Highest Voted 'sec-fetch-site' Questions

33

votes

0 answers

Sec-Fetch-Mode and blocked CORS

So I have the same website making the same request to the same server on (1) Chrome 76 and (2) Chrome 77 from different networks and computers. One request has (1) Sec-Fetch-Mode: no-cors, Sec-Fetch-Site: cross-site and the other one (2)…

asked Sep 19 '19 at 08:46

Benjamin E.

5,042
5
38
65

8

votes

2 answers

What does the sec-fetch-site header mean? Why is the Origin header undefined?

I have an API endpoint that I call from my React app. That API is on the same domain. Something like: https://www.example.com https://www.example.com/api/update-something I use cross-fetch to do that request. I was expecting to see an Origin header…

http-headers cors fetch-api same-origin-policy sec-fetch-site

asked Feb 09 '21 at 08:41

cbdeveloper

27,898
37
155
336

1

vote

1 answer

Sec-Fetch-Mode, Sec-Fetch-Dest, Sec-Fetch-Site in request header creating CORS issue

On the backend endpoint that I am requesting from my website using axios, most of the browsers do not have "sec-fetch-mode" and "sec-fetch-site" set on the request headers and they seem to work fine. However, few browsers set the headers…

http axios cors sec-fetch-site sec-fetch-mode

asked Feb 26 '21 at 13:46

Bukks

408
7
16

1

vote

1 answer

How to get full referer URL in Chrome when sec-fetch-site is cross-site

I have a client website that is managed by client team and post clicking on login it comes to the site which is managed by us. Till now, we were extracting the referer URL from the request header and using it to take further actions, but currently…

javascript google-chrome jsp referrer-policy sec-fetch-site

asked Nov 09 '20 at 12:37

Ankit

63
9

0

votes

0 answers

an unexpected request with sec-fetch-mode: none, who triggered it?

I send a request ONLY ONCE in the browser but got 2 requests logged in the server. One of them is not expected and I wonder which mechanism triggered it. The details Only under Chrome (see the HTTP header for version). Safari does not trigger…

google-chrome sec-fetch-site sec-fetch-mode

asked Apr 22 '23 at 09:22

addlistener

871
1
12
20

0

votes

1 answer

Sec-Fetch-Site: cross-site but it’s the same site

I have two demo apps on Heroku, let’s call them a.herokuapp.com (website) and b.herokuapp.com (CDN). When visiting a.herokuapp.com in a browser, request is made for content (media) stored on b.herokuapp.com. This, by definition, should be a request…

html same-origin-policy sec-fetch-site sec-fetch-mode

asked Sep 22 '22 at 12:25

s_joe77

19
5

0

votes

1 answer

request() empty in Laravel

I have a simple Laravel application, in which a third party is redirecting to a route from an external source. This external site hits a very simple logout controller at /saml/logout

php laravel request sec-fetch-site sec-fetch-mode

asked May 21 '21 at 12:44

Jesse Luke Orange

1,949
3
29
71

-1

votes

1 answer

Deny Fetch API requests on server side (PHP or Apache) from Opera address bar

As new Opera 65 came few days ago with address bar redesign, I have noticed an issues on my web page. While typing or copying an address into the bar, Opera sends requests to server, however, I am not able to capture the requests in PHP, as it…

php apache fetch-api opera sec-fetch-site

asked Nov 29 '19 at 01:27

Dom

532
1
9
23

Questions tagged [sec-fetch-site]