Access-Control-Request-Headers header
Baseline Widely available
This feature is well established and works across many devices and browser versions. It’s been available across browsers since July 2015.
The HTTPAccess-Control-Request-Headersrequest header is used by browsers when issuing apreflight request to let the server know whichHTTP headers the client might send when the actual request is made (such as withfetch() orXMLHttpRequest.setRequestHeader()). The complementary server-side header ofAccess-Control-Allow-Headers will answer this browser-side header.
| Header type | Request header |
|---|---|
| Forbidden request header | Yes |
Syntax
http
Access-Control-Request-Headers: <header-name>,<header-name>,…Directives
<header-name>A sorted list of unique, comma-separated, lowercaseHTTP headers that are included in the request.
Examples
http
Access-Control-Request-Headers: content-type,x-pingotherSpecifications
| Specification |
|---|
| Fetch # http-access-control-request-headers |