Sec,fetch,site:,cross,site Apr 2026

Modern browsers include a set of HTTP request headers known as . These headers allow servers to make security decisions based on how a request was initiated and where it came from.

If you are looking for the exact syntax used in a network request, it usually looks like this: sec,fetch,site:,cross,site

: This is the most critical header in your list. It tells the server the relationship between the request initiator's origin and the target resource's origin. Modern browsers include a set of HTTP request

— Indicates the "where" (different domain). not an image or script).

— Indicates the "how" (using the Fetch API/CORS).

— Indicates the "what" (data fetch, not an image or script).