Access-Control-Request-Headers

The Access-Control-Request-Headers request header is used by browsers when issuing a preflight request to let the server know which HTTP headers the client might send when the actual request is made (such as with fetch() or XMLHttpRequest.setRequestHeader()). The complementary server-side header of Access-Control-Allow-Headers will answer this browser-side header.

Header type Request header
Forbidden header name yes

Syntax

http
Access-Control-Request-Headers: <header-name>, <header-name>, …

Directives

<header-name>

A comma-delimited list of HTTP headers that are included in the request.

Examples

http
Access-Control-Request-Headers: X-PINGOTHER, Content-Type

Specifications

Specification
Fetch Standard
# http-access-control-request-headers

Browser compatibility

BCD tables only load in the browser

See also