この記事はまだボランティアによって 日本語 に翻訳されていません。ぜひ MDN に参加して翻訳を手伝ってください!
この記事を English (US) で読むこともできます。

The HTTP Upgrade-Insecure-Requests request header sends a signal to the server expressing the client’s preference for an encrypted and authenticated response, and that it can successfully handle the upgrade-insecure-requests CSP directive.

Header type Request header
Forbidden header name no

Syntax

Upgrade-Insecure-Requests: 1

Examples

A client requests  signals to the server that it supports the upgrade mechanisms of upgrade-insecure-requests:

GET / HTTP/1.1 
Host: example.com 
Upgrade-Insecure-Requests: 1

The server can now redirect to a secure version of the site. A Vary header can be used so that the site isn't served by caches to clients that don’t support the upgrade mechanism.

Location: https://example.com/ 
Vary: Upgrade-Insecure-Requests

Specifications

Specification Status Comment
Upgrade Insecure Requests
The definition of 'upgrade-insecure-requests' in that specification.
Candidate Recommendation Initial definition.

Browser compatibility

FeatureChromeEdgeFirefoxInternet ExplorerOperaSafari
Basic support441748 No3110.1
FeatureAndroid webviewChrome for AndroidEdge mobileFirefox for AndroidOpera AndroidiOS SafariSamsung Internet
Basic support ?44 No483110.34.0

See also

ドキュメントのタグと貢献者

このページの貢献者: fscholz, teoli
最終更新者: fscholz,