The XMLHttpRequest method setRequestHeader() sets the value of an HTTP request header. When using setRequestHeader(), you must call it after calling open(), but before calling send(). If this method is called several times with the same header, the values are merged into one single request header.

Each time you call setRequestHeader() after the first time you call it, the specified text is appended to the end of the existing header's content.

If no Accept header has been set using this, an Accept header with the type "*/*" is sent with the request when send() is called.

For security reasons, some headers can only be controlled by the user agent. These headers include the forbidden header names and forbidden response header names.

Note: For your custom fields, you may encounter a "not allowed by Access-Control-Allow-Headers in preflight response" exception when you send requests across domains. In this situation, you need to set up the Access-Control-Allow-Headers in your response header at server side.


XMLHttpRequest.setRequestHeader(header, value)


The name of the header whose value is to be set.
The value to set as the body of the header.

Return value



Specification Status Comment
The definition of 'setRequestHeader()' in that specification.
Living Standard WHATWG living standard

Browser compatibility

Update compatibility data on GitHub
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
setRequestHeaderChrome Full support 1Edge Full support 12Firefox Full support 1IE Full support 5Opera Full support 8Safari Full support 1.2WebView Android Full support 1Chrome Android Full support 18Firefox Android Full support 4Opera Android Full support 10.1Safari iOS Full support 1Samsung Internet Android Full support 1.0


Full support  
Full support

See also