An object of this type is returned by event listeners that have set "blocking" in their extraInfoSpec argument.

By setting particular properties in BlockingResponse, the listener can modify network requests.

Note that you can't set all this object's properties in every listener: the properties you can set are dependent on the event that triggered this listener, as detailed below.


Values of this type are objects. They contain the following properties:

object. If set, the request is made using the given credentials. You can only set this property in onAuthRequired. The authCredentials property is an object with the following properties:
string. Username to supply.
string. Password to supply.
boolean. If true, the request is cancelled. You can only set this property in onBeforeRequest, onBeforeSendHeaders, onHeadersReceived, and onAuthRequired.
string. This is a URL, and if set, the original request is redirected to that URL. You can only set this property in onBeforeRequest or onHeadersReceived.
Redirections to non-HTTP schemes such as data: are allowed, but they are not currently supported (bug 707624). Redirects use the same request method as the original request unless initiated from onHeadersReceived stage, in which case the redirect uses the GET method.
If an extension wants to redirect a public (e.g. HTTPS) URL to an extension page, the extension's manifest.json file must contain a web_accessible_resources key that lists the URL for the extension page..

webRequest.HttpHeaders. This is an HttpHeaders object, an array in which each object represents a header. If set, the request is made with these headers rather than the original headers. You can only set this property in onBeforeSendHeaders .

webRequest.HttpHeaders. This is an HttpHeaders object, an array in which each object represents a header. If set, the server is assumed to have responded with these response headers instead of the originals. You can only set this property in onHeadersReceived. If multiple extensions attempt to set the same header (for example, Content-Security-Policy), only one of the changes will be successful.
boolean. If set to true and the original request is an HTTP request, this will prevent the original request from being sent and instead make a secure (HTTPS) request. If any extension returns redirectUrl in onBeforeRequest, then upgradeToSecure will be ignored for that request. You can only set this property in onBeforeRequest.

Browser compatibility

Update compatibility data on GitHub
ChromeEdgeFirefoxOperaFirefox for Android
BlockingResponseChrome Full support YesEdge Full support 14Firefox Full support 45Opera Full support YesFirefox Android Full support 48
upgradeToSecureChrome No support NoEdge No support NoFirefox Full support 59Opera No support NoFirefox Android Full support 59


Full support  
Full support
No support  
No support

This API is based on Chromium's chrome.webRequest API. This documentation is derived from web_request.json in the Chromium code.