A forbidden header name is an HTTP header name that cannot be modified programmatically; specifically, an HTTP request header name.
Contrast with Forbidden response header name.
These are forbidden, so the user agent retains full control over them. Names starting with `
Sec-` are reserved for creating new headers safe from APIs using Fetch that grant developers control over headers, such as
Forbidden headers names start with
Sec-, or consists of one of these: