A list of headers, each of which has fields name, value, and value\_is\_literal.
name: Name of the header being sent back to the requesting client.
value: Either a literal value or a reference to metadatum on the server that handles a request.
value\_is\_literal: If true, the value field will be treated as a literal.
cookies
A list of cookies, each of which has fields name, value, value\_is\_literal, expires\_in\_sec, domain, path, secure, http\_only, and same\_site.
name: Name of the cookie being sent back to the requesting client.
value: Either a literal value or a reference to metadatum on the server that handles a request.
value\_is\_literal: If true, the value field will be treated as a literal. This field must be set to true if the response_data set is a literal value you want set on the return header/cookie.
expires\_in\_sec: Integer that specifies how long the cookie will be valid. Defaults to 0.
domain: String of host to which the cookie will be sent. Defaults to "".
path: URL path that must be met in a request for the cookie to be sent to the server. Defaults to "".
secure: If true, then cookie will only be sent to a server when a request is made via HTTPS. Defaults to false.
http\_only: If true, cookies are not available via javascript through Document.cookie. Defaults to false.
same\_site: Specifies how a cookie should be treated when a request is being made across site boundaries. Must be one of:
"strict" : causes SameSite=Strict to be passed back with a cookie
"lax" : causes SameSite=Lax to be passed back with a cookie
"" : does not alter the cookie annotation set (default value)
