View categories

Categories

Language Support
- Node.js
- Ruby
  - Rails Support
  - Working with Bundler
- Python
  - Working with Django
  - Background Jobs in Python
- Java
  - Working with Maven
  - Java Database Operations
  - Java Advanced Topics
  - Working with Spring Boot
- PHP
- Go
  - Go Dependency Management
- Scala
- Clojure

Databases & Data Management
- Heroku Postgres
  - Postgres Basics
  - Postgres Getting Started
  - Postgres Performance
  - Postgres Data Transfer & Preservation
  - Postgres Availability
  - Postgres Special Topics
- Heroku Data For Redis
- Apache Kafka on Heroku
- Other Data Stores

Monitoring & Metrics
- Logging

App Performance

Add-ons
- All Add-ons

Collaboration

Security
- App Security
- Identities & Authentication
  - Single Sign-on (SSO)
- Compliance

Heroku Enterprise
- Private Spaces
  - Infrastructure Networking
- Enterprise Accounts
- Enterprise Teams
- Heroku Connect (Salesforce sync)
  - Heroku Connect Administration
  - Heroku Connect Reference
  - Heroku Connect Troubleshooting

Patterns & Best Practices

Extending Heroku
- Platform API
- App Webhooks
- Heroku Labs
- Building Add-ons
  - Add-on Development Tasks
  - Add-on APIs
  - Add-on Guidelines & Requirements
- Building CLI Plugins
- Developing Buildpacks
- Dev Center

Accounts & Billing

Troubleshooting & Support

Integrating with Salesforce

Multiple host headers forbidden in requests to prevent 'Host of Troubles' vulnerability

Change effective on 07 November 2016

To protect customer applications, the Heroku router now forbids incoming requests from using multiple host name entries in their HTTP headers. This change is compliant with RFC 7230 section 5.4 and protects applications and hosts from various forms of cache poisoning and filtering.

Zulu JDK 8u112 and 7u121 now available Stack image updated to address cURL vulnerabilities