Upgrade-Insecure-Requests Header
Table of Content
The Upgrade-Insecure-Requests header is a security feature used in web browsers that informs the server that the web browser client can handle secure (HTTPS) connections. This comes in handy when the server is required to upgrade insecure HTTP connections to secure HTTPS connections and prevents the need for multiple redirects which may increase load time. Essentially, it helps the client to protect its privacy during webpage transitions.
Syntax
The Upgrade-Insecure-Requests has a simple syntax:
Upgrade-Insecure-Requests: 1Directives
The Upgrade-Insecure-Requests header has only one directive:
1: The number one is used as a token to specify that the client supports the Upgrade-Insecure-Requests header.
Examples
Here is an example of how the Upgrade-Insecure-Requests header is used in an HTTP request:
GET /index.html HTTP/1.1
Host: www.example.com
Upgrade-Insecure-Requests: 1Browser Compatibility
| Browser | Compatibility |
|---|---|
| Chrome | Supported |
| Firefox | Supported |
| Safari | Supported |
| Opera | Supported |
| Edge | Supported |
How to modify Upgrade-Insecure-Requests header
ModHeader is a Chrome extension that allows you to modify both request and response HTTP headers. Here is how you can use ModHeader to modify the Upgrade-Insecure-Requests header:
- Install the ModHeader from the Chrome Web Store.
- Open the extension by clicking on its icon next to the address bar in Chrome.
- In the 'Request Headers' section, click 'Add' button.
- In the 'Name' field, input
Upgrade-Insecure-Requests. - In the 'Value' field, input
1.
By setting the Upgrade-Insecure-Requests header to 1, ModHeader informs the server that the client is capable of handling secure HTTPS connections. This can be particularly useful when testing website pages in secure and non-secure environments.