Sec-Purpose
The HTTP Sec-Purpose request header indicates when a browser requests a resource for prefetching or prerendering rather than immediate display.
Usage
The Sec-Purpose header allows servers to identify speculative loading requests. Browsers send this header when fetching resources ahead of time in anticipation of future navigation. The server receives the hint and decides whether to fulfill the request, defer side effects, or return a non-success status to prevent the speculative load.
The header appears on requests triggered by
<link rel="prefetch">, <link rel="prerender">, or
speculation rules API calls. The browser sets the value
to prefetch for simple resource prefetching or
prefetch;prerender for full page prerendering where
the browser renders the page before navigation occurs.
The recommended server-side approach is to allow
prefetch and prerender requests to complete but defer
problematic side effects. Operations like sign-out,
language switching, add-to-cart actions, OTP sending,
usage allowance increments, and ad conversion tracking
need to be deferred until the user navigates
to the page. Client-side JavaScript detects activation
through the performance.getEntriesByType("navigation")
API by checking for a deliveryType of
"navigational-prefetch".
const nav =
performance.getEntriesByType("navigation")[0];
if (nav.deliveryType === "navigational-prefetch") {
// trigger deferred actions
}
Returning a non-success HTTP status (outside 200-299 after Redirects) prevents the speculative load entirely. Status codes 204 and 205 prevent prerendering but not prefetching.
The Sec- prefix prevents JavaScript from spoofing
the value through fetch() or XMLHttpRequest and
avoids CORS preflight conflicts affecting
the
legacy Purpose header. The header works
alongside Sec-Fetch-Dest and
Sec-Fetch-Mode to provide complete
request context.
No-Vary-Search interaction
Prefetched pages sometimes include URL search
parameters (like UTM tracking codes) not affecting
the server response. The No-Vary-Search
response header tells the browser which search
parameters are irrelevant for matching. When a
prefetched URL differs from the navigation URL only
in ignored parameters, the browser reuses the
prefetched response instead of making a new request.
Speculation rules support an expects_no_vary_search
hint to anticipate this header before the prefetch
completes.
Invalidating cached speculations
The Clear-Site-Data header
supports "prefetchCache" and "prerenderCache"
directives to invalidate cached speculative loads.
A state-changing request like a logout or cart update
returns these directives so subsequent navigations
fetch fresh content.
Clear-Site-Data: "prefetchCache", "prerenderCache"
Note
Supported by Chromium-based browsers (Chrome, Edge, Opera) and Firefox. The header requires a secure context (HTTPS). Chrome stopped sending the legacy Purpose header, making Sec-Purpose the sole prefetch signal in Chromium-based browsers.
Values
prefetch
The prefetch value indicates the browser is fetching
a resource in anticipation of future need. The user has
not navigated to the page.
prefetch;prerender
The prefetch;prerender value indicates the browser
intends to fully render the page before navigation.
This signals more aggressive preparation including
executing JavaScript and loading subresources. The
prerender parameter originates from the Speculation
Rules API (now part of WHATWG HTML), not from the core
Fetch specification which only defines prefetch.
Example
A browser prefetches a linked page. The server logs the request separately from actual page views and defers analytics tracking.
Sec-Purpose: prefetch
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
A browser prerenders a search result page expected to receive a click. The server defers side effects until activation.
Sec-Purpose: prefetch;prerender
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
A server preventing a speculative load by returning a non-success status. The browser discards the speculative response.
HTTP/1.1 503 Service Unavailable
Takeaway
The Sec-Purpose header identifies prefetch and prerender requests, allowing servers to distinguish speculative loading from actual user navigation and defer side effects until page activation.
See also
- Speculation Rules API (MDN)
- Prerender pages in Chrome (Chrome Developers)
- Fetch Standard (WHATWG)
- Pass Sec-Purpose: prefetch with link rel=prefetch (Chrome Status)
- Purpose
- Clear-Site-Data
- Sec-Fetch-Dest
- Sec-Fetch-Mode
- HTTP headers