Origin request header indicates where a fetch originates from. It doesn't include any path information, but only the server name. It is sent with CORS requests, as well as with
POST requests. It is similar to the
Referer header, but, unlike this header, it doesn't disclose the whole path.
Origin: "" Origin: <scheme> "://" <host> [ ":" <port> ]
Origin can be the empty string: this is useful, for example, if the source is a
|RFC 6454, section 7: Origin||The Web Origin Concept|
The definition of 'Origin header' in that specification.
|Supplants the |
|Feature||Android webview||Chrome for Android||Edge mobile||Firefox for Android||IE mobile||Opera Android||iOS Safari|
1. Not sent with
POST requests, see bug 10482384.
2. Not sent with
POST requests, see bug 446344.
© 2005–2018 Mozilla Developer Network and individual contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.