Sec-CH-UA-Full-Version-List header
Limited availability
This feature is not Baseline because it does not work in some of the most widely-used browsers.
Experimental:This is anexperimental technology
Check theBrowser compatibility table carefully before using this in production.
Secure context: This feature is available only insecure contexts (HTTPS), in some or allsupporting browsers.
The HTTPSec-CH-UA-Full-Version-Listrequest header is auser agent client hint which provides the user-agent's branding and full version information.
TheSec-CH-UA-Full-Version-List header provides the brand and full version information for each brand associated with the browser, in a comma-separated list.
The header may include "fake" brands in any position and with any name.This is a feature designed to prevent servers from rejecting unknown user agents outright, forcing user agents to lie about their brand identity.
Note:This is similar toSec-CH-UA, but includes the full version number instead of the significant version number for each brand.
| Header type | Request header,Client hint |
|---|---|
| Forbidden request header | Yes (Sec- prefix) |
Syntax
Sec-CH-UA-Full-Version-List: "<brand>";v="<full version>", …The value is a comma separated list of brands in the user agent brand list, and their associated full version number.
Directives
<brand>A brand associated with the user agent, like "Chromium", "Google Chrome".This may be an intentionally incorrect brand like
" Not A;Brand"or"(Not(A:Brand"(the actual value is expected change over time and be unpredictable).<full version>A full version number, such as 98.0.4750.0.
Description
A brand is a commercial name for the user agent like: Chromium, Opera, Google Chrome, Microsoft Edge, Firefox, and Safari.A user agent might have several associated brands.For example, Opera, Chrome, and Edge are all based on Chromium, and will provide both brands in theSec-CH-UA-Full-Version-List header.
The header allows the server to customize its response based on both shared brands and on particular customizations in their specific respective builds.
Examples
Using Sec-CH-UA-Full-Version-List
A server requests theSec-CH-UA-Full-Version-List header by including theAccept-CH in aresponse to any request from the client, using the name of the desired header as a token:
HTTP/1.1 200 OKAccept-CH: Sec-CH-UA-Full-Version-ListThe client may choose to provide the hint, and add theSec-CH-UA-Full-Version-List header to subsequent requests, as shown below:
GET /my/page HTTP/1.1Host: example.siteSec-CH-UA: " Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"Sec-CH-UA-Mobile: ?0Sec-CH-UA-Full-Version-List: " Not A;Brand";v="99.0.0.0", "Chromium";v="98.0.4750.0", "Google Chrome";v="98.0.4750.0"Sec-CH-UA-Platform: "Linux"Specifications
| Specification |
|---|
| User-Agent Client Hints # sec-ch-ua-full-version-list |