FAIRVISOR
Response Headers
Header presence depends on decision path and limiter result. Not every response contains all headers.
Rate-limit headers
| Header | Present when | Notes |
|---|---|---|
RateLimit-Limit | Limiter returns limit | Algorithm-dependent |
RateLimit-Remaining | Limiter returns remaining | Algorithm-dependent |
RateLimit-Reset | Limiter returns reset or retry_after | Fallback 1 in some limiter paths |
RateLimit | A limiter result exists | Structured: "<policy_or_rule>";r=<remaining>;t=<reset> |
Fairvisor follows the standard RateLimit* header model from:
- https://datatracker.ietf.org/doc/draft-ietf-httpapi-ratelimit-headers/
- https://datatracker.ietf.org/doc/draft-polli-ratelimit-headers/
Reject headers
| Header | Present when |
|---|---|
Retry-After | Reject decisions |
Retry-After includes deterministic per-identity jitter and is not runtime-configurable.
X-Fairvisor-Policy, X-Fairvisor-Rule, and the reject reason are emitted in debug-session headers only (as X-Fairvisor-Debug-Policy, X-Fairvisor-Debug-Rule, X-Fairvisor-Debug-Reason). See Debug Session.
Advisory headers
| Header | Present when |
|---|---|
X-Fairvisor-Warning | Non-blocking warning paths (budget_warn, budget_throttle, loop_warn) |
X-Fairvisor-Loop-Count | Loop detector emits loop metadata |
Debug headers
Debug headers are available only on requests that carry a valid signed debug cookie. Set FAIRVISOR_DEBUG_SESSION_SECRET and call POST /v1/debug/session to obtain one.
| Header | Notes |
|---|---|
X-Fairvisor-Decision | Effective decision action |
X-Fairvisor-Mode | enforce or shadow |
X-Fairvisor-Latency-Us | Decision latency in microseconds |
X-Fairvisor-Debug-Decision | Same as above (verbose form) |
X-Fairvisor-Debug-Mode | Same as above (verbose form) |
X-Fairvisor-Debug-Reason | Internal reject reason |
X-Fairvisor-Debug-Policy | Policy ID that triggered the decision |
X-Fairvisor-Debug-Rule | Rule name that triggered the decision |
X-Fairvisor-Debug-Latency-Us | Same as above (verbose form) |
X-Fairvisor-Debug-Matched-Policies | Number of policies evaluated |
X-Fairvisor-Debug-Descriptor-* | Per-descriptor key/value pairs (up to 16) |
See Debug Session.
Notes on token headers
Some docs/examples may show additional token-specific headers such as X-Fairvisor-TPD-Remaining. Treat those as implementation-dependent unless explicitly documented by your running version.
Shadow mode
In shadow mode, would-reject decisions are converted to allow. Reject-specific response headers are suppressed for the client path.
Top-level runtime overrides (global_shadow, kill_switch_override) also do not add client-visible response headers. Use logs and metrics to verify override state.
decision_service vs reverse_proxy
- In
decision_service, headers are returned on/v1/decisionand must be forwarded by the gateway. - In
reverse_proxy, headers are attached on proxied responses in nginx filter phases.