HTTP Headers: Remove tags/add status where necessary

[hamishwillee]

This removes tags on all the HTTP header docs. It is part of mdn/mdn#262

[github-actions]

Preview URLs (179 pages)

• /en-US/docs/Web/HTTP/Headers/Accept-CH
• /en-US/docs/Web/HTTP/Headers/Accept-Charset
• /en-US/docs/Web/HTTP/Headers/Accept-Encoding
• /en-US/docs/Web/HTTP/Headers/Accept-Language
• /en-US/docs/Web/HTTP/Headers/Accept-Patch
• /en-US/docs/Web/HTTP/Headers/Accept-Post
• /en-US/docs/Web/HTTP/Headers/Accept-Ranges
• /en-US/docs/Web/HTTP/Headers/Accept
• /en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
• /en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
• /en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
• /en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
• /en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
• /en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
• /en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers
• /en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method
• /en-US/docs/Web/HTTP/Headers/Age
• /en-US/docs/Web/HTTP/Headers/Allow
• /en-US/docs/Web/HTTP/Headers/Alt-Svc
• /en-US/docs/Web/HTTP/Headers/Authorization
• /en-US/docs/Web/HTTP/Headers/Clear-Site-Data
• /en-US/docs/Web/HTTP/Headers/Connection
• /en-US/docs/Web/HTTP/Headers/Content-Disposition
• /en-US/docs/Web/HTTP/Headers/Content-Encoding
• /en-US/docs/Web/HTTP/Headers/Content-Language
• /en-US/docs/Web/HTTP/Headers/Content-Length
• /en-US/docs/Web/HTTP/Headers/Content-Location
• /en-US/docs/Web/HTTP/Headers/Content-Range
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/Sources
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/base-uri
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/child-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/connect-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/img-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/manifest-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/media-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/object-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/plugin-types
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/prefetch-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/referrer
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/require-trusted-types-for
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src-attr
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src-elem
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src-attr
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src-elem
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/trusted-types
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/worker-src
• /en-US/docs/Web/HTTP/Headers/Content-Security-Policy
• /en-US/docs/Web/HTTP/Headers/Content-Type
• /en-US/docs/Web/HTTP/Headers/Cookie
• /en-US/docs/Web/HTTP/Headers/Critical-CH
• /en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy
• /en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy
• /en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy
• /en-US/docs/Web/HTTP/Headers/DNT
• /en-US/docs/Web/HTTP/Headers/DPR
• /en-US/docs/Web/HTTP/Headers/Date
• /en-US/docs/Web/HTTP/Headers/Device-Memory
• /en-US/docs/Web/HTTP/Headers/Digest
• /en-US/docs/Web/HTTP/Headers/Downlink
• /en-US/docs/Web/HTTP/Headers/ECT
• /en-US/docs/Web/HTTP/Headers/ETag
• /en-US/docs/Web/HTTP/Headers/Early-Data
• /en-US/docs/Web/HTTP/Headers/Expect-CT
• /en-US/docs/Web/HTTP/Headers/Expect
• /en-US/docs/Web/HTTP/Headers/Expires
• /en-US/docs/Web/HTTP/Headers/Forwarded
• /en-US/docs/Web/HTTP/Headers/From
• /en-US/docs/Web/HTTP/Headers/Host
• /en-US/docs/Web/HTTP/Headers/If-Match
• /en-US/docs/Web/HTTP/Headers/If-Modified-Since
• /en-US/docs/Web/HTTP/Headers/If-None-Match
• /en-US/docs/Web/HTTP/Headers/If-Range
• /en-US/docs/Web/HTTP/Headers/If-Unmodified-Since
• /en-US/docs/Web/HTTP/Headers/Keep-Alive
• /en-US/docs/Web/HTTP/Headers/Large-Allocation
• /en-US/docs/Web/HTTP/Headers/Last-Modified
• /en-US/docs/Web/HTTP/Headers/Link
• /en-US/docs/Web/HTTP/Headers/Location
• /en-US/docs/Web/HTTP/Headers/Max-Forwards
• /en-US/docs/Web/HTTP/Headers/NEL
• /en-US/docs/Web/HTTP/Headers/Origin
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/accelerometer
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/ambient-light-sensor
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/autoplay
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/battery
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/camera
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/display-capture
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/document-domain
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/encrypted-media
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/execution-while-not-rendered
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/execution-while-out-of-viewport
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/fullscreen
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/gamepad
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/geolocation
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/gyroscope
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/hid
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/idle-detection
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/local-fonts
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/magnetometer
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/microphone
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/midi
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/payment
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/picture-in-picture
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/publickey-credentials-get
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/screen-wake-lock
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/serial
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/speaker-selection
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/usb
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/web-share
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy/xr-spatial-tracking
• /en-US/docs/Web/HTTP/Headers/Permissions-Policy
• /en-US/docs/Web/HTTP/Headers/Pragma
• /en-US/docs/Web/HTTP/Headers/Proxy-Authenticate
• /en-US/docs/Web/HTTP/Headers/Proxy-Authorization
• /en-US/docs/Web/HTTP/Headers/RTT
• /en-US/docs/Web/HTTP/Headers/Range
• /en-US/docs/Web/HTTP/Headers/Referer
• /en-US/docs/Web/HTTP/Headers/Referrer-Policy
• /en-US/docs/Web/HTTP/Headers/Retry-After
• /en-US/docs/Web/HTTP/Headers/Save-Data
• /en-US/docs/Web/HTTP/Headers/Sec-CH-Prefers-Reduced-Motion
• /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Arch
• /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Bitness
• /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Full-Version-List
• /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Full-Version
• /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Mobile
• /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Model
• /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Platform-Version
• /en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Platform
• /en-US/docs/Web/HTTP/Headers/Sec-CH-UA
• /en-US/docs/Web/HTTP/Headers/Sec-Fetch-Dest
• /en-US/docs/Web/HTTP/Headers/Sec-Fetch-Mode
• /en-US/docs/Web/HTTP/Headers/Sec-Fetch-Site
• /en-US/docs/Web/HTTP/Headers/Sec-Fetch-User
• /en-US/docs/Web/HTTP/Headers/Sec-GPC
• /en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Accept
• /en-US/docs/Web/HTTP/Headers/Server-Timing
• /en-US/docs/Web/HTTP/Headers/Server
• /en-US/docs/Web/HTTP/Headers/Service-Worker-Navigation-Preload
• /en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
• /en-US/docs/Web/HTTP/Headers/Set-Cookie
• /en-US/docs/Web/HTTP/Headers/SourceMap
• /en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
• /en-US/docs/Web/HTTP/Headers/TE
• /en-US/docs/Web/HTTP/Headers/Timing-Allow-Origin
• /en-US/docs/Web/HTTP/Headers/Tk
• /en-US/docs/Web/HTTP/Headers/Trailer
• /en-US/docs/Web/HTTP/Headers/Transfer-Encoding
• /en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests
• /en-US/docs/Web/HTTP/Headers/Upgrade
• /en-US/docs/Web/HTTP/Headers/User-Agent/Firefox
• /en-US/docs/Web/HTTP/Headers/User-Agent
• /en-US/docs/Web/HTTP/Headers/Vary
• /en-US/docs/Web/HTTP/Headers/Via
• /en-US/docs/Web/HTTP/Headers/Viewport-Width
• /en-US/docs/Web/HTTP/Headers/WWW-Authenticate
• /en-US/docs/Web/HTTP/Headers/Want-Digest
• /en-US/docs/Web/HTTP/Headers/Warning
• /en-US/docs/Web/HTTP/Headers/Width
• /en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
• /en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control
• /en-US/docs/Web/HTTP/Headers/X-Forwarded-For
• /en-US/docs/Web/HTTP/Headers/X-Forwarded-Host
• /en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
• /en-US/docs/Web/HTTP/Headers/X-Frame-Options
• /en-US/docs/Web/HTTP/Headers/X-XSS-Protection
• /en-US/docs/Web/HTTP/Headers

Flaws (5)

Note! 174 documents with no flaws that don't need to be listed. 🎉

URL: /en-US/docs/Web/HTTP/Headers/User-Agent/Firefox
Title: Firefox user agent string reference
Flaw count: 1

• broken_links:
  • Can't resolve /en-US/docs/Browser_Detection_and_Cross_Browser_Support

---

URL: /en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy
Title: Cross-Origin-Resource-Policy
Flaw count: 1

• broken_links:
  • Can't resolve /en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)

---

URL: /en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Accept
Title: Sec-WebSocket-Accept
Flaw count: 1

• bad_bcd_queries:
  • No BCD data for query: http.headers.Sec-WebSocket-Accept

---

URL: /en-US/docs/Web/HTTP/Headers/Permissions-Policy
Title: Permissions-Policy
Flaw count: 1

• broken_links:
  • No need for the pathname in anchor links if it's the same page

---

URL: /en-US/docs/Web/HTTP/Headers/Permissions-Policy/usb
Title: Permissions-Policy: usb
Flaw count: 1

• macros:
  • /en-US/docs/Web/API/Navigator/usb does not exist

External URLs (155)

URL: /en-US/docs/Web/HTTP/Headers
Title: HTTP headers

• https://datatracker.ietf.org/doc/html/draft-ruellan-http-accept-push-policy-00 (2 times)
• https://datatracker.ietf.org/doc/html/rfc4229 (1 time)
• https://datatracker.ietf.org/doc/html/rfc5988 (1 time)
• https://datatracker.ietf.org/doc/html/rfc6648 (1 time)
• https://developers.google.com/search/docs/advanced/robots/robots_meta_tag (1 time)
• https://en.wikipedia.org/wiki/List_of_HTTP_header_fields (1 time)
• https://firefox-source-docs.mozilla.org/devtools-user/debugger/how_to/use_a_source_map/index.html (1 time)
• https://httpwg.org/specs/ (1 time)
• https://httpwg.org/specs/rfc9110.html (2 times)
• https://w3c.github.io/ServiceWorker/ (2 times)
• https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html (3 times)
• https://www.adobe.com/devnet-docs/acrobatetk/tools/AppSec/CrossDomain_PolicyFile_Specification.pdf (1 time)
• https://www.iana.org/assignments/message-headers/message-headers.xhtml (3 times)

---

URL: /en-US/docs/Web/HTTP/Headers/TE
Title: TE

• https://en.wikipedia.org/wiki/Chunked_transfer_encoding (1 time)
• https://en.wikipedia.org/wiki/LZ77_and_LZ78 (1 time)
• https://en.wikipedia.org/wiki/LZW (1 time)
• https://en.wikipedia.org/wiki/Zlib (1 time)
• https://httpwg.org/specs/rfc9113.html (1 time)
• https://httpwg.org/specs/rfc9114.html (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Location
Title: Content-Location

• https://en.wikipedia.org/wiki/Comma-separated_values (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Set-Cookie
Title: Set-Cookie

• https://datatracker.ietf.org/doc/html/rfc6265 (1 time)
• https://en.wikipedia.org/wiki/URL_encoding (1 time)
• https://fetch.spec.whatwg.org/ (2 times)

---

URL: /en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
Title: SameSite cookies

• https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-10 (1 time)
• https://phabricator.services.mozilla.com/D63081 (1 time)
• https://web.dev/samesite-cookies-explained/ (1 time)
• https://www.chromium.org/updates/same-site (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Alt-Svc
Title: Alt-Svc

• https://www.mnot.net/blog/2016/03/09/alt-svc (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/ETag
Title: ETag

• https://www.w3.org/1999/04/Editing/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Sec-Fetch-Site
Title: Sec-Fetch-Site

• https://secmetadata.appspot.com/ (1 time)
• https://web.dev/fetch-metadata/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/X-Frame-Options
Title: X-Frame-Options

• https://docs.microsoft.com/archive/blogs/ie/ie8-security-part-vii-clickjacking-defenses (1 time)
• https://docs.microsoft.com/archive/blogs/ieinternals/combating-clickjacking-with-x-frame-options (1 time)
• https://helmetjs.github.io/ (1 time)
• https://helmetjs.github.io/docs/frameguard/ (1 time)
• https://support.microsoft.com/en-US/office/mitigating-framesniffing-with-the-x-frame-options-header-1911411b-b51e-49fd-9441-e8301dcdcd79 (1 time)
• https://w3c.github.io/webappsec-csp/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Accept-Patch
Title: Accept-Patch

• https://datatracker.ietf.org/doc/html/rfc7231 (1 time)
• https://www.iana.org/assignments/http-parameters/http-parameters.xml (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Via
Title: Via

• https://github.com/heroku/vegur (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Connection
Title: Connection

• https://httpwg.org/specs/rfc9113.html (1 time)
• https://httpwg.org/specs/rfc9114.html (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Proxy-Authorization
Title: Proxy-Authorization

• https://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Retry-After
Title: Retry-After

• https://webmasters.googleblog.com/2011/01/how-to-deal-with-planned-site-downtime.html (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Link
Title: Link

• https://en.wikipedia.org/wiki/URL_encoding (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Security-Policy
Title: Content-Security-Policy

• https://csp.withgoogle.com/docs/strict-csp.html (1 time)
• https://github.com/google/csp-evaluator (1 time)
• https://infosec.mozilla.org/guidelines/web_security (1 time)
• https://w3c.github.io/trusted-types/dist/spec/ (2 times)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/connect-src
Title: CSP: connect-src

• CSP: connect-src 'self' and websockets w3c/webappsec-csp#7 (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src
Title: CSP: default-src

• https://www.w3.org/TR/CSP/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
Title: CSP: frame-ancestors

• https://w3c.github.io/webappsec-csp/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/Sources
Title: CSP source values

• https://www.w3.org/TR/CSP3/ (2 times)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/object-src
Title: CSP: object-src

• https://csp.withgoogle.com/docs/strict-csp.html (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action
Title: CSP: form-action

• CSP: form-action and redirects w3c/webappsec-csp#8 (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/WWW-Authenticate
Title: WWW-Authenticate

• 🚨 http://www.example.org/dir/index.html (1 time)
• https://datatracker.ietf.org/doc/html/rfc7616 (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Want-Digest
Title: Want-Digest

• https://datatracker.ietf.org/doc/draft-ietf-httpbis-digest-headers/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Vary
Title: Vary

• https://docs.microsoft.com/archive/blogs/ieinternals/vary-with-care (1 time)
• https://www.fastly.com/blog/best-practices-using-vary-header (1 time)
• https://www.smashingmagazine.com/2017/11/understanding-vary-header/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Sec-Fetch-User
Title: Sec-Fetch-User

• https://secmetadata.appspot.com/ (1 time)
• https://web.dev/fetch-metadata/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Proxy-Authenticate
Title: Proxy-Authenticate

• https://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/If-None-Match
Title: If-None-Match

• https://www.w3.org/1999/04/Editing/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
Title: Strict-Transport-Security

• https://blog.sidstamm.com/2010/08/http-strict-transport-security-has.html (1 time)
• https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html (1 time)
• https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security (1 time)
• https://hacks.mozilla.org/2010/08/firefox-4-http-strict-transport-security-force-https/ (1 time)
• https://hg.mozilla.org/mozilla-central/raw-file/tip/security/manager/ssl/nsSTSPreloadList.inc (1 time)
• https://hstspreload.org (1 time)
• https://hstspreload.org/ (2 times)
• https://www.chromium.org/hsts (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Disposition
Title: Content-Disposition

• https://bugzil.la/588781 (1 time)
• https://datatracker.ietf.org/doc/html/rfc5987 (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/If-Unmodified-Since
Title: If-Unmodified-Since

• https://en.wikipedia.org/wiki/Optimistic_concurrency_control (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Accept-Post
Title: Accept-Post

• https://datatracker.ietf.org/doc/html/rfc7231 (1 time)
• https://www.iana.org/assignments/http-parameters/http-parameters.xml (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
Title: Access-Control-Max-Age

• https://searchfox.org/mozilla-central/source/netwerk/protocol/http/nsCORSListenerProxy.cpp (1 time)
• https://source.chromium.org/chromium/chromium/src/+/main:services/network/public/cpp/cors/preflight_result.cc;drc=49e7c0b4886cac1f3d09dc046bd528c9c811a0fa;l=31 (1 time)
• https://source.chromium.org/chromium/chromium/src/+/main:services/network/public/cpp/cors/preflight_result.cc;drc=52002151773d8cd9ffc5f557cd7cc880fddcae3e;l=36 (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Accept-Encoding
Title: Accept-Encoding

• https://en.wikipedia.org/wiki/Brotli (1 time)
• https://en.wikipedia.org/wiki/DEFLATE (1 time)
• https://en.wikipedia.org/wiki/LZ77_and_LZ78 (1 time)
• https://en.wikipedia.org/wiki/LZW (1 time)
• https://en.wikipedia.org/wiki/Zlib (1 time)
• https://www.iana.org/assignments/http-parameters/http-parameters.xml (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Referer
Title: Referer

• https://blog.mozilla.org/security/2015/01/21/meta-referrer/ (1 time)
• https://en.wikipedia.org/wiki/HTTP_referer (2 times)

---

URL: /en-US/docs/Web/HTTP/Headers/If-Match
Title: If-Match

• https://www.w3.org/1999/04/Editing/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Language
Title: Content-Language

• https://datatracker.ietf.org/doc/html/rfc5646 (1 time)
• https://en.wikipedia.org/wiki/ISO_639 (1 time)
• https://en.wikipedia.org/wiki/Language_code (1 time)
• https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes (1 time)
• https://www.w3.org/International/questions/qa-http-and-lang.en (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Trailer
Title: Trailer

• https://en.wikipedia.org/wiki/Chunked_transfer_encoding (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Keep-Alive
Title: Keep-Alive

• https://datatracker.ietf.org/doc/html/draft-thomson-hybi-http-timeout-03 (1 time)
• https://httpwg.org/specs/rfc9113.html (1 time)
• https://httpwg.org/specs/rfc9114.html (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Content-Encoding
Title: Content-Encoding

• https://datatracker.ietf.org/doc/html/rfc1950 (1 time)
• https://datatracker.ietf.org/doc/html/rfc1951 (1 time)
• https://en.wikipedia.org/wiki/Brotli (1 time)
• https://en.wikipedia.org/wiki/Deflate (1 time)
• https://en.wikipedia.org/wiki/LZ77_and_LZ78 (1 time)
• https://en.wikipedia.org/wiki/LZW (1 time)
• https://en.wikipedia.org/wiki/Zlib (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Digest
Title: Digest

• https://datatracker.ietf.org/doc/draft-ietf-httpbis-digest-headers/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Referrer-Policy
Title: Referrer-Policy

• https://blog.mozilla.org/security/2015/01/21/meta-referrer/ (1 time)
• https://en.wikipedia.org/wiki/HTTP_referer (1 time)
• Point default referrer policy to a constant defined in RP spec whatwg/fetch#1066 (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Accept-Ranges
Title: Accept-Ranges

• https://datatracker.ietf.org/doc/html/rfc7233 (1 time)
• https://www.iana.org/assignments/http-parameters/http-parameters.xhtml (2 times)

---

URL: /en-US/docs/Web/HTTP/Headers/User-Agent
Title: User-Agent

• https://hacks.mozilla.org/2013/09/user-agent-detection-history-and-checklist/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/User-Agent/Firefox
Title: Firefox user agent string reference

• https://bugzil.la/1169772 (1 time)
• https://bugzil.la/581008 (1 time)
• https://bugzil.la/777710 (1 time)
• https://developer.chrome.com/docs/multidevice/user-agent/ (1 time)
• iOS Firefox useragent does NOT contain "FxiOS" as Documentation says mozilla-mobile/firefox-ios#6620 (1 time)
• https://hacks.mozilla.org/2010/09/final-user-agent-string-for-firefox-4/ (2 times)
• https://hacks.mozilla.org/2013/09/user-agent-detection-history-and-checklist/ (1 time)
• https://hg.mozilla.org/releases (1 time)
• https://lawrencemandel.com/2012/07/27/decision-made-firefox-os-user-agent-string/ (1 time)
• https://support.mozilla.org/kb/firefox-no-longer-works-mac-os-10-4-or-powerpc (1 time)
• https://wiki.mozilla.org/B2G/User_Agent/Device_Model_Inclusion_Requirements (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Sec-Fetch-Dest
Title: Sec-Fetch-Dest

• https://secmetadata.appspot.com/ (1 time)
• https://web.dev/fetch-metadata/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Clear-Site-Data
Title: Clear-Site-Data

• https://datatracker.ietf.org/doc/html/rfc7230 (1 time)
• https://wiki.mozilla.org/NPAPI:ClearSiteData (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
Title: Access-Control-Allow-Origin

• https://w3c.github.io/webappsec-cors-for-developers/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/SourceMap
Title: SourceMap

• https://firefox-source-docs.mozilla.org/devtools-user/debugger/how_to/use_a_source_map/index.html (2 times)

---

URL: /en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy
Title: Cross-Origin-Resource-Policy

• https://resourcepolicy.fyi/ (2 times)

---

URL: /en-US/docs/Web/HTTP/Headers/Expect-CT
Title: Expect-CT

• https://chromestatus.com/feature/6244547273687040 (1 time)
• https://github.com/google/certificate-transparency-community-site/blob/master/docs/google/known-logs.md (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Date
Title: Date

• https://fetch.spec.whatwg.org/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Origin
Title: Origin

• https://stackoverflow.com/questions/42239643/when-do-browsers-send-the-origin-header-when-do-browsers-set-the-origin-to-null/42242802 (2 times)

---

URL: /en-US/docs/Web/HTTP/Headers/Permissions-Policy
Title: Permissions-Policy

• https://wicg.github.io/webusb/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Sec-Fetch-Mode
Title: Sec-Fetch-Mode

• https://secmetadata.appspot.com/ (1 time)
• https://web.dev/fetch-metadata/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Accept-Charset
Title: Accept-Charset

• https://hsivonen.fi/accept-charset/ (1 time)
• https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy
Title: Cross-Origin-Opener-Policy

• https://github.com/xsleaks/xsleaks (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
Title: X-Content-Type-Options

• https://blog.mozilla.org/security/2016/08/26/mitigating-mime-confusion-attacks-in-firefox/ (1 time)
• https://chromium.googlesource.com/chromium/src/+/master/services/network/cross_origin_read_blocking_explainer.md (2 times)
• https://docs.microsoft.com/archive/blogs/ie/ie8-security-part-vi-beta-2-update (1 time)
• https://fetch.spec.whatwg.org/ (3 times)
• https://html.spec.whatwg.org/multipage/scripting.html (1 time)
• https://observatory.mozilla.org/ (1 time)

---

URL: /en-US/docs/Web/HTTP/Headers/Transfer-Encoding
Title: Transfer-Encoding

• https://datatracker.ietf.org/doc/html/rfc1950 (1 time)
• https://datatracker.ietf.org/doc/html/rfc1952 (1 time)
• https://en.wikipedia.org/wiki/Chunked_transfer_encoding (1 time)
• https://en.wikipedia.org/wiki/DEFLATE (1 time)
• https://en.wikipedia.org/wiki/HTTP/2 (1 time)
• https://en.wikipedia.org/wiki/LZ77_and_LZ78 (1 time)
• https://en.wikipedia.org/wiki/LZW (1 time)
• https://en.wikipedia.org/wiki/Zlib (1 time)

[teoli2003]

👍