Upgrade-Insecure-Requests

The HTTP Upgrade-Insecure-Requests request header is sent from the client to ask the server to use an encrypted and authenticated HTTP response, if possible.

Table of Contents

Usage

The HTTP Upgrade-Insecure-Requests request header acts as a signal from the client to the server that it can understand secure HTTP requests and moreover, that it prefers communications to be authenticated and encrypted.

The HTTP Upgrade-Insecure-Requests header is part of the Content Security Policy (CSP).

Takeaway

The HTTP Upgrade-Insecure-Requests request header is sent by the client to HTTP request that the server uses encrypted and authenticated HTTP responses.

See also

Last updated: June 2, 2022