Skip to content

Sync with fetch spec for Forbidden request header #38296

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sideshowbarker merged 1 commit into from
Feb 24, 2025
Merged

Sync with fetch spec for Forbidden request header #38296

sideshowbarker merged 1 commit into from
Feb 24, 2025

Conversation

@Josh-Cena
Copy link
Member

@Josh-Cena Josh-Cena commented Feb 24, 2025

Fix #22502.

whatwg/fetch#1541 changes both the terminology and its definition. This PR makes docs in sync with latest spec.

@Josh-Cena Josh-Cena requested review from a team as code owners February 24, 2025 05:34
@Josh-Cena Josh-Cena requested review from hamishwillee, pepelsbey and sideshowbarker and removed request for a team February 24, 2025 05:34
@github-actions github-actions bot added Content:WebAPI Web API docs Content:HTTP HTTP docs Content:Glossary Glossary entries Content:Firefox Content in the Mozilla/Firefox subtree Content:Meta Content in the meta docs size/m [PR only] 51-500 LoC changed labels Feb 24, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Feb 24, 2025

Preview URLs (166 pages)
Flaws (446)

Note! 21 documents with no flaws that don't need to be listed. 🎉

URL: /en-US/docs/MDN/Writing_guidelines/Page_structures/Page_types/HTTP_header_page_template
Title: HTTP header page template
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Glossary/Forbidden_request_header
Title: Forbidden request header
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/forbidden_response_header_name is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/forbidden_response_header_name which is a redirect
    • Macro produces link /en-US/docs/Web/HTTP/Headers/Accept-Charset which is a redirect
    • Can't resolve /en-US/docs/Web/HTTP/Methods/TRACK

URL: /en-US/docs/Glossary/CORS-safelisted_request_header
Title: CORS-safelisted request header
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/preflight_request is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/preflight_request which is a redirect

URL: /en-US/docs/Web/API/Fetch_API/Using_Fetch
Title: Using the Fetch API
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/stringifier is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/stringifier which is a redirect

URL: /en-US/docs/Web/API/Headers
Title: Headers
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/forbidden_request_header is ill cased
    • /en-US/docs/Glossary/forbidden_response_header_name is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/forbidden_request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/forbidden_response_header_name which is a redirect

URL: /en-US/docs/Web/API/RequestInit
Title: RequestInit
Flaw count: 3

  • broken_links:
    • /en-US/docs/Glossary/base64 is ill cased
  • macros:
    • Can't resolve /en-US/docs/Glossary/Forbidden_request_headers
    • Macro produces link /en-US/docs/Glossary/base64 which is a redirect

URL: /en-US/docs/Web/HTTP/CORS
Title: Cross-Origin Resource Sharing (CORS)
Flaw count: 6

  • broken_links:
    • /en-US/docs/Glossary/origin is ill cased
    • /en-US/docs/Glossary/preflight_request is ill cased
    • /en-US/docs/Glossary/preflight_request is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect
    • Macro produces link /en-US/docs/Glossary/preflight_request which is a redirect
    • Macro produces link /en-US/docs/Glossary/preflight_request which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Early-Data
Title: Early-Data
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Allow
Title: Allow
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Accept-Encoding
Title: Accept-Encoding
Flaw count: 6

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/GZip_compression is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/GZip_compression which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Forwarded
Title: Forwarded
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Clear-Site-Data
Title: Clear-Site-Data
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
Title: Access-Control-Allow-Origin
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/origin is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Platform
Title: Sec-CH-UA-Platform
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Platform-Version
Title: Sec-CH-UA-Platform-Version
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
Title: Access-Control-Allow-Credentials
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Server
Title: Server
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Upgrade
Title: Upgrade
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/X-Forwarded-Host
Title: X-Forwarded-Host
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Proxy-Authenticate
Title: Proxy-Authenticate
Flaw count: 6

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/proxy_server is ill cased
    • /en-US/docs/Glossary/base64 is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/proxy_server which is a redirect
    • Macro produces link /en-US/docs/Glossary/base64 which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/X-Forwarded-For
Title: X-Forwarded-For
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/proxy_server is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/proxy_server which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
Title: Access-Control-Max-Age
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/preflight_request is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/preflight_request which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Range
Title: Range
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Want-Repr-Digest
Title: Want-Repr-Digest
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/DNT
Title: DNT
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Web/API/navigator/globalPrivacyControl is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Web/API/navigator/globalPrivacyControl which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Service-Worker-Navigation-Preload
Title: Service-Worker-Navigation-Preload
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Accept-CH
Title: Accept-CH
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-Fetch-User
Title: Sec-Fetch-User
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/fetch_metadata_request_header is ill cased
    • /en-US/docs/Glossary/Fetch_Metadata_Request_Header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/fetch_metadata_request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/Fetch_Metadata_Request_Header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-CH-Prefers-Reduced-Motion
Title: Sec-CH-Prefers-Reduced-Motion
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Protocol
Title: Sec-WebSocket-Protocol
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/SourceMap
Title: SourceMap
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/source_map is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/source_map which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Alt-Svc
Title: Alt-Svc
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Trailer
Title: Trailer
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Attribution-Reporting-Register-Source
Title: Attribution-Reporting-Register-Source
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Accept-Language
Title: Accept-Language
Flaw count: 6

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Web/API/navigator/languages is ill cased
    • /en-US/docs/Glossary/fingerprinting is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Web/API/navigator/languages which is a redirect
    • Macro produces link /en-US/docs/Glossary/fingerprinting which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Expect
Title: Expect
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-Purpose
Title: Sec-Purpose
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/fetch_metadata_request_header is ill cased
    • /en-US/docs/Glossary/Fetch_Metadata_Request_Header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/fetch_metadata_request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/Fetch_Metadata_Request_Header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/From
Title: From
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Mobile
Title: Sec-CH-UA-Mobile
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/DPR
Title: DPR
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/X-Frame-Options
Title: X-Frame-Options
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Downlink
Title: Downlink
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/fingerprinting is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/fingerprinting which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Via
Title: Via
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/X-Robots-Tag
Title: X-Robots-Tag
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/robots.txt is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/robots.txt which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Observe-Browsing-Topics
Title: Observe-Browsing-Topics
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Service-Worker
Title: Service-Worker
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
Title: Strict-Transport-Security
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Content-Range
Title: Content-Range
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Content-Security-Policy
Title: Content-Security-Policy (CSP)
Flaw count: 6

  • broken_links:
    • /en-US/docs/Glossary/cross-site_scripting is ill cased
    • /en-US/docs/Glossary/host is ill cased
    • /en-US/docs/Glossary/origin is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/cross-site_scripting which is a redirect
    • Macro produces link /en-US/docs/Glossary/host which is a redirect
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Service-Worker-Allowed
Title: Service-Worker-Allowed
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Transfer-Encoding
Title: Transfer-Encoding
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Permissions-Policy
Title: Permissions-Policy
Flaw count: 6

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Web/API/document/domain is ill cased
    • /en-US/docs/Web/API/document/domain is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Web/API/document/domain which is a redirect
    • Macro produces link /en-US/docs/Web/API/document/domain which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests
Title: Upgrade-Insecure-Requests
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Set-Login
Title: Set-Login
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Referrer-Policy
Title: Referrer-Policy
Flaw count: 10

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/origin is ill cased
    • /en-US/docs/Glossary/origin is ill cased
    • /en-US/docs/Glossary/origin is ill cased
    • /en-US/docs/Glossary/origin is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Keep-Alive
Title: Keep-Alive
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Host
Title: Host
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Content-Location
Title: Content-Location
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/representation_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/representation_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Width
Title: Width
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control
Title: X-DNS-Prefetch-Control
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
Title: Access-Control-Allow-Headers
Flaw count: 6

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/preflight_request is ill cased
    • /en-US/docs/Glossary/preflight_request is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/preflight_request which is a redirect
    • Macro produces link /en-US/docs/Glossary/preflight_request which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
Title: Content-Security-Policy-Report-Only
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Location
Title: Location
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/User-Agent
Title: User-Agent
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/user_agent is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/user_agent which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Accept-Patch
Title: Accept-Patch
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Expect-CT
Title: Expect-CT
Flaw count: 3

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
  • unknown:
    • No generic content config found

URL: /en-US/docs/Web/HTTP/Headers/ETag
Title: ETag
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-Fetch-Site
Title: Sec-Fetch-Site
Flaw count: 10

  • broken_links:
    • /en-US/docs/Glossary/fetch_metadata_request_header is ill cased
    • /en-US/docs/Glossary/fetch_metadata_request_header is ill cased
    • /en-US/docs/Glossary/Fetch_Metadata_Request_Header is ill cased
    • /en-US/docs/Glossary/origin is ill cased
    • /en-US/docs/Glossary/site is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/fetch_metadata_request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/fetch_metadata_request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/Fetch_Metadata_Request_Header which is a redirect
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect
    • Macro produces link /en-US/docs/Glossary/site which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Content-Digest
Title: Content-Digest
Flaw count: 8

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/digest is ill cased
    • /en-US/docs/Glossary/base64 is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/digest which is a redirect
    • Macro produces link /en-US/docs/Glossary/base64 which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/If-Modified-Since
Title: If-Modified-Since
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Bitness
Title: Sec-CH-UA-Bitness
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Reporting-Endpoints
Title: Reporting-Endpoints
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Extensions
Title: Sec-WebSocket-Extensions
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-GPC
Title: Sec-GPC
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/X-XSS-Protection
Title: X-XSS-Protection
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Origin-Agent-Cluster
Title: Origin-Agent-Cluster
Flaw count: 8

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Glossary/origin is ill cased
    • /en-US/docs/Glossary/site is ill cased
    • /en-US/docs/Glossary/origin is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect
    • Macro produces link /en-US/docs/Glossary/site which is a redirect
    • Macro produces link /en-US/docs/Glossary/origin which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Report-To
Title: Report-To
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
Title: Access-Control-Expose-Headers
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method
Title: Access-Control-Request-Method
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/preflight_request is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/preflight_request which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Server-Timing
Title: Server-Timing
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Set-Cookie
Title: Set-Cookie
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Web/HTTP/Headers/DATE is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Web/HTTP/Headers/DATE which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Attribution-Reporting-Register-Trigger
Title: Attribution-Reporting-Register-Trigger
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Full-Version
Title: Sec-CH-UA-Full-Version
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Refresh
Title: Refresh
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
    • /en-US/docs/Web/API/document/referrer is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect
    • Macro produces link /en-US/docs/Web/API/document/referrer which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Date
Title: Date
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Accept
Title: Sec-WebSocket-Accept
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Tk
Title: Tk
Flaw count: 4

  • broken_links:
    • /en-US/docs/Web/API/navigator/globalPrivacyControl is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Web/API/navigator/globalPrivacyControl which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Want-Content-Digest
Title: Want-Content-Digest
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Arch
Title: Sec-CH-UA-Arch
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
Title: X-Forwarded-Proto
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Age
Title: Age
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/response_header is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/response_header which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers
Title: Access-Control-Request-Headers
Flaw count: 4

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
    • /en-US/docs/Glossary/preflight_request is ill cased
  • macros:
    • Macro produces link /en-US/docs/Glossary/request_header which is a redirect
    • Macro produces link /en-US/docs/Glossary/preflight_request which is a redirect

URL: /en-US/docs/Web/HTTP/Headers/Max-Forwards
Title: Max-Forwards
Flaw count: 2

  • broken_links:
    • /en-US/docs/Glossary/request_header is ill cased
  • macros:
    • `Macro produces link /en-U…

TRUNCATED!

@sideshowbarker sideshowbarker merged commit 442db82 into mdn:main Feb 24, 2025
8 checks passed
@Josh-Cena Josh-Cena deleted the forbidden-request-header branch February 24, 2025 14:17
cssinate pushed a commit to cssinate/content that referenced this pull request Apr 11, 2025
@Josh-Cena @paul-grant-hs
Sync with fetch spec for Forbidden request header (mdn#38296)
1a52a33
mfuji09 added a commit to mfuji09/MDN-translated-content that referenced this pull request Apr 13, 2025
@mfuji09
禁止ヘッダー名→禁止リクエストヘッダー(mdn/content#38296 を反映)
bcf5f33
mfuji09 added a commit to mfuji09/MDN-translated-content that referenced this pull request Apr 13, 2025
@mfuji09
禁止ヘッダー名→禁止リクエストヘッダー(mdn/content#38296 を反映)
e1c129e
@mfuji09 mfuji09 mentioned this pull request Apr 13, 2025
Merged
mfuji09 added a commit to mdn/translated-content that referenced this pull request Apr 17, 2025
@mfuji09
禁止ヘッダー名→禁止リクエストヘッダー(mdn/content#38296 を反映)
4457c6c
@verhovsky
Copy link
Contributor

verhovsky commented Nov 7, 2025

This is wrong because for example https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Permissions-Policy is a response header, but you added "Forbidden request header: yes", which makes no sense. The table says

  • Header type: Response header
  • Forbidden request header: yes

A "Response header" can't be a "Forbidden request header" because it's not a "Request header".

Permissions-Policy is also a special case because it's actually not a forbidden request header according to the spec and Chrome's source code, which is why I ended up reading its article, but you did this for a lot of headers so I'm pretty sure it's wrong for other headers too.

#41830

@Josh-Cena
Copy link
Member Author

Josh-Cena commented Nov 7, 2025

@verhovsky This PR makes no changes wrt correctness. The fetch spec renamed "forbidden header name" to forbidden request header", but both of these terms describe request headers, before and after. So the content was already incorrect before this PR.

@verhovsky
Copy link
Contributor

verhovsky commented Nov 7, 2025
edited
Loading

The fetch spec says "forbidden request headers" and "forbidden response headers". A response is not called an "after-request" anywhere.

Calling Permissions-Policy a "header name" (as before) is correct. It's the name of a header. Calling it a request header [name] is incorrect because it doesn't go in requests.

@Josh-Cena
Copy link
Member Author

Josh-Cena commented Nov 7, 2025

"Forbidden header name" has always meant "forbidden request header" in the fetch spec, despite its confusing name. The original content is as wrong as the current content.

@verhovsky verhovsky mentioned this pull request Nov 7, 2025
Closed
@hamishwillee
Copy link
Collaborator

hamishwillee commented Nov 13, 2025

FWIW in #41938 I modified the Permissions-Policy to "Forbidden Response Header" value of "no" based on ttps://fetch.spec.whatwg.org/#forbidden-response-header-name

@Josh-Cena Josh-Cena mentioned this pull request Nov 13, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sideshowbarker sideshowbarker sideshowbarker approved these changes

@hamishwillee hamishwillee Awaiting requested review from hamishwillee hamishwillee was automatically assigned from mdn/yari-content-http

@pepelsbey pepelsbey Awaiting requested review from pepelsbey pepelsbey was automatically assigned from mdn/core-yari-content

Assignees

No one assigned

Labels

Content:Firefox Content in the Mozilla/Firefox subtree Content:Glossary Glossary entries Content:HTTP HTTP docs Content:Meta Content in the meta docs Content:WebAPI Web API docs size/m [PR only] 51-500 LoC changed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Change to "Forbidden header name"

4 participants

@Josh-Cena @verhovsky @hamishwillee @sideshowbarker