Time to Stable

For a given set of browsers, what APIs are in all of them and how many days it take for the API to land in the first browser to the last.

Example Comparisons
Browsers
Features

Summary

A count of the number of APIs that landed in A first and B last.
Last in EdgeLast in Firefox
First in Edge 53
First in Firefox 142

Average time for an API to become available across Edge and Firefox

195 APIs took an average of 1970.99 days to become available to use.

API breakdown:

Average time to landing by year of first landing

If a feature landed in the earliest browser in 20XX it took Y days on average to become available in the last browser (when considering Edge and Firefox). TTA (time to available).
HTTP APIsHTTP TTA
2004 614074.43
2006 53852.40
2008 12598.00
2009 82220.00
2011 51560.60
2012 61212.00
2013 141362.21
2015 71152.29
2016 12712.75
2017 11642.27
2018 9666.22
2019 7166.29
2020 23868.17
2021 6771.17
2022 7533.00
2023 3478.33
2024 362.67
2025 7177.86

The Tortoise and the Hare

There is a natural tension on the web with respect to browser engines. Every engine has their own set of priorities which define the level of investment that they choose to make and on which areas they choose to make it.

A developer naturally wants their experiences to be available to the widest audience possible and these differing priorities create an unevenness on the platform (a lumpiness) making it harder for developers to build experiences that work everywhere.

This section highlights where browsers are pushing and pulling on the platform.

Sprinters

This table is designed to show which browsers are pushing on the platform the most.

Adding features to quickly is not always desired because developers are unlikely to adopt those features in their sites or apps.

For a given year, if a feature landed in Browser X first, how many days it take on average to be available in Edge and Firefox. TTA (time to available).
Year HTTPHTTP TTA
2004
  Firefox 614074.43
2006
  Firefox 53852.40
2008
  Firefox 12598.00
2009
  Firefox 82220.00
2011
  Firefox 51560.60
2012
  Firefox 61212.00
2013
  Firefox 141362.21
2015
  Firefox 61265.17
  Edge 1475.00
2016
  Firefox 10834.30
  Edge 2105.00
2017
  Edge 5221.80
  Firefox 6992.67
2018
  Firefox 9666.22
2019
  Firefox 7166.29
2020
  Edge 22893.86
  Firefox 1303.00
2021
  Firefox 3476.33
  Edge 31066.00
2022
  Edge 7533.00
2023
  Edge 3478.33
2024
  Edge 362.67
2025
  Edge 7177.86

Plodders

This table is designed to show which browsers are pulling on the platform the most.

For a feature that first landed in year X, how many days did it take on average for the last browser to catch up across Edge and Firefox. TTA (time to available).
Year HTTP countHTTP TTA
2004
  Edge 614074.43
2006
  Edge 53852.40
2008
  Edge 12598.00
2009
  Edge 82220.00
2011
  Edge 51560.60
2012
  Edge 61212.00
2013
  Edge 141362.21
2015
  Edge 61265.17
  Firefox 1475.00
2016
  Edge 10834.30
  Firefox 2105.00
2017
  Firefox 5221.80
  Edge 6992.67
2018
  Edge 9666.22
2019
  Edge 7166.29
2020
  Firefox 22893.86
  Edge 1303.00
2021
  Edge 3476.33
  Firefox 31066.00
2022
  Firefox 7533.00
2023
  Firefox 3478.33
2024
  Firefox 362.67
2025
  Firefox 7177.86

Stable APIs

Below is a list of features that are in Edge and Firefox

Raw Data

Quick Links:

HTTP Data

API First Browser Date Last Browser Date Days Notes
http.data-url 📋Firefox10/24/2006 Edge7/29/20153200
Edge: Before Edge 79, the maximum size supported is 4GB.Internet Explorer: Since Internet Explorer 9, the maximum size supported is 4GB.Internet Explorer: In Internet Explorer 8, the maximum size supported is 32kB.
http.data-url.css_files Firefox10/24/2006 Edge7/29/20153200
http.data-url.html_files Firefox10/24/2006 Edge1/15/20204831
http.data-url.js_files Firefox10/24/2006 Edge7/29/20153200
http.data-url.top_level_navigation_blocked Firefox3/13/2018 Edge1/15/2020673
http.headers.Accept 📋Firefox11/9/2004 Edge7/29/20153914
Firefox: In Firefox 66, the default Accept header value changed to */*.Firefox for Android: In Firefox for Android 66, the default Accept header value changed to */*.
http.headers.Accept-Encoding 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Accept-Encoding.br 📋Firefox1/26/2016 Edge4/5/2017435
Safari: Unsupported before macOS 10.13 High Sierra.
http.headers.Accept-Encoding.zstd 📋Edge3/22/2024 Firefox5/14/202453
Safari: Before macOS 26.3 Tahoe, this header value is not sent.
http.headers.Accept-Language 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Accept-Ranges 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Access-Control-Allow-Credentials 📋Firefox6/30/2009 Edge7/29/20152220
http.headers.Access-Control-Allow-Headers 📋Firefox6/30/2009 Edge7/29/20152220
http.headers.Access-Control-Allow-Headers.wildcard Firefox9/3/2019 Edge1/15/2020134
http.headers.Access-Control-Allow-Methods 📋Firefox6/30/2009 Edge7/29/20152220
http.headers.Access-Control-Allow-Methods.wildcard Firefox9/3/2019 Edge1/15/2020134
http.headers.Access-Control-Allow-Origin 📋Firefox6/30/2009 Edge7/29/20152220
http.headers.Access-Control-Expose-Headers 📋Firefox6/30/2009 Edge7/29/20152220
http.headers.Access-Control-Expose-Headers.wildcard Firefox9/3/2019 Edge1/15/2020134
http.headers.Access-Control-Max-Age 📋Firefox6/30/2009 Edge7/29/20152220
http.headers.Access-Control-Request-Headers 📋Firefox6/30/2009 Edge7/29/20152220
http.headers.Access-Control-Request-Method 📋Firefox6/30/2009 Edge7/29/20152220
http.headers.Activate-Storage-Access 📋Edge2/6/2025 Firefox1/13/2026341
http.headers.Age 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Alt-Svc 📋Firefox5/12/2015 Edge1/15/20201709
Firefox: Only supports draft-04Firefox for Android: Only supports draft-04
http.headers.Authorization 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Authorization.Basic 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Authorization.Digest 📋Firefox11/9/2004 Edge1/15/20205545
http.headers.Authorization.Digest.SHA-256 Firefox10/5/2021 Edge9/15/2023710
http.headers.Authorization.Digest.md5 Firefox11/9/2004 Edge1/15/20205545
http.headers.Authorization.NTLM Firefox11/9/2004 Edge1/15/20205545
http.headers.Authorization.Negotiate 📋Firefox11/9/2004 Edge1/15/20205545
http.headers.Cache-Control 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Cache-Control.stale-while-revalidate 📋Firefox7/9/2019 Edge1/15/2020190
http.headers.Clear-Site-Data 📋Firefox10/23/2018 Edge1/15/2020449
http.headers.Clear-Site-Data.cache 📋Edge1/15/2020 Firefox4/29/20251931
Chrome: Setting this value may increase response duration (see bug 40233601.Chrome: Setting this value may prevent a page from fully load (see bug 41343050.Chrome Android: Setting this value may increase response duration (see bug 40233601.Chrome Android: Setting this value may prevent a page from fully load (see bug 41343050.Edge: Setting this value may increase response duration (see bug 40233601.Quest Browser: Setting this value may increase response duration (see bug 40233601.Opera: Setting this value may increase response duration (see bug 40233601.Opera: Setting this value may prevent a page from fully load (see bug 41343050.Opera Android: Setting this value may increase response duration (see bug 40233601.Opera Android: Setting this value may prevent a page from fully load (see bug 41343050.Samsung Internet: Setting this value may increase response duration (see bug 40233601.WebView Android: Setting this value may increase response duration (see bug 40233601.WebView Android: Setting this value may prevent a page from fully load (see bug 41343050.
http.headers.Clear-Site-Data.cookies 📋Firefox10/23/2018 Edge1/15/2020449
http.headers.Clear-Site-Data.secure_context_required Firefox10/23/2018 Edge1/15/2020449
http.headers.Clear-Site-Data.storage 📋Firefox10/23/2018 Edge1/15/2020449
http.headers.Clear-Site-Data.wildcard 📋Firefox10/23/2018 Edge9/15/20231788
http.headers.Connection 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Content-Disposition 📋Firefox11/9/2004 Edge7/29/20153914
Chrome: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Chrome Android: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Firefox: From version 82, if an <a> element's download attribute is set (for a same-origin URL) then the inline directive is ignored. Earlier versions did not match the specification and respected the header directive over the attribute. See bug 1658877.Firefox for Android: From version 82, if an <a> element's download attribute is set (for a same-origin URL) then the inline directive is ignored. Earlier versions did not match the specification and respected the header directive over the attribute. See bug 1658877.Quest Browser: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Opera: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Opera Android: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Safari: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 18384.Safari on iOS: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 18384.Samsung Internet: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.WebView Android: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.WebView on iOS: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 18384.
http.headers.Content-Encoding 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Content-Encoding.br 📋Firefox1/26/2016 Edge4/5/2017435
Safari: Unsupported before macOS 10.13 High Sierra.
http.headers.Content-Encoding.zstd 📋Edge3/22/2024 Firefox5/14/202453
Safari: Before macOS 26.3 Tahoe, Safari cannot decode Zstandard responses.
http.headers.Content-Language 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Content-Length 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Content-Length.cors_response_safelist Edge1/15/2020 Firefox3/23/2021433
http.headers.Content-Location 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Content-Range 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Content-Security-Policy 📋Firefox8/6/2013 Edge8/2/20161092
Internet Explorer: Only supporting 'sandbox' directive.
http.headers.Content-Security-Policy.base-uri 📋Firefox1/13/2015 Edge1/15/20201828
http.headers.Content-Security-Policy.child-src 📋Firefox3/8/2016 Edge4/5/2017393
http.headers.Content-Security-Policy.connect-src 📋Edge8/2/2016 Firefox11/15/2016105
Firefox: Before Firefox 50, ping attributes of <a> elements weren't covered by connect-src.
http.headers.Content-Security-Policy.default-src 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Security-Policy.font-src 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Security-Policy.form-action 📋Firefox2/24/2015 Edge4/5/2017771
http.headers.Content-Security-Policy.frame-ancestors 📋Edge4/5/2017 Firefox1/23/2018293
Firefox: Before Firefox 58, frame-ancestors is ignored in Content-Security-Policy-Report-Only.Firefox for Android: Before Firefox for Android 58, frame-ancestors is ignored in Content-Security-Policy-Report-Only.
http.headers.Content-Security-Policy.frame-src 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Security-Policy.img-src 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Security-Policy.manifest-src 📋Firefox9/22/2015 Edge1/15/20201576
http.headers.Content-Security-Policy.media-src 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Security-Policy.meta-element-support Firefox3/8/2016 Edge10/2/2018938
http.headers.Content-Security-Policy.object-src 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Security-Policy.report-sample Firefox10/23/2018 Edge1/15/2020449
http.headers.Content-Security-Policy.report-to 📋Edge1/15/2020 Firefox9/3/20241693
http.headers.Content-Security-Policy.report-uri 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Security-Policy.sandbox 📋Edge8/2/2016 Firefox11/15/2016105
http.headers.Content-Security-Policy.script-src 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Security-Policy.script-src.external_scripts 📋Edge1/15/2020 Firefox8/1/20231294
http.headers.Content-Security-Policy.script-src.wasm-unsafe-eval Edge1/6/2022 Firefox6/28/2022173
http.headers.Content-Security-Policy.script-src-attr 📋Edge1/15/2020 Firefox12/13/20221063
http.headers.Content-Security-Policy.script-src-elem 📋Edge1/15/2020 Firefox12/13/20221063
http.headers.Content-Security-Policy.strict-dynamic Firefox3/7/2017 Edge1/15/20201044
http.headers.Content-Security-Policy.style-src 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Security-Policy.style-src-attr 📋Edge1/15/2020 Firefox12/13/20221063
http.headers.Content-Security-Policy.style-src-elem 📋Edge1/15/2020 Firefox12/13/20221063
Safari: The style-src-elem directive was parsed, but had no effect. See bug 276931.Safari on iOS: The style-src-elem directive was parsed, but had no effect. See bug 276931.WebView on iOS: The style-src-elem directive was parsed, but had no effect. See bug 276931.
http.headers.Content-Security-Policy.unsafe-hashes Edge1/15/2020 Firefox1/17/20231098
http.headers.Content-Security-Policy.upgrade-insecure-requests 📋Firefox11/3/2015 Edge4/30/2018909
http.headers.Content-Security-Policy.worker-src 📋Firefox1/23/2018 Edge1/15/2020722
Chrome: Chrome 59 and higher skips the deprecated child-src directive.Chrome Android: Chrome Android 59 and higher skips the deprecated child-src directive.Quest Browser: Quest Browser 5.0 and higher skips the deprecated child-src directive.Opera: Opera 46 and higher skips the deprecated child-src directive.Opera Android: Opera Android 43 and higher skips the deprecated child-src directive.WebView Android: WebView Android 59 and higher skips the deprecated child-src directive.
http.headers.Content-Security-Policy.worker_support Firefox11/15/2016 Edge1/15/20201156
http.headers.Content-Security-Policy-Report-Only 📋Firefox8/6/2013 Edge8/2/20161092
http.headers.Content-Type 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Cookie 📋Firefox11/9/2004 Edge7/29/20153914
Safari: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.Safari on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.WebView on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.
http.headers.Cross-Origin-Embedder-Policy 📋Edge5/21/2020 Firefox7/28/202068
http.headers.Cross-Origin-Embedder-Policy.credentialless 📋Edge11/19/2021 Firefox10/24/2023704
http.headers.Cross-Origin-Opener-Policy 📋Edge5/21/2020 Firefox7/28/202068
http.headers.Cross-Origin-Resource-Policy 📋Edge1/15/2020 Firefox3/10/202055
Chrome: Until version 75, downloads for files with this header would fail in Chrome. See bug 41452948.Chrome: From version 80 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 86, partial PDF loading is disabled.Chrome Android: Until version 75, downloads for files with this header would fail in Chrome Android. See bug 41452948.Chrome Android: From version 80 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 86, partial PDF loading is disabled.Quest Browser: Until version 7.0, downloads for files with this header would fail in Quest Browser. See bug 41452948.Quest Browser: From version 9.0 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 12.0, partial PDF loading is disabled.Opera: Until version 62, downloads for files with this header would fail in Opera. See bug 41452948.Opera: From version 67 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 72, partial PDF loading is disabled.Opera Android: Until version 54, downloads for files with this header would fail in Opera Android. See bug 41452948.Opera Android: From version 57 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 61, partial PDF loading is disabled.WebView Android: Until version 75, downloads for files with this header would fail in WebView Android. See bug 41452948.WebView Android: From version 80 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 86, partial PDF loading is disabled.
http.headers.DNT Firefox3/22/2011 Edge7/29/20151590
http.headers.Date 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.ETag 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Expires 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.From 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Host 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.If-Match 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.If-Modified-Since 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.If-None-Match 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.If-Range 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.If-Unmodified-Since 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Integrity-Policy 📋Edge6/26/2025 Firefox11/11/2025138
Firefox: Reporting endpoints are ignored (violations are logged to console).Firefox for Android: Reporting endpoints are ignored (violations are logged to console).
http.headers.Integrity-Policy.blocked-destinations_script 📋Edge6/26/2025 Firefox11/11/2025138
http.headers.Integrity-Policy-Report-Only 📋Edge6/26/2025 Firefox11/11/2025138
Firefox: Reporting endpoints are ignored (violations are logged to console).Firefox for Android: Reporting endpoints are ignored (violations are logged to console).
http.headers.Integrity-Policy-Report-Only.blocked-destinations_script 📋Edge6/26/2025 Firefox11/11/2025138
http.headers.Keep-Alive 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Last-Modified 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Link 📋Edge6/23/2022 Firefox11/21/2023516
http.headers.Link.fetchpriority 📋Edge6/23/2022 Firefox10/29/2024859
http.headers.Location 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Origin 📋Firefox10/22/2019 Edge1/15/202085
Edge: Not sent with POST requestsFirefox: Not sent with POST requests, see bug 446344.Firefox for Android: Not sent with POST requests, see bug 446344.
http.headers.Origin-Agent-Cluster 📋Edge4/15/2021 Firefox4/29/20251475
http.headers.Pragma 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Priority 📋Edge4/18/2024 Firefox7/9/202482
http.headers.Proxy-Authenticate 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Range 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Range.cors_safe Edge3/3/2022 Firefox8/29/2023544
http.headers.Referer 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Referer.length_limit_4096B Firefox10/22/2019 Edge1/15/202085
http.headers.Referrer-Policy 📋Firefox11/15/2016 Edge1/15/20201156
http.headers.Referrer-Policy.default_strict-origin-when-cross-origin Edge8/27/2020 Firefox3/23/2021208
http.headers.Referrer-Policy.same-origin Firefox3/7/2017 Edge1/15/20201044
http.headers.Referrer-Policy.strict-origin Firefox3/7/2017 Edge1/15/20201044
http.headers.Referrer-Policy.strict-origin-when-cross-origin Firefox3/7/2017 Edge1/15/20201044
http.headers.Refresh 📋Firefox11/9/2004 Edge7/29/20153914
Firefox: From version 136 the HTTP Referer header is sent following a refresh that redirects to another page (if permitted)Firefox for Android: From version 136 the HTTP Referer header is sent following a refresh that redirects to another page (if permitted)
http.headers.Report-To Edge1/15/2020 Firefox9/3/20241693
http.headers.Reporting-Endpoints 📋Edge11/19/2021 Firefox9/3/20241019
http.headers.Sec-Fetch-Dest 📋Edge2/7/2020 Firefox7/13/2021522
http.headers.Sec-Fetch-Mode 📋Edge1/15/2020 Firefox7/13/2021545
http.headers.Sec-Fetch-Site 📋Edge1/15/2020 Firefox7/13/2021545
http.headers.Sec-Fetch-Storage-Access 📋Edge2/6/2025 Firefox1/13/2026341
http.headers.Sec-Fetch-User 📋Edge1/15/2020 Firefox7/13/2021545
http.headers.Sec-Purpose 📋Edge2/9/2023 Firefox7/4/2023145
http.headers.Sec-WebSocket-Accept 📋Firefox3/13/2012 Edge7/29/20151233
http.headers.Sec-WebSocket-Extensions 📋Firefox3/13/2012 Edge7/29/20151233
http.headers.Sec-WebSocket-Key 📋Firefox3/13/2012 Edge7/29/20151233
http.headers.Sec-WebSocket-Protocol 📋Firefox3/13/2012 Edge7/29/20151233
http.headers.Sec-WebSocket-Version 📋Firefox3/13/2012 Edge7/29/20151233
http.headers.Server 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Server-Timing 📋Firefox6/26/2018 Edge1/15/2020568
http.headers.Service-Worker 📋Firefox1/26/2016 Edge10/17/2017630
http.headers.Service-Worker-Allowed 📋Firefox8/11/2015 Edge10/17/2017798
http.headers.Set-Cookie 📋Firefox11/9/2004 Edge7/29/20153914
Safari: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.Safari on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.WebView on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.
http.headers.Set-Cookie.HttpOnly Firefox6/17/2008 Edge7/29/20152598
http.headers.Set-Cookie.Max-Age Firefox11/9/2004 Edge7/29/20153914
http.headers.Set-Cookie.Partitioned 📋Edge6/2/2023 Firefox7/22/2025781
http.headers.Set-Cookie.SameSite 📋Edge10/17/2017 Firefox5/9/2018204
Safari: Safari 13 on macOS 10.14 (Mojave), treats SameSite=None and invalid values as Strict. This is fixed in version 10.15 (Catalina) and later.Safari: Treats SameSite=None and invalid values as Strict in macOS before 10.15 Catalina. See bug 198181.Safari on iOS: Treats SameSite=None and invalid values as Strict in iOS before 13. See bug 198181.WebView on iOS: Treats SameSite=None and invalid values as Strict in iOS before 13. See bug 198181.
http.headers.Set-Cookie.SameSite.Lax Edge10/17/2017 Firefox5/9/2018204
http.headers.Set-Cookie.SameSite.Lax_default Firefox9/3/2019 Edge10/9/2020402
http.headers.Set-Cookie.SameSite.None Edge10/17/2017 Firefox5/9/2018204
Chrome: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Chrome Android: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Quest Browser: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Opera: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Opera Android: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Safari: Not supported before macOS version 10.15 (Catalina).Samsung Internet: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.WebView Android: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.
http.headers.Set-Cookie.SameSite.Strict Edge10/17/2017 Firefox5/9/2018204
http.headers.Set-Cookie.SameSite.none_requires_secure Edge10/9/2020 Firefox10/1/20241453
http.headers.Set-Cookie.SameSite.schemeful Firefox7/28/2020 Edge5/27/2021303
http.headers.Set-Cookie.host_secure_prefixes Firefox11/15/2016 Edge1/15/20201156
http.headers.Set-Cookie.http_host-http_prefixes Edge9/5/2025 Firefox9/16/202511
Firefox: __Host-Http- is supported under its original name __HostHttp-. See bug 1982555.Firefox for Android: __Host-Http- is supported under its original name __HostHttp-. See bug 1982555.
http.headers.Set-Login 📋Edge12/7/2023 Firefox4/29/2025509
http.headers.SourceMap 📋Firefox8/8/2017 Edge1/15/2020890
Chrome: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Chrome Android: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Edge: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Quest Browser: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Opera: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Opera Android: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Samsung Internet: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.WebView Android: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.
http.headers.Strict-Transport-Security 📋Firefox3/22/2011 Edge7/29/20151590
http.headers.TE 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Timing-Allow-Origin 📋Firefox3/8/2016 Edge1/15/20201408
http.headers.Transfer-Encoding 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Upgrade 📋Firefox8/16/2011 Edge7/29/20151443
http.headers.Upgrade-Insecure-Requests 📋Firefox8/2/2016 Edge4/30/2018636
http.headers.User-Agent 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Vary 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.Via 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.WWW-Authenticate 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.WWW-Authenticate.Basic 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.WWW-Authenticate.Digest 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.WWW-Authenticate.Digest.SHA-256 Firefox10/5/2021 Edge9/15/2023710
http.headers.WWW-Authenticate.Digest.md5 Firefox11/9/2004 Edge7/29/20153914
http.headers.WWW-Authenticate.NTLM Firefox11/9/2004 Edge1/15/20205545
http.headers.WWW-Authenticate.Negotiate 📋Firefox11/9/2004 Edge1/15/20205545
http.headers.Warning 📋Firefox11/9/2004 Edge7/29/20153914
http.headers.X-Content-Type-Options 📋Edge7/29/2015 Firefox11/15/2016475
Chrome: Not supported for stylesheets.Chrome Android: Not supported for stylesheets.Opera: Not supported for stylesheets.Opera Android: Not supported for stylesheets.Samsung Internet: Not supported for stylesheets.WebView Android: Not supported for stylesheets.
http.headers.X-DNS-Prefetch-Control Firefox10/24/2006 Edge1/15/20204831
http.headers.X-Frame-Options 📋Firefox3/22/2011 Edge7/29/20151590
http.headers.X-Frame-Options.SAMEORIGIN Firefox3/22/2011 Edge7/29/20151590
Chrome: Starting in Chrome 61, this applies to all of a frame's ancestors.Chrome Android: Starting in Chrome Android 61, this applies to all of a frame's ancestors.Firefox: Starting in Firefox 59, this applies to all of a frame's ancestors.Firefox for Android: Starting in Firefox for Android 59, this applies to all of a frame's ancestors.Quest Browser: Starting in Quest Browser 5.0, this applies to all of a frame's ancestors.Opera: Starting in Opera 48, this applies to all of a frame's ancestors.Opera Android: Starting in Opera Android 45, this applies to all of a frame's ancestors.Samsung Internet: Starting in Samsung Internet 8.0, this applies to all of a frame's ancestors.WebView Android: Starting in WebView Android 61, this applies to all of a frame's ancestors.
http.methods.CONNECT 📋Firefox11/9/2004 Edge7/29/20153914
http.methods.DELETE 📋Firefox11/9/2004 Edge7/29/20153914
http.methods.GET 📋Firefox11/9/2004 Edge7/29/20153914
http.methods.HEAD 📋Firefox11/9/2004 Edge7/29/20153914
http.methods.OPTIONS 📋Firefox11/9/2004 Edge7/29/20153914
http.methods.POST 📋Firefox11/9/2004 Edge7/29/20153914
http.methods.PUT 📋Firefox11/9/2004 Edge7/29/20153914
http.mixed-content 📋Firefox8/6/2013 Edge1/15/20202353
http.mixed-content.allow_file_urls 📋Firefox8/6/2013 Edge1/15/20202353
http.mixed-content.allow_localhost_url 📋Edge1/15/2020 Firefox12/15/2020335
http.mixed-content.allow_loopback_url 📋Firefox8/8/2017 Edge1/15/2020890
http.mixed-content.auto_upgrade_images 📋Edge10/9/2020 Firefox6/11/20241341
Firefox: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox: Set security.mixed_content.block_display_content preference to true to block all mixed content.Firefox for Android: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox for Android: Set security.mixed_content.block_display_content preference to true to block all mixed content.
http.mixed-content.auto_upgrade_video_audio 📋Edge2/7/2020 Firefox6/11/20241586
Firefox: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox: Set security.mixed_content.block_display_content preference to true to block all mixed content.Firefox for Android: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox for Android: Set security.mixed_content.block_display_content preference to true to block all mixed content.
http.mixed-content.block_mixed_downloads 📋Firefox7/13/2021 Edge7/22/20219
http.mixed-content.blockable_mixed_content 📋Firefox8/6/2013 Edge1/15/20202353
Chrome: From version 79 blocks iframes, scripts, and stylesheets.Chrome Android: From version 79 blocks iframes, scripts, and stylesheets.Edge: From version 79 blocks iframes, scripts, and stylesheets.Quest Browser: From version 8.0 blocks iframes, scripts, and stylesheets.Opera: From version 66 blocks iframes, scripts, and stylesheets.Opera Android: From version 57 blocks iframes, scripts, and stylesheets.Samsung Internet: From version 12.0 blocks iframes, scripts, and stylesheets.WebView Android: From version 79 blocks iframes, scripts, and stylesheets.
http.status.103 📋Edge6/23/2022 Firefox11/21/2023516
Chrome: Supported in HTTP/2 and later only.Chrome Android: Supported in HTTP/2 and later only.Edge: Supported in HTTP/2 and later only.Quest Browser: Supported in HTTP/2 and later only.Opera: Supported in HTTP/2 and later only.Opera Android: Supported in HTTP/2 and later only.Safari: Supported in HTTP/2 and later only.Safari on iOS: Supported in HTTP/2 and later only.Samsung Internet: Supported in HTTP/2 and later only.WebView Android: Supported in HTTP/2 and later only.WebView on iOS: Supported in HTTP/2 and later only.
http.status.103.preconnect Edge6/23/2022 Firefox11/21/2023516
http.status.103.preload Edge6/23/2022 Firefox2/20/2024607
http.status.308 📋Firefox7/17/2012 Edge7/29/20151107
Internet Explorer: Does not work below Windows 10.