Feature requests - what do you already love, what could be better?

Bandwidth used / per site (not just the whole account)

Publish a new website via a HTTP request

Hi Netlfy,
I’m building a nocode website builder https://pazly.dev After an extensive competitor analysis I realized your Drop service (Netlify App) is the most user friendly web publishing tool I found. Still many of my users find it a bit strange that they have to download their HTML file, put it in a folder, go to the Netlify Drop website and drop it, when publishing for the first time.

I’d like to ask if there is a way to send programmatically, via a HTTP request, the content of an index.html file and automatically direct the user to the Netlify page where they can claim the website. Is this in any way possible? It would be great to add a 'publish on netlify button" in my project. I estimate a great number of publish requests and website claimins from my tool.

Looking forward to your answer.
With Best Regards,
Cristian

In the Custom Domains pane of the Domains page, I would like:

  • for domain aliases that are using Netlify DNS to show the “Netlify DNS” button, the way the primary domain does.
  • for the “Options” drop-down button of the Default (Netlify) subdomain to offer the ability to redirect traffic automatically to the primary custom domain.
  • for domain alias (additional custom domains) to show that they redirect automatically to the primary domain, in addition to showing that they are domain aliases
2 Likes

I would like to be able to set the Host header for a redirect…

Such that for example:

[[redirects]]
  from = "/*"
  to = "https://destination.com/:splat"
  status = 200
  headers = {
       "Host" = "original.com",
       "X-Forwarded-Host" = "original.com"
}

Will make it so the “Host” header is “original.com.” I believe this is currently unsupported https://answers.netlify.com/t/can-the-host-header-be-defined-on-a-redirect/19241/8

Or if that is not possible my real hope is to make it so the Host header sent along is set to “original.com” which is the original domain… so maybe for some sort of configuration flag like…

[[redirects]]
      from = "/*"
      to = "https://destination.com/:splat"
      origin_host = true

But with a better name than origin_host

Thanks for your consideration :slight_smile:

2 Likes

Hey @dot, thanks for this feature request. We do have an open issue for configurable Host header, but for now it’s not possible since we rely on specific behavior for that header internally. Still, I’ve added this thread to that conversation so we can follow up here if it gets worked on.

Just to make sure I understand correctly: what is the relationship of original.com to the site where the netlify.toml lives?

1 Like

Also wanted to share this example that may be of interest in case you can use a custom header instead of Host specifically:

Hi @jen, thanks for your response! In this example, original.com is our sub domain that we are using for our netlify app (configured in netlify dns). Our netlify app is simply a netlify.toml like the one above in order to be a proxy server that provides our original.com’s https cert to the request on its way to the eventual https://destination.com. https://destination.com is a 3rd party API we integrate with that expects to be passed the HOST header “original.com” for security purposes to verify it is a valid request. So right now we cannot fully integrate because Netlify is not passing that header on, and I cannot use a custom header as I cannot modify the 3rd party API.

Support a concept of Environment files.

Netlify has a concept of environment variables. It also has a concept of SSH deploy keys which are super opinionated and basically require you to use Git submodules.

A lot of people write insane hacks to provide themselves with files (like, put an SSH private key in an env variable, write it to a file using a preinstall script), for a plethora of common use cases.

Wouldn’t it be simpler to have a concept of “Environment files”, which you would upload from your Build section of the site (same as Environment variables) and have them be available at a predictable path inside the build container? It would also be trivial to test locally with the netlify-build-image.
It could first and foremost be used to provide yourself with SSH keys without using the Deploy keys abstraction (which is a sub-par abstraction) or committing anything to your repo, but it could also be used for config files or any other type of file that you need to have on the server at build time.

Hey @Valerio_Versace ! Thanks for such a thoughtful and well written feature request. I have written up an issue with the information you have provided, and linked this post and that issue, so we can update you here if we decide to implement this! thank you again.

It would be very useful if the file based configuration had wildcard support for branch names:

[context."feature/*"]
    command = "echo 'special branch'"
    base = "branch"

I love the support for branch deploys within Netlify. For instance, if I set up a branch deploy for the develop branch, it is deployed to develop--mysite.netlify.app.

However, my main site is hosted at mysite.com (CNAME for mysite.netlify.app).

I think a really useful feature would enable setting up some type of certificate for develop.mysite.com as a CNAME for develop--mysite.netlify.app, making the development version easier to remember / easier to find / and more easily shareable with stakeholders. (I can do this today, but the certificate is not handled, so things look insecure).

I could see different use cases potentially requiring different domains entirely (dev-mysite.com), so a wildcard may not suffice, and I could likewise see this becoming somewhat complex, so am thinking mostly of long-lived, static branches (like develop).

1 Like

hi there cole, this doesn’t address all the points you raised, but you are welcome to ask us to extend an SSL certificate to a branch if your main concern is that the branches look insecure. As long as Netlify DNS is used for the apex domain, extending the SSL cert to cover subdomains is something we can do without problems.

This is an open request above.

You can find a workaround on this thread.

This may sound a little out there, but is it possible to completely disable HTTPS on a particular website?

The reason for this is backwards compatibility with old hardware/browsers for a non-interactive, information-only site intended to be as accessible as possible.

I cannot find the ability to do so anywhere, so I would like to request the ability to easily do so. I love how easy it is to have a secure site set up, but for certain niches using browsers that are no longer updated, it can cause issues.

Hi, @mrudden. Sorry about the delay on this. I asked for an internal review of this policy before answering and that is what caused the delay.

The short answer is: No, it won’t be possible to disable HTTPS for sites hosted with our service.

Normally, we would file a feature request for any unsupported requirements that people might have. In this case, though, I’m certain this is a feature that we not will ever provide and I’ll try to explain why.

We made a change to enforce SSL on all sites back in 2018 and there is a blog post about this here:

Making it possible to opt out of this wasn’t allowed at that time. I can enter a feature request but it not being possible to disable it is intentional and changing this is very unlikely to occur. Even for non-interactive sites, the absence of SSL makes it trivial for third-parties to modify the sites content invisibly to both the web server and the client browser receiving the content.

For an example of how easy it is to modify site content when there is no SSL enabled, please see the Upside-Down-Ternet site.

I am explaining this because I want to be 100% transparent that if we were to file a feature request for this it almost certainly never will actually get made and I don’t want you waiting for a feature request that will never exist.

To summarize, you cannot opt out of using SSL at Netlify and this is unlikely to ever change.

3 Likes

This should be the quote of the year!

@luke I get too busy, but I just would like to say, I love reading your responses. These have to be very hard to convey sometimes and although I think this is a good hill to die on, it shouldn’t even be an issue. :heart_eyes:

There are plenty of other hosting options where HTTPS is not the default.

Thank you @luke, for your thoughtful response. I understand totally where Netlify is coming from and appreciate it - it’s an extremely niche audience that would be unable to view these sites completely - and only if HTTPS is forced. It’s totally reasonable to not allow opt-out from having these certs issued.

I did test visiting one of my Netlify sites using IE8 on Windows 7, and it does not load. This appears to indicate that HTTPS is forced on Netlify. GitLab and GitHub’s pages features both allow opting out of forced/enforced HTTPS which increases backwards compatibility. Testing with those features, sites I have hosted on those platforms will not load while enabled, but will allow use of HTTP if not enabled.

I think it might be a nice addition to the DNS documentation pages to include one or more tools to help guide people through the configuration process.

The first could be a field where the user enters the Netlify subdomain name, and it spits out the A and CNAME records for those wishing to delegate DNS elsewhere.

The second could be “built-in” consoles pre-configured for various permutations of whois, dig, httpstat, sslopen, etc, so users could enter their apex and subdomain(s), see what the DNS system current shows, and then give examples of what they should be seeing. I’m thinking this could easily be done with something like Termible.

2 Likes

I would love to see an automatic HTML, CSS and JavaScript minifier upon deployment. I am aware the there is a third party HTML minifier available as an add-on but it would be nice to see this as a native Netlify feature.

Thanks,
Damian