この記事はまだボランティアによって 日本語 に翻訳されていません。ぜひ MDN に参加して翻訳を手伝ってください!
この記事を English (US) で読むこともできます。

The HTTP Upgrade-Insecure-Requests request header sends a signal to the server expressing the client’s preference for an encrypted and authenticated response, and that it can successfully handle the upgrade-insecure-requests CSP directive.

Header type Request header
Forbidden header name no

Syntax

Upgrade-Insecure-Requests: 1

Examples

A client requests  signals to the server that it supports the upgrade mechanisms of upgrade-insecure-requests:

GET / HTTP/1.1 
Host: example.com 
Upgrade-Insecure-Requests: 1

The server can now redirect to a secure version of the site. A Vary header can be used so that the site isn't served by caches to clients that don’t support the upgrade mechanism.

Location: https://example.com/ 
Vary: Upgrade-Insecure-Requests

Specifications

Specification Status Comment
Upgrade Insecure Requests
The definition of 'upgrade-insecure-requests' in that specification.
Candidate Recommendation Initial definition.

Browser compatibility

Update compatibility data on GitHub
DesktopMobile
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidEdge MobileFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
Basic supportChrome Full support 44Edge Full support 17Firefox Full support 48IE No support NoOpera Full support 31Safari Full support 10.1WebView Android ? Chrome Android Full support 44Edge Mobile No support NoFirefox Android Full support 48Opera Android Full support 31Safari iOS Full support 10.3Samsung Internet Android Full support 4.0

Legend

Full support  
Full support
No support  
No support
Compatibility unknown  
Compatibility unknown

See also

ドキュメントのタグと貢献者

このページの貢献者: fscholz, teoli
最終更新者: fscholz,