Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Intent to ship: Fetch Metadata Request Headers

Skip to first unread message

Niklas Gögge

May 19, 2021, 11:28:46 AM5/19/21
As of Firefox 90 we intend to turn Fetch Metadata Request Headers on by default on all platforms. It has been developed behind the preference. Chrome, Opera and Edge have already shipped this feature.
Bug to turn on by default:

A fetch metadata request header is a HTTP request header that provides additional information about the context the request originated from. These header names are prefixed with Sec- and thus they are forbidden header names so headers can not be modified from JavaScript.
Fetch metadata request headers provide the server with additional information about where the request originated from, enabling it to ignore potentially malicious requests.

0 new messages