Upgrade-Insecure-Requests Header

Table of Content

The Upgrade-Insecure-Requests header is a security feature used in web browsers that informs the server that the web browser client can handle secure (HTTPS) connections. This comes in handy when the server is required to upgrade insecure HTTP connections to secure HTTPS connections and prevents the need for multiple redirects which may increase load time. Essentially, it helps the client to protect its privacy during webpage transitions.


The Upgrade-Insecure-Requests has a simple syntax:

Upgrade-Insecure-Requests: 1


The Upgrade-Insecure-Requests header has only one directive:

  • 1: The number one is used as a token to specify that the client supports the Upgrade-Insecure-Requests header.


Here is an example of how the Upgrade-Insecure-Requests header is used in an HTTP request:

GET /index.html HTTP/1.1
Host: www.example.com
Upgrade-Insecure-Requests: 1

Browser Compatibility

Browser Compatibility
Chrome Supported
Firefox Supported
Safari Supported
Opera Supported
Edge Supported

How to modify Upgrade-Insecure-Requests header

ModHeader is a Chrome extension that allows you to modify both request and response HTTP headers. Here is how you can use ModHeader to modify the Upgrade-Insecure-Requests header:

  1. Install the ModHeader from the Chrome Web Store.
  2. Open the extension by clicking on its icon next to the address bar in Chrome.
  3. In the 'Request Headers' section, click 'Add' button.
  4. In the 'Name' field, input Upgrade-Insecure-Requests.
  5. In the 'Value' field, input 1.

By setting the Upgrade-Insecure-Requests header to 1, ModHeader informs the server that the client is capable of handling secure HTTPS connections. This can be particularly useful when testing website pages in secure and non-secure environments.