The mode read-only property of the Request interface contains the mode of the request (e.g., cors, no-cors, same-origin, or navigate.) This is used to determine if cross-origin requests lead to valid responses, and which properties of the response are readable.


var myMode = request.mode;


A RequestMode value.

The associated mode, available values of which are:

  • same-origin — If a request is made to another origin with this mode set, the result is simply an error. You could use this to ensure that a request is always being made to your origin.
  • no-cors — Prevents the method from being anything other than HEAD, GET or POST, and the headers from being anything other than simple headers. If any ServiceWorkers intercept these requests, they may not add or override any headers except for those that are simple headers. In addition, JavaScript may not access any properties of the resulting Response. This ensures that ServiceWorkers do not affect the semantics of the Web and prevents security and privacy issues arising from leaking data across domains.
  • cors — Allows cross-origin requests, for example to access various APIs offered by 3rd party vendors. These are expected to adhere to the CORS protocol. Only a limited set of headers are exposed in the Response, but the body is readable.
  • navigate — A mode for supporting navigation. The navigate value is intended to be used only by HTML navigation. A navigate request is created only while navigating between documents.

Default mode

Requests can be initiated in a variety of ways, and the mode for a request depends on the particular means by which it was initiated.

For example, when a Request object is created using the Request.Request constructor, the value of the mode property for that Request is set to cors.

However, for requests created other than by the Request.Request constructor, no-cors is typically used as the mode; for example, for embedded resources where the request is initiated from markup, unless the crossorigin attribute is present, the request is in most cases made using the no-cors mode — that is, for the <link> or <script> elements (except when used with modules), or <img>, <audio>, <video>, <object>, <embed>, or <iframe> elements.


In the following snippet, we create a new request using the Request.Request() constructor (for an image file in the same directory as the script), then save the request mode in a variable:

var myRequest = new Request('flowers.jpg');
var myMode = myRequest.mode; // returns "cors" by default


Specification Status Comment
The definition of 'mode' in that specification.
Living Standard Initial definition

Browser compatibility

Update compatibility data on GitHub
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
Chrome Full support 42Edge Full support 14Firefox Full support 39IE No support NoOpera Full support 29Safari No support NoWebView Android Full support 49Chrome Android Full support 49Firefox Android No support NoOpera Android No support NoSafari iOS No support NoSamsung Internet Android Full support 5.0
navigate mode
Chrome Full support 49Edge Full support ≤18Firefox Full support 46IE No support NoOpera ? Safari No support NoWebView Android No support NoChrome Android Full support 49Firefox Android No support NoOpera Android No support NoSafari iOS No support NoSamsung Internet Android Full support 5.0


Full support  
Full support
No support  
No support
Compatibility unknown  
Compatibility unknown
Experimental. Expect behavior to change in the future.
Experimental. Expect behavior to change in the future.


See also