Our volunteers haven't translated this article into عربي yet. Join us and help get the job done!
You can also read the article in English (US).

The Timing-Allow-Origin response header specifies origins that are allowed to see values of attributes retrieved via features of the Resource Timing API, which would otherwise be reported as zero due to cross-origin restrictions.

Header type Response header
Forbidden header name no


Timing-Allow-Origin: *
Timing-Allow-Origin: <origin>[, <origin>]*


The server may specify "*" as a wildcard, thereby allowing any origin to see timing resources.
Specifies a URI that may see the timing resources. You can specify multiple origins, separated by commas.


To allow any resource to see timing resources:

Timing-Allow-Origin: *

To allow https://developer.mozilla.org to see timing resources, you can specify:

Timing-Allow-Origin: https://developer.mozilla.org


Specification Status Comment
Resource Timing Level 3
The definition of 'Timing-Allow-Origin' in that specification.
Editor's Draft Initial definition.

Browser compatibility

Update compatibility data on GitHub
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidEdge MobileFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
Timing-Allow-OriginChrome Full support YesEdge ? Firefox Full support YesIE ? Opera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile ? Firefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes


Full support  
Full support
Compatibility unknown  
Compatibility unknown

See also

Document Tags and Contributors

المساهمون في هذه الصفحة: mdnwebdocs-bot, baileylo, chrisdavidmills
آخر مَن حدّثها: mdnwebdocs-bot,