Access-Control-Request-Headers
The HTTP Access-Control-Request-Headers request header is sent by the client to indicate which HTTP headers it might send during the subsequent HTTP request.
Usage
The Access-Control-Request-Headers request header is part of the CORS protocol to allow cross-origin sharing, and it is sent as part of a preflight request to indicate which HTTP headers it may use during the actual HTTP request. The server’s response will include the Access-Control-Allow-Headers response, indicating whether they can be accepted.
Example
In this example, the client sends a preflight request using HTTP OPTIONS method and indicates that it will be using the HTTP Content-Type and X-User-Addr headers. The server responds to a previous HTTP request that was made by the client. As part of it, the Access-Control-Request-Headers response header is included to indicate that Content-Type and the customer X-User-Addr headers are supported.
Request
OPTIONS /
Access-Control-Request-Headers: Content-Type, X-User-Addr
Response
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type, X-User-Addr
Takeaway
The Access-Control-Request-Headers request header is sent by the client during a preflight request to suggest what HTTP headers will be needed during the actual HTTP request.