The Access-Control-Request-Headers request header is used by browsers when issuing a preflight request, to let the server know which HTTP headers the client might send when the actual request is made (such as with setRequestHeader()). This browser side header will be answered by the complementary server side header of Access-Control-Allow-Headers.
| Header type | Request header |
|---|---|
| Forbidden header name | yes |
Syntax
Access-Control-Request-Headers: <header-name>, <header-name>, ...
Directives
- <header-name>
- A comma-delimited list of HTTP headers that are included in the request.
Examples
Access-Control-Request-Headers: X-PINGOTHER, Content-Type
Specifications
| Specification | Status | Comment |
|---|---|---|
| Fetch The definition of 'Access-Control-Request-Headers' in that specification. |
Living Standard | Initial definition. |
Browser compatibility
BCD tables only load in the browser