Allow Header

Table of Content

  • Syntax
  • Directives
  • Examples
  • Browser Compatibility
  • How to modify Allow header The Allow Header is an HTTP header that indicates the request methods that are permitted on a web resource. It is used to alert clients the methods they are allowed to perform on the requested content. For example: GET, POST, DELETE, etc. It is typically sent in response to a request which uses the OPTIONS method, but can also be included in other responses like 405 (Method not allowed).


Allow: <method>, <method>, ...


The Allow header can accommodate one or more method directives, separated by a comma. For instance:



Here are some examples of how the Allow header may appear in use:

Response to an OPTIONS request:

HTTP/1.1 200 OK

Response to a GET request on a resource that only allows HEAD:

HTTP/1.1 405 Method Not Allowed
Allow: HEAD

Browser Compatibility

Browser Compatibility
Chrome Supported
Firefox Supported
Safari Supported
Opera Supported
Edge Supported

How to modify Allow header

ModHeader is a Chromium based extension designed for modifying request and response headers. With ModHeader, you can modify the Allow header to check a server's reaction to different set of methods. To achieve this, add a new header in the ModHeader extension interface; set the header name as 'Allow' and enter the allowed methods you wish to test as the value. Confirm that the correct profile is selected and you're good to go. Remember to remove or disable headers after running your test to avoid unexpected results in your regular internet surfing.