Sec-Fetch-Site
Draft
This page is not complete.
The Sec-Fetch-Site
fetch metadata header indicates the relationship between a request initiator's origin and the origin of the resource.
Header type | Fetch Metadata Request Header |
---|---|
Forbidden header name | yes, since it has prefix Sec- |
CORS-safelisted response header | |
CORS-safelisted request header |
Syntax
Sec-Fetch-Site: cross-site
Sec-Fetch-Site: same-origin
Sec-Fetch-Site: same-site
Sec-Fetch-Site: none
Values
cross-site
same-origin
same-site
none
- This request does not relate to any context like site, origin, or frame. This can happen when user had initiated this request by, e.g. directly entering a URL in the address bar, opening a bookmark, or dragging-and-dropping a file into the browser window.
Examples
TODO
Specifications
Specification | Status | Comment |
---|---|---|
Fetch Metadata Request Headers The definition of 'Sec-Fetch-Site' in that specification. |
Editor's Draft | Initial definition |
Browser compatibility
BCD tables only load in the browser