This page is not complete.
Sec-Fetch-User fetch metadata header is only sent for requests initiated by user activation, and its value will always be
|Header type||Fetch Metadata Request Header|
|Forbidden header name||yes, since it has prefix
|CORS-safelisted request header|
The value will always be
?1. When a request is triggered by something other than a user activation, the spec requires browsers to omit the header completely.
|Fetch Metadata Request Headers
The definition of 'Sec-Fetch-User' in that specification.
|Editor's Draft||Initial definition|
BCD tables only load in the browser