index.js in RESTApps

index.js is the entry point and route configuration for a RESTApp. This is where the RESTApp's endpoints are created. The SiteVision Public API is accessible.

The URL to a RESTApp looks like this: <domain>/rest-api/<addonName>/<restAppRoute>

A simple index.js:

(function() {
   'use strict';

   var router = require('router');

   router.get('/', function(req, res) {
      res.json({message: 'Hello World'});


Routes handle how a RESTApp responds requests. The router object provides methods to respond to the following request methods:

  • GET
  • PUT
  • POST

A route definition has the following structure:

router.method(path, handler);	

Basic examples:

var router = require('router'); // retrieve an instance of the router object

// GET [domain]/rest-api/[headlessCustomModuleName]/user
router.get('/user', function(req, res) {
   res.json({user: 'Robin'});

Route parameters

Route parameters are used to capture a value in the URL. Below is an example of a path that will capture userId on the /user route.

// GET [domain]/rest-api/[headlessCustomModuleName]/user/123
router.get('/user/:id', function(req, res) {
 // route is matched and {id: 123} will be populated in the req.params object

Request object (req)

The req object is a representation of the HTTP-request.



Object that contains parameters passed to a route. The object contains route parameters ('/user/:userId'), query string parameters and values in the request body from POST, PUT and DELETE.

// GET [domain]/rest-api/[headlessCustomModuleName]/user/456
router.get('/user/:userId', function(req, res) {; // 456
// GET [domain]/rest-api/[headlessCustomModuleName]/user?foo=bar
router.get('/user', function(req, res) {; // bar
// POST [domain]/rest-api/[headlessCustomModuleName]/addToBasket (productId=1)'/addToBasket', function(req, res) {; // 1


Object containing files from a multi-part request.'/', function(req, res) {
   var myFile =;


Object that contains cookies from the request.

// Cookie basketId=789
router.get('/user', function(req, res){; // 789


Boolean indicating whether or not the request is an XHR (ajax) request.

router.get('/', function(req, res) {
   if (req.xhr) {
      res.json({foo: 'ajax-bar'});
   } else {
      res.json({foo: 'bar'});


Session data is stored and accessed through the req.session property. Session attributes are namespaced for WebApps/RESTapps, i.e. "global" session attributes cannot be accessed. Note that session data must be JSON serializable.

// WebApp/RESTApp x
router.get('/', function(req, res) { = 'John Doe';
// WebApp/RESTApp y
router.get('/', function(req, res) {; // 'John Doe';

req.hostname [@since 4.5.3]

Hostname from the HTTP-request'/', function(req, res) {; //



Invalidates current session.

req.header(name) [@since 4.5.2]

Request headers from the HTTP-request'/', function(req, res) {'user-agent')); //mozilla....

Response object (res)

The res object is a representation of the HTTP-response.


res.set(name, value)

Sets a HTTP-header in the response. Returns this for chaining purposes.

res.set('X-Content-Type-Options', 'nosniff')
   .set('Cache-Control', 'no-cache');

res.type(type) [@since 4.5.2]

Sets the response Content-Type header. If type contains the “/” character, then it will be used as-is. Returns this for chaining purposes.

res.type('.html');      // => 'text/html'
res.type('html');       // => 'text/html'
res.type('text/html');  // => 'text/html'
res.type('svg');        // => 'image/svg+xml'
res.type('txt');        // => 'text/plain'


Sends a character response. Type will be text/html if not explicitly set.

res.send('<p>Hello from RESTApp!</p>');	
   .send('<svg version="1.1" ... </svg>');	


Sends a application/json-response.

   id: '123',
   foo: 'bar'


Sends a file as response. Uses best effort for content type matching if no type is explicitly set. File argument must be a or a SiteVision JCR-Node (sv:file or sv:image).

res.type('application/xml; charset=ISO-8859-1')


Sets the HTTP-status for the response. Returns this for chaining purposes.

res.status(404).send('Not found');


Adds a cookie. The cookie is set with httpOnly = false and path = '/'.

   name: 'basketId',
   value: '123'

res.clearCookie(name [, path])

Clears a cookie given a name. If path is missing, it defaults to '/'.