A quick question: I have a need to add additional header variables to the page before it is send to the browser. However, while I can find access points to read the header variables, I’m unable to find a way to add my changes… I know I can do this via the special handler etc… but am I out of luck to do it on the page?
I don’t see how you can do that in Xojo, apart from using App.HTMLHeader.
Otherwise, you can use JavaScript immediately after the page has loaded to add to the header.
Could you explain what you are trying to do?
In a nut shell, responses from my application need to pass through a third party security check before reaching the requesting browser. To pass the security check the response must include additional header entries indicating things like which geographic regions the user must login in from before the data is visible to them etc… Thus the same user logging in from France gets to see less data than when he logs in from Switzerland for example.
Since WebApplication.HTMLHeader is read only, it does not seem possible to set it with variables prior to the page been sent.
The only way I see would be to use handleURL to serve one master page with all the necessary headers, which presents a full screen iFrames that shows the Xojo app Webpages.
That way you can have anything you want in the headers.
Unfortunately IFrames are a big no no in bank security 
Then I see no other way than to manage all your app from HandleURL with an HTML UI.