Fired when the HTTP response headers associated with a request have been received. You can use this event to modify HTTP response headers.

To have the response headers passed into the listener along with the rest of the request data, pass "responseHeaders" in the extraInfoSpec array.

To modify the headers, pass "blocking" in extraInfoSpec. Then in your event listener, return an object with a property named responseHeaders, whose value is the set of response headers to use. The browser will behave as if the server had sent the modified headers.

From Firefox 52 onwards, instead of returning BlockingResponse, the listener can return a Promise which is resolved with a BlockingResponse. This enables the listener to process the request asynchronously.

If you use "blocking", you must have the "webRequestBlocking" API permission in your manifest.json.

Note that it is possible for extensions to conflict here. If two extensions listen to onHeadersReceived for the same request, then the second listener will see modifications made by the first listener, and will be able to undo any changes made by the first listener. For example, if the first listener adds a Set-Cookie header, and the second listener strips all Set-Cookie headers, then the first listener's modifications will be lost. If you want to see the headers that are actually processed by the system, without the risk that another extension will subsequently alter them, use onResponseStarted, although you can't modify headers on this event.


  listener,             // function
  filter,               //  object
  extraInfoSpec         //  optional array of strings

Events have three functions:

addListener(callback, filter, extraInfoSpec)
Adds a listener to this event.
Stop listening to this event. The listener argument is the listener to remove.
Check whether listener is registered for this event. Returns true if it is listening, false otherwise.

addListener syntax



Function that will be called when this event occurs. The function will be passed the following arguments:

object. Details of the request. This will include response headers if you have included "responseHeaders" in extraInfoSpec.

Returns: webRequest.BlockingResponse. If "blocking" is specified in the extraInfoSpec parameter, the event listener should return a BlockingResponse object, and can set its responseHeaders property.

webRequest.RequestFilter. A set of filters that restricts the events that will be sent to this listener.
array of string. Extra options for the event. You can pass any of the following values:
  • "blocking" to make the request synchronous, so you can modify request headers
  • "responseHeaders" to include the response headers in the details object passed to the listener

Additional objects


string. URL of the document in which the resource will be loaded. For example, if the web page at "https://example.com" contains an image or an iframe, then the documentUrl for the image or iframe will be "https://example.com". For a top-level document, documentUrl is undefined.
integer. Zero if the request happens in the main frame; a positive value is the ID of a subframe in which the request happens. If the document of a (sub-)frame is loaded (type is main_frame or sub_frame), frameId indicates the ID of this frame, not the ID of the outer frame. Frame IDs are unique within a tab.
string. Standard HTTP method: for example, "GET" or "POST".

string. URL of the resource which triggered the request. For example, if "https://example.com" contains a link, and the user clicks the link, then the originUrl for the resulting request is "https://example.com".

The originUrl is often but not always the same as the documentUrl. For example, if a page contains an iframe, and the iframe contains a link that loads a new document into the iframe, then the documentUrl for the resulting request will be the iframe's parent document, but the originUrl will be the URL of the document in the iframe that contained the link.

integer. ID of the frame that contains the frame which sent the request. Set to -1 if no parent frame exists.

object. This property is present only if the request is being proxied. It contains the following properties:

string. The hostname of the proxy server.
integer. The port number of the proxy server.

string. The type of proxy server. One of:

  • "http": HTTP proxy (or SSL CONNECT for HTTPS)
  • "https": HTTP proxying over TLS connection to proxy
  • "socks": SOCKS v5 proxy
  • "socks4": SOCKS v4 proxy
  • "direct": no proxy
  • "unknown": unknown proxy
string. Username for the proxy service.
boolean. True if the proxy will perform domain name resolution based on the hostname supplied, meaning that the client should not do its own DNS lookup.
integer. Failover timeout in seconds. If the proxy connection fails, the proxy will not be used again for this period.
string. The ID of the request. Request IDs are unique within a browser session, so you can use them to relate different events associated with the same request.
webRequest.HttpHeaders. The HTTP response headers that were received for this request.
integer. Standard HTTP status code returned by the server.
string. HTTP status line of the response or the 'HTTP/0.9 200 OK' string for HTTP/0.9 responses (that is, responses that lack a status line).
integer. ID of the tab in which the request takes place. Set to -1 if the request isn't related to a tab.
number. The time when this event fired, in milliseconds since the epoch.
webRequest.ResourceType. The type of resource being requested: for example, "image", "script", "stylesheet".
string. Target of the request.

Browser compatibility

ChromeEdgeFirefoxFirefox for AndroidOpera
Basic support Yes1141452 3482 3 Yes1
details.frameId Yes144548 Yes
details.method Yes144548 Yes
details.originUrl No No4848 No
details.parentFrameId Yes144548 Yes
details.proxyInfo No No5757 No
details.requestId Yes144548 Yes
details.responseHeaders Yes144548 Yes
details.statusCode Yes144548 Yes
details.statusLine Yes144548 Yes
details.tabId Yes144548 Yes
details.timeStamp Yes144548 Yes
details.type Yes144548 Yes
details.url Yes144548 Yes

1. Asynchronous event listeners are not supported.

2. Modification of the 'Content-Type' header is supported from version 51.

3. Asynchronous event listeners are supported from version 52.


This code sets an extra cookie when requesting a resource from the target URL:

var targetPage = "https://developer.mozilla.org/en-US/Firefox/Developer_Edition";

// Add the new header to the original array,
// and return it.
function setCookie(e) {
  var setMyCookie = {
    name: "Set-Cookie",
    value: "my-cookie1=my-cookie-value1"
  return {responseHeaders: e.responseHeaders};

// Listen for onHeaderReceived for the target page.
// Set "blocking" and "responseHeaders".
  {urls: [targetPage]},
  ["blocking", "responseHeaders"]

This code does the same thing the previous example, except that the listener is asynchronous, returning a Promise which is resolved with the new headers:

var targetPage = "https://developer.mozilla.org/en-US/Firefox/Developer_Edition";

// Return a Promise that sets a timer.
// When the timer fires, resolve the promise with
// modified set of response headers.
function setCookieAsync(e) {
  var asyncSetCookie = new Promise((resolve, reject) => {
    window.setTimeout(() => {
      var setMyCookie = {
        name: "Set-Cookie",
        value: "my-cookie1=my-cookie-value1"
      resolve({responseHeaders: e.responseHeaders});
    }, 2000);

  return asyncSetCookie;

// Listen for onHeaderReceived for the target page.
// Set "blocking" and "responseHeaders".
  {urls: [targetPage]},
  ["blocking", "responseHeaders"]


This API is based on Chromium's chrome.webRequest API. This documentation is derived from web_request.json in the Chromium code.

Microsoft Edge compatibility data is supplied by Microsoft Corporation and is included here under the Creative Commons Attribution 3.0 United States License.

Document Tags and Contributors

Contributors to this page: wbamberg, globau, andrewtruongmoz, Makyen, johnadungan
Last updated by: wbamberg,