Set a request header in JavaScript

Question

It seems that I am unable to change most request headers from JavaScript when making an AJAX call using XMLHttpRequest   Note that when request setRequestHeader has to be called after request open   in Gecko browsers  see http   ajaxpatterns org Talk XMLHttpRequest Call    When I set the Referer  it doesn t get set  I looked at the request headers sent using Firebug and Tamper Data    When I set User-Agent  it messed up the AJAX call completely  Setting Accept and Content-Type does work  however  Are we prevented from setting Referer and User-Agent in Firefox 3   var request   new XMLHttpRequest    var path  http   www yahoo com   request onreadystatechange state change   request open  GET   path  true   request setRequestHeader  Referer    http   www google com      request setRequestHeader  User-Agent    Mozilla 5 0    request setRequestHeader  Accept   text plain    request setRequestHeader  Content-Type   text plain     request send null       function state change     if  request readyState  4        4    loaded    if  request status  200          200   OK           our code here        alert  ok            else           alert  Problem retrieving XML data

User · Accepted Answer

W3C Spec on setrequestheader   The brief points      If the request header had   already been set  then the new value   MUST be concatenated to the existing   value using a U 002C COMMA followed by   a U 0020 SPACE for separation       UAs MAY give the User-Agent header an initial value  but MUST allow authors to append values to it    However - After searching through the framework XHR in jQuery they don t allow you to change the User-Agent or Referer headers   The closest thing      Set header so the called script knows that it s an XMLHttpRequest xhr setRequestHeader  X-Requested-With    XMLHttpRequest      I m leaning towards the opinion that what you want to do is being denied by a security policy in FF - if you want to pass some custom Referer type header you could always do   xhr setRequestHeader  X-Alt-Referer    http   www google com

User · Answer

For people looking this up now   It seems that now setting the User-Agent header is allowed since Firefox 43  See https   developer mozilla org en-US docs Glossary Forbidden header name for the current list of forbidden headers

User · Answer

gnarf answer is right   wanted to add more information    Mozilla Bug Reference   https   bugzilla mozilla org show bug cgi id 627942  Terminate these steps if header is a case-insensitive match for one of the following headers   Accept-Charset Accept-Encoding Access-Control-Request-Headers Access-Control-Request-Method Connection Content-Length Cookie Cookie2 Date DNT Expect Host Keep-Alive Origin Referer TE Trailer Transfer-Encoding Upgrade User-Agent Via   Source   https   dvcs w3 org hg xhr raw-file tip Overview html dom-xmlhttprequest-setrequestheader

[javascript] Set a request header in JavaScript

Examples related to javascript

Examples related to ajax