Sec-Fetch-Mode

The HTTP Sec-Fetch-Mode request header is sent by the client to indicate the mode of the HTTP request.

Table of Contents

Usage

The HTTP Sec-Fetch-Mode request header is used to identify the mode of a HTTP request. Generally, it gives the server the ability to distinguish between a user navigating links within a client’s browser, and supporting HTTP requests that perform tasks such as loading an image.

The possible directives are cors, navigate, no-cors, same-origin, and websocket. The cors and no-cors directives indicate whether the HTTP request is made using the CORS protocol. The navigate directive is applied if the HTTP request is initiated via navigation between HTML documents. The same-origin directive indicates that the HTTP request is being made from the same origin as the target resource, and the websocket directive states that the request is being made to create a WebSocket connection.

Example

In this example, a cross-site HTTP request generated an audio file include the following three headers:

Request

Sec-Fetch-Dest: audio
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors

Takeaway

The HTTP Sec-Fetch-Mode request header is used to inform the server about the mode of the HTTP request.

See also

Last updated: June 20, 2022