Usually, automatic setting of content-length is desirable (to automatically match the byte-size of the body field). However there are occasions when Content-Length should NOT match the body's content length in bytes.
One prominent example is in responses to HEAD requests, where only the headers should be returned, without a body.
This is commonplace when dealing with remote media files, e.g. MP3 files served over a URL -
where the initial response always includes the full file size in the Content-Length, with an empty body.
(Clients use this information to present the relevant UX, as well as to orchestrate subsequent requests to the remote server).
Expected Behavior
Headers explicitly set programmatically should be kept in place.
At the very least, there should be a mode that enforces this.
Which browser are you using? (if relevant)
No response
How are you deploying your application? (if relevant)
Verify canary release
Provide environment information
Which area(s) of Next.js are affected? (leave empty if unsure)
Middleware / Edge (API routes, runtime)
Link to the code that reproduces this issue
https://codesandbox.io/p/sandbox/floral-cache-o8jqgq
To Reproduce
Describe the Bug
The 'Content-Length' header is explicitly stripped from the response, by this
next/sandbox
code snippet: https://github.com/vercel/next.js/blob/canary/packages/next/src/server/web/sandbox/sandbox.ts#L108-L110Usually, automatic setting of content-length is desirable (to automatically match the byte-size of the
body
field). However there are occasions when Content-Length should NOT match the body's content length in bytes. One prominent example is in responses to HEAD requests, where only the headers should be returned, without a body.This is commonplace when dealing with remote media files, e.g. MP3 files served over a URL - where the initial response always includes the full file size in the Content-Length, with an empty body. (Clients use this information to present the relevant UX, as well as to orchestrate subsequent requests to the remote server).
Expected Behavior
Headers explicitly set programmatically should be kept in place.
At the very least, there should be a mode that enforces this.
Which browser are you using? (if relevant)
No response
How are you deploying your application? (if relevant)
Vercel