Upgrade-Insecure-Requests

优质
小牛编辑
129浏览
2023-12-01

HTTP Upgrade-Insecure-Requests请求头向服务器发送一个信号,表示客户对加密和认证响应的偏好,并且它可以成功处理upgrade-insecure-requests CSP 指令。

Header type

Request header

Forbidden header name

no

句法

Upgrade-Insecure-Requests: 1

例子

客户端向服务器请求它支持以下升级机制的信号upgrade-insecure-requests

GET / HTTP/1.1 Host: example.com 
Upgrade-Insecure-Requests: 1

服务器现在可以重定向到该网站的安全版本。一个Vary可以使用的头,这样的网站不会被缓存投放到不支持升级机制的客户。

Location: https://example.com/ Vary: Upgrade-Insecure-Requests

产品规格

Specification

Status

Comment

Upgrade Insecure RequestsThe definition of 'upgrade-insecure-requests' in that specification.

Candidate Recommendation

Initial definition.

浏览器兼容性

Feature

Chrome

Firefox

Edge

Internet Explorer

Opera

Safari

Basic Support

44

48.0

(No)1

(No)

31

?

Feature

Android

Chrome for Android

Edge mobile

Firefox for Android

IE mobile

Opera Android

iOS Safari

Basic Support

?

44

(No)

48.0

?

31

?

  • Under consideration 即将发布
  • Content-Security-Policy
  • CSP upgrade-insecure-requests