Timing-Allow-Origin Header
Table of Content
The Timing-Allow-Origin header allows servers to specify which origin sites may receive timing resources via the Resource Timing API. Basically used for Cross-Origin Resource Sharing (CORS), this response header indicates a URI that can collect detailed timing information for any resource in the requesting page's domain.
Syntax
Timing-Allow-Origin: <origin> [, <origin>]* Directives
<origin>
- This specifies an origin. Only a single origin can be specified.
*: Any origin may receive timing resources.
Examples
// This allows any site to receive timing resources
Timing-Allow-Origin: *
// Or, specified origins may be allowed
Timing-Allow-Origin: https://example.comBrowser Compatibility
| Browser | Compatibility |
|---|---|
| Chrome | Supported |
| Firefox | Supported |
| Safari | Not Supported |
| Opera | Supported |
| Edge | Supported |
How to modify Timing-Allow-Origin header
ModHeader is a Chrome extension that allows you to modify request and response headers. Utilizing ModHeader to modify the Timing-Allow-Origin header can help debug CORS issues, among other tasks.
For instance, to set the Timing-Allow-Origin to a certain URI, follow these steps:
- Install the ModHeader extension in your Chrome browser.
- Click on ModHeader icon on the toolbar and it will open a pop-up.
- Click 'Request Headers' tab and click '+Add'.
- In the first column, type 'Timing-Allow-Origin' and in the second column, put the desired URI like 'https://example.com'.
- Close the pop-up and your settings will be saved automatically by ModHeader.
From then on, each request sent by your Chrome browser will contain this edited header. Please remember that changes made with ModHeader are not permanent and persist only until the browser is closed.