1. 面向开发者的 Web 技术
  2. HTTP
  3. 参考
  4. HTTP 标头
  5. Upgrade-Insecure-Requests

此页面由社区从英文翻译而来。了解更多并加入 MDN Web Docs 社区。

View in English Always switch to English

Upgrade-Insecure-Requests 标头

Baseline Widely available

This feature is well established and works across many devices and browser versions. It’s been available across browsers since ⁨2018年4月⁩.

HTTP Upgrade-Insecure-Requests 请求标头向服务器发送一个信号,表明客户端偏好加密且经过认证的响应,并且客户端能够成功处理 upgrade-insecure-requests CSP 指令。

标头类型 请求标头
禁止修改的请求标头

语法

http
Upgrade-Insecure-Requests: <boolean>

指令

<boolean>

1 表示“true”,并且是该字段唯一有效的值。

示例

使用 Upgrade-Insecure-Requests

客户端的请求会向服务器表明它支持 upgrade-insecure-requests 的升级机制:

http
GET / HTTP/1.1
Host: example.com
Upgrade-Insecure-Requests: 1

服务器现在可以将请求重定向到站点的安全版本。可以使用 Vary 标头,以避免缓存向不支持升级机制的客户端提供相同的站点内容。

http
Location: https://example.com/
Vary: Upgrade-Insecure-Requests

规范

Specification
Upgrade Insecure Requests
# preference

浏览器兼容性

参见

Help improve MDN

Learn how to contribute

This page was last modified on by MDN contributors.

View this page on GitHubReport a problem with this content