Switching locales and regions

Using ModHeader, you can easily modify a request header like X-Forced-Region using the following steps:

  • Click on , and select Request header
  • Add X-Forced-Region request header with the desired value.
  • Now visit your web server, and you should see X-Forced-Region sent to it. You can update your web server code to read from that request header and return the localized content based on the header value.
  • Going one step further, you can click on , and select URL filter to enable the header override only on specific URLs. This way, you will not accidentally leak your localization header to other third-party websites.
  • You can create multiple rows in ModHeader containing the regions that you frequently need to test, then use the checkboxes on the left hand side of each row to quickly toggle the rule on and off.

Security considerations

Modifying request headers to switch between locales and regions can greatly simplify your development process. However, if the request header format is leaked, your users might be able to switch regions just like you could. For additional security, you may want to only allow such switch for certain groups of users or from certain IP sets. This way, even if the request header format is leaked, your end users will not be able to bypass your region check.