Access-Control-Request-Headers
Baseline Widely available
This feature is well established and works across many devices and browser versions. It’s been available across browsers since July 2015.
The HTTP Access-Control-Request-Headers
request header is used by browsers when issuing a preflight request to let the server know which HTTP headers the client might send when the actual request is made (such as with fetch()
or XMLHttpRequest.setRequestHeader()
). The complementary server-side header of Access-Control-Allow-Headers
will answer this browser-side header.
Header type | Request header |
---|---|
Forbidden header name | Yes |
Syntax
Access-Control-Request-Headers: <header-name>,<header-name>,…
Directives
<header-name>
-
A sorted list of unique, comma-separated, lowercase HTTP headers that are included in the request.
Examples
Access-Control-Request-Headers: content-type,x-pingother
Specifications
Specification |
---|
Fetch # http-access-control-request-headers |
Browser compatibility
Report problems with this compatibility data on GitHubdesktop | mobile | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
Access-Control-Request-Headers |
Legend
Tip: you can click/tap on a cell for more information.
- Full support
- Full support