Now Stable

"New on the Web": For a given set of browsers, what APIs became stable and when, ordered reverse chronologically.

It's a great source of information for posts like this

Example Comparisons
Browsers
Features

Stable APIs

Below is a list of features that are in Chrome and Chrome Android, ordered reverse chronologically by when they became stable (i.e, available in the last browser).

2026/1

API First Browser Date Last Browser Date Days Notes
http.headers.No-Vary-Search.http_cache πŸ“‹Chrome9/30/2025 Chrome Android1/13/2026105

2025/9

API First Browser Date Last Browser Date Days Notes
http.headers.No-Vary-Search πŸ“‹Chrome9/30/2025 Chrome Android9/30/2025
Chrome: Before Chrome 127, speculation rules are only supported for navigational prefetch, not prerender.Chrome: Before Chrome 141, HTTP cache is not supported.Chrome Android: Before Chrome Android 127, speculation rules are only supported for navigational prefetch, not prerender.Chrome Android: Before Chrome Android 141, HTTP cache is not supported.Edge: Before Edge 127, speculation rules are only supported for navigational prefetch, not prerender.Edge: Before Edge 141, HTTP cache is not supported.Opera: Before Opera 113, speculation rules are only supported for navigational prefetch, not prerender.Opera: Before Opera 125, HTTP cache is not supported.Opera Android: Before Opera Android 84, speculation rules are only supported for navigational prefetch, not prerender.Opera Android: Before Opera Android 93, HTTP cache is not supported.Samsung Internet: Before Samsung Internet 28.0, speculation rules are only supported for navigational prefetch, not prerender.Samsung Internet: Before Samsung Internet false, HTTP cache is not supported.WebView Android: Before WebView Android 127, speculation rules are only supported for navigational prefetch, not prerender.WebView Android: Before WebView Android 141, HTTP cache is not supported.
http.headers.Permissions-Policy.aria-notify Chrome9/30/2025 Chrome Android9/30/2025
Chrome: Not supported on ChromeOS.Chrome Android: Not supported on ChromeOS.Edge: Not supported on ChromeOS.Opera: Not supported on ChromeOS.Opera Android: Not supported on ChromeOS.WebView Android: Not supported on ChromeOS.
http.headers.Set-Cookie.http_host-http_prefixes Chrome9/2/2025 Chrome Android9/2/2025
Firefox: __Host-Http- is supported under its original name __HostHttp-. See bug 1982555.Firefox for Android: __Host-Http- is supported under its original name __HostHttp-. See bug 1982555.

2025/6

API First Browser Date Last Browser Date Days Notes
http.headers.Clear-Site-Data.prefetchCache Chrome6/24/2025 Chrome Android6/24/2025
http.headers.Clear-Site-Data.prerenderCache Chrome6/24/2025 Chrome Android6/24/2025
http.headers.Integrity-Policy πŸ“‹Chrome6/24/2025 Chrome Android6/24/2025
Firefox: Reporting endpoints are ignored (violations are logged to console).Firefox for Android: Reporting endpoints are ignored (violations are logged to console).
http.headers.Integrity-Policy.blocked-destinations_script πŸ“‹Chrome6/24/2025 Chrome Android6/24/2025
http.headers.Integrity-Policy-Report-Only πŸ“‹Chrome6/24/2025 Chrome Android6/24/2025
Firefox: Reporting endpoints are ignored (violations are logged to console).Firefox for Android: Reporting endpoints are ignored (violations are logged to console).
http.headers.Integrity-Policy-Report-Only.blocked-destinations_script πŸ“‹Chrome6/24/2025 Chrome Android6/24/2025
http.mixed-content.private_network_access πŸ“‹Chrome6/24/2025 Chrome Android6/24/2025

2025/4

API First Browser Date Last Browser Date Days Notes
http.headers.Sec-Speculation-Tags πŸ“‹Chrome4/29/2025 Chrome Android4/29/2025
http.headers.Feature-Policy.deferred-fetch πŸ“‹Chrome4/1/2025 Chrome Android4/1/2025
http.headers.Feature-Policy.deferred-fetch-minimal πŸ“‹Chrome4/1/2025 Chrome Android4/1/2025
http.headers.Permissions-Policy.deferred-fetch πŸ“‹Chrome4/1/2025 Chrome Android4/1/2025
http.headers.Permissions-Policy.deferred-fetch-minimal πŸ“‹Chrome4/1/2025 Chrome Android4/1/2025

2025/2

API First Browser Date Last Browser Date Days Notes
http.headers.Activate-Storage-Access πŸ“‹Chrome2/4/2025 Chrome Android2/4/2025
http.headers.Sec-Fetch-Storage-Access πŸ“‹Chrome2/4/2025 Chrome Android2/4/2025

2024/11

API First Browser Date Last Browser Date Days Notes
http.headers.Cross-Origin-Opener-Policy.noopener-allow-popups πŸ“‹Chrome11/12/2024 Chrome Android11/12/2024

2024/10

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-Encoding.dcb Chrome10/15/2024 Chrome Android10/15/2024
http.headers.Accept-Encoding.dcz Chrome10/15/2024 Chrome Android10/15/2024
http.headers.Available-Dictionary πŸ“‹Chrome10/15/2024 Chrome Android10/15/2024
http.headers.Content-Encoding.dcb Chrome10/15/2024 Chrome Android10/15/2024
http.headers.Content-Encoding.dcz Chrome10/15/2024 Chrome Android10/15/2024
http.headers.Dictionary-ID πŸ“‹Chrome10/15/2024 Chrome Android10/15/2024
http.headers.Use-As-Dictionary πŸ“‹Chrome10/15/2024 Chrome Android10/15/2024

2024/7

API First Browser Date Last Browser Date Days Notes
http.headers.No-Vary-Search.speculation_rules_prerender πŸ“‹Chrome7/23/2024 Chrome Android7/23/2024

2024/6

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.fenced-frame-src πŸ“‹Chrome6/11/2024 Chrome Android6/11/2024
http.headers.Sec-Fetch-Dest.fencedframe Chrome6/11/2024 Chrome Android6/11/2024

2024/4

API First Browser Date Last Browser Date Days Notes
http.headers.Priority πŸ“‹Chrome4/16/2024 Chrome Android4/16/2024
http.headers.Sec-CH-UA-Form-Factors πŸ“‹Chrome4/16/2024 Chrome Android4/16/2024

2024/3

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-Encoding.zstd πŸ“‹Chrome3/19/2024 Chrome Android3/19/2024
Safari: Before macOS 26.3 Tahoe, this header value is not sent.
http.headers.Content-Encoding.zstd πŸ“‹Chrome3/19/2024 Chrome Android3/19/2024
Safari: Before macOS 26.3 Tahoe, Safari cannot decode Zstandard responses.

2024/1

API First Browser Date Last Browser Date Days Notes
http.headers.No-Vary-Search.speculation_rules_prefetch πŸ“‹Chrome1/23/2024 Chrome Android1/23/2024
http.headers.Speculation-Rules πŸ“‹Chrome1/23/2024 Chrome Android1/23/2024

2023/12

API First Browser Date Last Browser Date Days Notes
http.headers.Set-Login πŸ“‹Chrome12/5/2023 Chrome Android12/5/2023

2023/10

API First Browser Date Last Browser Date Days Notes
http.headers.Sec-CH-Prefers-Reduced-Transparency πŸ“‹Chrome10/31/2023 Chrome Android10/31/2023

2023/9

API First Browser Date Last Browser Date Days Notes
http.headers.Attribution-Reporting-Eligible πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Attribution-Reporting-Register-Source πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Attribution-Reporting-Register-Trigger πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Attribution-Reporting-Support πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Authorization.Digest.SHA-256 Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Clear-Site-Data.clientHints πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Clear-Site-Data.wildcard πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Feature-Policy.attribution-reporting πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Permissions-Policy.attribution-reporting πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Permissions-Policy.private-state-token-issuance πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Permissions-Policy.private-state-token-redemption πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Sec-Private-State-Token πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Sec-Private-State-Token-Crypto-Version πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Sec-Private-State-Token-Lifetime πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Sec-Redemption-Record πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.Supports-Loading-Mode.fenced-frame πŸ“‹Chrome9/12/2023 Chrome Android9/12/2023
http.headers.WWW-Authenticate.Digest.SHA-256 Chrome9/12/2023 Chrome Android9/12/2023

2023/7

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.browsing-topics Chrome7/18/2023 Chrome Android7/21/20233
http.headers.Observe-Browsing-Topics Chrome7/18/2023 Chrome Android7/21/20233
http.headers.Permissions-Policy.browsing-topics Chrome7/18/2023 Chrome Android7/21/20233
http.headers.Sec-Browsing-Topics Chrome7/18/2023 Chrome Android7/21/20233

2023/5

API First Browser Date Last Browser Date Days Notes
http.headers.Set-Cookie.Partitioned πŸ“‹Chrome5/30/2023 Chrome Android5/30/2023
http.headers.Feature-Policy.storage-access πŸ“‹Chrome5/2/2023 Chrome Android5/2/2023
http.headers.Permissions-Policy.storage-access πŸ“‹Chrome5/2/2023 Chrome Android5/2/2023

2023/2

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.script-src.inline-speculation-rules Chrome2/7/2023 Chrome Android2/7/2023
http.headers.Feature-Policy.identity-credentials-get πŸ“‹Chrome2/7/2023 Chrome Android2/7/2023
http.headers.Permissions-Policy.identity-credentials-get πŸ“‹Chrome2/7/2023 Chrome Android2/7/2023
http.headers.Sec-Purpose πŸ“‹Chrome2/7/2023 Chrome Android2/7/2023
http.headers.Sec-Purpose.speculationrules Chrome2/7/2023 Chrome Android2/7/2023

2023/1

API First Browser Date Last Browser Date Days Notes
http.headers.Supports-Loading-Mode πŸ“‹Chrome1/10/2023 Chrome Android1/10/2023
http.headers.Supports-Loading-Mode.credentialed-prerender πŸ“‹Chrome1/10/2023 Chrome Android1/10/2023

2022/11

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.wildcards Chrome11/29/2022 Chrome Android11/29/2022
http.headers.Permissions-Policy.wildcards Chrome11/29/2022 Chrome Android11/29/2022
http.headers.Sec-CH-Prefers-Reduced-Motion πŸ“‹Chrome11/29/2022 Chrome Android11/29/2022

2022/9

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-CH.Sec-CH-Viewport-Height πŸ“‹Chrome9/2/2022 Chrome Android9/2/2022
http.headers.Feature-Policy.picture-in-picture πŸ“‹Chrome9/4/2018 Chrome Android9/2/20221459
http.headers.Permissions-Policy.picture-in-picture πŸ“‹Chrome1/19/2021 Chrome Android9/2/2022591
http.headers.Sec-CH-Viewport-Height πŸ“‹Chrome9/2/2022 Chrome Android9/2/2022

2022/8

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.bluetooth πŸ“‹Chrome8/2/2022 Chrome Android8/2/2022
http.headers.Permissions-Policy.bluetooth πŸ“‹Chrome8/2/2022 Chrome Android8/2/2022

2022/6

API First Browser Date Last Browser Date Days Notes
http.headers.Link πŸ“‹Chrome6/21/2022 Chrome Android6/21/2022
http.headers.Link.fetchpriority πŸ“‹Chrome6/21/2022 Chrome Android6/21/2022
http.headers.Permissions-Policy.gamepad πŸ“‹Chrome6/21/2022 Chrome Android6/21/2022
http.status.103 πŸ“‹Chrome6/21/2022 Chrome Android6/21/2022
Chrome: Supported in HTTP/2 and later only.Chrome Android: Supported in HTTP/2 and later only.Edge: Supported in HTTP/2 and later only.Quest Browser: Supported in HTTP/2 and later only.Opera: Supported in HTTP/2 and later only.Opera Android: Supported in HTTP/2 and later only.Safari: Supported in HTTP/2 and later only.Safari on iOS: Supported in HTTP/2 and later only.Samsung Internet: Supported in HTTP/2 and later only.WebView Android: Supported in HTTP/2 and later only.WebView on iOS: Supported in HTTP/2 and later only.
http.status.103.preconnect Chrome6/21/2022 Chrome Android6/21/2022
http.status.103.preload Chrome6/21/2022 Chrome Android6/21/2022

2022/3

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.window-management πŸ“‹Chrome3/29/2022 Chrome Android3/29/2022
http.headers.Permissions-Policy.window-management πŸ“‹Chrome3/29/2022 Chrome Android3/29/2022
http.headers.Sec-CH-UA-WoW64 πŸ“‹Chrome3/29/2022 Chrome Android3/29/2022
http.headers.Range.cors_safe Chrome3/1/2022 Chrome Android3/1/2022

2022/2

API First Browser Date Last Browser Date Days Notes
http.headers.Sec-CH-UA-Full-Version-List πŸ“‹Chrome2/1/2022 Chrome Android2/1/2022

2022/1

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-CH.Sec-CH-DPR πŸ“‹Chrome1/4/2022 Chrome Android1/4/2022
http.headers.Accept-CH.Sec-CH-Device-Memory πŸ“‹Chrome1/4/2022 Chrome Android1/4/2022
http.headers.Accept-CH.Sec-CH-Viewport-Width πŸ“‹Chrome1/4/2022 Chrome Android1/4/2022
http.headers.Accept-CH.Sec-CH-Width πŸ“‹Chrome1/4/2022 Chrome Android1/4/2022
http.headers.Content-Security-Policy.script-src.wasm-unsafe-eval Chrome1/4/2022 Chrome Android1/4/2022
http.headers.Sec-CH-DPR πŸ“‹Chrome1/4/2022 Chrome Android1/4/2022
http.headers.Sec-CH-Device-Memory πŸ“‹Chrome1/4/2022 Chrome Android1/4/2022
Chrome: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Chrome: From Chrome 147, reported values are 2, 4, 8, 16, and 32.Chrome: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Chrome: From Chrome 147, reported values are 2, 4, 8, 16, and 32.Chrome Android: From Chrome 147, reported values are 1, 2, 4, and 8.Chrome Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Chrome Android: From Chrome 147, reported values are 1, 2, 4, and 8.Chrome Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Edge: Before Edge 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Edge: From Edge 147, reported values are 2, 4, 8, 16, and 32.Edge: Before Edge 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Edge: From Edge 147, reported values are 2, 4, 8, 16, and 32.Quest Browser: From Chrome 147, reported values are 1, 2, 4, and 8.Quest Browser: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Quest Browser: From Chrome 147, reported values are 1, 2, 4, and 8.Quest Browser: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera: Before Opera false, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera: From Opera false, reported values are 2, 4, 8, 16, and 32.Opera: Before Opera false, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera: From Opera false, reported values are 2, 4, 8, 16, and 32.Opera Android: From Chrome 147, reported values are 1, 2, 4, and 8.Opera Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera Android: From Chrome 147, reported values are 1, 2, 4, and 8.Opera Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Samsung Internet: From Chrome 147, reported values are 1, 2, 4, and 8.Samsung Internet: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Samsung Internet: From Chrome 147, reported values are 1, 2, 4, and 8.Samsung Internet: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.WebView Android: From Chrome 147, reported values are 1, 2, 4, and 8.WebView Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.WebView Android: From Chrome 147, reported values are 1, 2, 4, and 8.WebView Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.
http.headers.Sec-CH-Viewport-Width πŸ“‹Chrome1/4/2022 Chrome Android1/4/2022
http.headers.Sec-CH-Width πŸ“‹Chrome1/4/2022 Chrome Android1/4/2022

2021/11

API First Browser Date Last Browser Date Days Notes
http.headers.Cross-Origin-Embedder-Policy.credentialless πŸ“‹Chrome11/15/2021 Chrome Android11/15/2021
http.headers.Cross-Origin-Embedder-Policy.report-to_parameter πŸ“‹Chrome11/15/2021 Chrome Android11/15/2021
http.headers.Cross-Origin-Opener-Policy.report-to_parameter πŸ“‹Chrome11/15/2021 Chrome Android11/15/2021
http.headers.Reporting-Endpoints πŸ“‹Chrome11/15/2021 Chrome Android11/15/2021

2021/9

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.display-capture πŸ“‹Chrome9/21/2021 Chrome Android9/21/2021
http.headers.Feature-Policy.idle-detection πŸ“‹Chrome9/21/2021 Chrome Android9/21/2021
http.headers.Permissions-Policy.display-capture πŸ“‹Chrome9/21/2021 Chrome Android9/21/2021
http.headers.Permissions-Policy.idle-detection πŸ“‹Chrome9/21/2021 Chrome Android9/21/2021

2021/8

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.otp-credentials πŸ“‹Chrome Android7/27/2020 Chrome8/31/2021400
http.headers.Permissions-Policy.otp-credentials πŸ“‹Chrome Android1/19/2021 Chrome8/31/2021224
http.headers.Sec-CH-Prefers-Color-Scheme πŸ“‹Chrome8/31/2021 Chrome Android8/31/2021
http.headers.Sec-CH-UA-Bitness πŸ“‹Chrome8/31/2021 Chrome Android8/31/2021

2021/7

API First Browser Date Last Browser Date Days Notes
http.mixed-content.block_mixed_downloads πŸ“‹Chrome7/20/2021 Chrome Android7/20/2021

2021/5

API First Browser Date Last Browser Date Days Notes
http.headers.Critical-CH πŸ“‹Chrome5/25/2021 Chrome Android5/25/2021
http.headers.Set-Cookie.SameSite.schemeful Chrome5/25/2021 Chrome Android5/25/2021

2021/4

API First Browser Date Last Browser Date Days Notes
http.headers.Origin-Agent-Cluster πŸ“‹Chrome4/13/2021 Chrome Android4/13/2021

2021/3

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-CH.Sec-CH-UA Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Accept-CH.Sec-CH-UA-Arch Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Accept-CH.Sec-CH-UA-Full-Version Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Accept-CH.Sec-CH-UA-Mobile Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Accept-CH.Sec-CH-UA-Model Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Accept-CH.Sec-CH-UA-Platform Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Accept-CH.Sec-CH-UA-Platform-Version Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Feature-Policy.serial πŸ“‹Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Permissions-Policy.serial πŸ“‹Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Sec-CH-UA πŸ“‹Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Sec-CH-UA-Arch πŸ“‹Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Sec-CH-UA-Full-Version πŸ“‹Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Sec-CH-UA-Mobile πŸ“‹Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Sec-CH-UA-Model πŸ“‹Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Sec-CH-UA-Platform πŸ“‹Chrome3/2/2021 Chrome Android3/2/2021
http.headers.Sec-CH-UA-Platform-Version πŸ“‹Chrome3/2/2021 Chrome Android3/2/2021

2021/1

API First Browser Date Last Browser Date Days Notes
http.headers.Permissions-Policy πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.accelerometer πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.autoplay πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.camera πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.cross-origin-isolated πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.encrypted-media πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.fullscreen πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.geolocation πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.gyroscope πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.microphone πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.midi πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.payment πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.publickey-credentials-create πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.publickey-credentials-get πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.screen-wake-lock πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.usb πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.web-share πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021
http.headers.Permissions-Policy.xr-spatial-tracking πŸ“‹Chrome1/19/2021 Chrome Android1/19/2021

2020/11

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.cross-origin-isolated πŸ“‹Chrome11/17/2020 Chrome Android11/17/2020

2020/10

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.web-share πŸ“‹Chrome10/20/2020 Chrome Android10/20/2020
http.mixed-content.auto_upgrade_images πŸ“‹Chrome10/20/2020 Chrome Android10/20/2020
Firefox: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox: Set security.mixed_content.block_display_content preference to true to block all mixed content.Firefox for Android: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox for Android: Set security.mixed_content.block_display_content preference to true to block all mixed content.

2020/8

API First Browser Date Last Browser Date Days Notes
http.headers.Referrer-Policy.default_strict-origin-when-cross-origin Chrome8/25/2020 Chrome Android8/25/2020

2020/7

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.publickey-credentials-create πŸ“‹Chrome7/27/2020 Chrome Android7/27/2020
http.headers.Feature-Policy.publickey-credentials-get πŸ“‹Chrome7/27/2020 Chrome Android7/27/2020
http.headers.Feature-Policy.screen-wake-lock πŸ“‹Chrome7/27/2020 Chrome Android7/27/2020

2020/5

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.require-trusted-types-for πŸ“‹Chrome5/19/2020 Chrome Android5/19/2020
http.headers.Content-Security-Policy.trusted-types πŸ“‹Chrome5/19/2020 Chrome Android5/19/2020
http.headers.Cross-Origin-Embedder-Policy πŸ“‹Chrome5/19/2020 Chrome Android5/19/2020
http.headers.Cross-Origin-Opener-Policy πŸ“‹Chrome5/19/2020 Chrome Android5/19/2020

2020/2

API First Browser Date Last Browser Date Days Notes
http.headers.Sec-Fetch-Dest πŸ“‹Chrome2/4/2020 Chrome Android2/4/2020
http.headers.Set-Cookie.SameSite.Lax_default Chrome2/4/2020 Chrome Android2/4/2020
http.headers.Set-Cookie.SameSite.none_requires_secure Chrome2/4/2020 Chrome Android2/4/2020
http.mixed-content.auto_upgrade_video_audio πŸ“‹Chrome2/4/2020 Chrome Android2/4/2020
Firefox: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox: Set security.mixed_content.block_display_content preference to true to block all mixed content.Firefox for Android: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox for Android: Set security.mixed_content.block_display_content preference to true to block all mixed content.

2019/12

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.xr-spatial-tracking πŸ“‹Chrome12/10/2019 Chrome Android12/17/20197
http.mixed-content πŸ“‹Chrome12/10/2019 Chrome Android12/17/20197
http.mixed-content.allow_file_urls πŸ“‹Chrome12/10/2019 Chrome Android12/17/20197
http.mixed-content.allow_localhost_url πŸ“‹Chrome12/10/2019 Chrome Android12/17/20197
http.mixed-content.allow_loopback_url πŸ“‹Chrome12/10/2019 Chrome Android12/17/20197
http.mixed-content.blockable_mixed_content πŸ“‹Chrome12/10/2019 Chrome Android12/17/20197
Chrome: From version 79 blocks iframes, scripts, and stylesheets.Chrome Android: From version 79 blocks iframes, scripts, and stylesheets.Edge: From version 79 blocks iframes, scripts, and stylesheets.Quest Browser: From version 8.0 blocks iframes, scripts, and stylesheets.Opera: From version 66 blocks iframes, scripts, and stylesheets.Opera Android: From version 57 blocks iframes, scripts, and stylesheets.Samsung Internet: From version 12.0 blocks iframes, scripts, and stylesheets.WebView Android: From version 79 blocks iframes, scripts, and stylesheets.

2019/9

API First Browser Date Last Browser Date Days Notes
http.headers.Referer.length_limit_4096B Chrome9/10/2019 Chrome Android9/10/2019

2019/7

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Length.cors_response_safelist Chrome7/30/2019 Chrome Android7/30/2019
http.headers.Sec-Fetch-Mode πŸ“‹Chrome7/30/2019 Chrome Android7/30/2019
http.headers.Sec-Fetch-Site πŸ“‹Chrome7/30/2019 Chrome Android7/30/2019
http.headers.Sec-Fetch-User πŸ“‹Chrome7/30/2019 Chrome Android7/30/2019

2019/6

API First Browser Date Last Browser Date Days Notes
http.headers.Cache-Control.stale-while-revalidate πŸ“‹Chrome6/4/2019 Chrome Android6/4/2019
http.headers.Content-Security-Policy.script-src-attr πŸ“‹Chrome6/4/2019 Chrome Android6/4/2019
http.headers.Content-Security-Policy.script-src-elem πŸ“‹Chrome6/4/2019 Chrome Android6/4/2019
http.headers.Content-Security-Policy.style-src-attr πŸ“‹Chrome6/4/2019 Chrome Android6/4/2019
http.headers.Content-Security-Policy.style-src-elem πŸ“‹Chrome6/4/2019 Chrome Android6/4/2019
Safari: The style-src-elem directive was parsed, but had no effect. See bug 276931.Safari on iOS: The style-src-elem directive was parsed, but had no effect. See bug 276931.WebView on iOS: The style-src-elem directive was parsed, but had no effect. See bug 276931.

2019/3

API First Browser Date Last Browser Date Days Notes
http.headers.Cross-Origin-Resource-Policy πŸ“‹Chrome3/12/2019 Chrome Android3/12/2019
Chrome: Until version 75, downloads for files with this header would fail in Chrome. See bug 41452948.Chrome: From version 80 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 86, partial PDF loading is disabled.Chrome Android: Until version 75, downloads for files with this header would fail in Chrome Android. See bug 41452948.Chrome Android: From version 80 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 86, partial PDF loading is disabled.Quest Browser: Until version 7.0, downloads for files with this header would fail in Quest Browser. See bug 41452948.Quest Browser: From version 9.0 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 12.0, partial PDF loading is disabled.Opera: Until version 62, downloads for files with this header would fail in Opera. See bug 41452948.Opera: From version 67 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 72, partial PDF loading is disabled.Opera Android: Until version 54, downloads for files with this header would fail in Opera Android. See bug 41452948.Opera Android: From version 57 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 61, partial PDF loading is disabled.WebView Android: Until version 75, downloads for files with this header would fail in WebView Android. See bug 41452948.WebView Android: From version 80 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 86, partial PDF loading is disabled.

2018/12

API First Browser Date Last Browser Date Days Notes
http.headers.NEL πŸ“‹Chrome12/4/2018 Chrome Android12/4/2018

2018/10

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.report-to πŸ“‹Chrome10/16/2018 Chrome Android10/17/20181
http.headers.Report-To Chrome10/16/2018 Chrome Android10/17/20181

2018/9

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.unsafe-hashes Chrome9/4/2018 Chrome Android9/4/2018

2018/5

API First Browser Date Last Browser Date Days Notes
http.headers.Downlink πŸ“‹Chrome5/29/2018 Chrome Android5/31/20182
Chrome: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Chrome Android: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Edge: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Quest Browser: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Opera: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Opera Android: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Samsung Internet: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.WebView Android: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.
http.headers.ECT πŸ“‹Chrome5/29/2018 Chrome Android5/31/20182
http.headers.RTT πŸ“‹Chrome5/29/2018 Chrome Android5/31/20182
Chrome: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Chrome Android: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Edge: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Quest Browser: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Opera: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Opera Android: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Samsung Internet: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.WebView Android: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.
http.headers.Set-Cookie.SameSite.None Chrome5/29/2018 Chrome Android5/31/20182
Chrome: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Chrome Android: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Quest Browser: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Opera: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Opera Android: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Safari: Not supported before macOS version 10.15 (Catalina).Samsung Internet: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.WebView Android: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.

2018/4

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.accelerometer πŸ“‹Chrome4/17/2018 Chrome Android4/17/2018
http.headers.Feature-Policy.ambient-light-sensor πŸ“‹Chrome4/17/2018 Chrome Android4/17/2018
http.headers.Feature-Policy.gyroscope πŸ“‹Chrome4/17/2018 Chrome Android4/17/2018
http.headers.Feature-Policy.magnetometer πŸ“‹Chrome4/17/2018 Chrome Android4/17/2018
http.headers.Permissions-Policy.ambient-light-sensor πŸ“‹Chrome4/17/2018 Chrome Android4/17/2018
http.headers.Permissions-Policy.magnetometer πŸ“‹Chrome4/17/2018 Chrome Android4/17/2018

2018/3

API First Browser Date Last Browser Date Days Notes
http.headers.Access-Control-Expose-Headers.wildcard Chrome3/6/2018 Chrome Android3/6/2018
http.headers.Clear-Site-Data.cache πŸ“‹Chrome3/6/2018 Chrome Android3/6/2018
Chrome: Setting this value may increase response duration (see bug 40233601.Chrome: Setting this value may prevent a page from fully load (see bug 41343050.Chrome Android: Setting this value may increase response duration (see bug 40233601.Chrome Android: Setting this value may prevent a page from fully load (see bug 41343050.Edge: Setting this value may increase response duration (see bug 40233601.Quest Browser: Setting this value may increase response duration (see bug 40233601.Opera: Setting this value may increase response duration (see bug 40233601.Opera: Setting this value may prevent a page from fully load (see bug 41343050.Opera Android: Setting this value may increase response duration (see bug 40233601.Opera Android: Setting this value may prevent a page from fully load (see bug 41343050.Samsung Internet: Setting this value may increase response duration (see bug 40233601.WebView Android: Setting this value may increase response duration (see bug 40233601.WebView Android: Setting this value may prevent a page from fully load (see bug 41343050.
http.headers.Server-Timing πŸ“‹Chrome3/6/2018 Chrome Android3/6/2018

2018/1

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.autoplay πŸ“‹Chrome1/23/2018 Chrome Android1/23/2018
http.headers.Feature-Policy.camera πŸ“‹Chrome1/23/2018 Chrome Android1/23/2018
http.headers.Feature-Policy.encrypted-media πŸ“‹Chrome1/23/2018 Chrome Android1/23/2018
http.headers.Feature-Policy.geolocation πŸ“‹Chrome1/23/2018 Chrome Android1/23/2018
http.headers.Feature-Policy.microphone πŸ“‹Chrome1/23/2018 Chrome Android1/23/2018
http.headers.Feature-Policy.midi πŸ“‹Chrome1/23/2018 Chrome Android1/23/2018
http.headers.X-Content-Type-Options πŸ“‹Chrome1/23/2018 Chrome Android1/23/2018
Chrome: Not supported for stylesheets.Chrome Android: Not supported for stylesheets.Opera: Not supported for stylesheets.Opera Android: Not supported for stylesheets.Samsung Internet: Not supported for stylesheets.WebView Android: Not supported for stylesheets.

2017/12

API First Browser Date Last Browser Date Days Notes
http.headers.Access-Control-Allow-Headers.wildcard Chrome Android12/5/2017 Chrome12/6/20171
http.headers.Access-Control-Allow-Methods.wildcard Chrome Android12/5/2017 Chrome12/6/20171
http.headers.Content-Security-Policy.form-action.blocks_redirects Chrome Android12/5/2017 Chrome12/6/20171
http.headers.Snapshot-Content-Location Chrome Android12/5/2017 Chrome12/6/20171

2017/10

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.fullscreen πŸ“‹Chrome10/17/2017 Chrome Android10/24/20177

2017/9

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-CH.Device-Memory Chrome9/5/2017 Chrome Android9/5/2017
http.headers.Clear-Site-Data πŸ“‹Chrome9/5/2017 Chrome Android9/5/2017
http.headers.Clear-Site-Data.cookies πŸ“‹Chrome9/5/2017 Chrome Android9/5/2017
http.headers.Clear-Site-Data.secure_context_required Chrome9/5/2017 Chrome Android9/5/2017
http.headers.Clear-Site-Data.storage πŸ“‹Chrome9/5/2017 Chrome Android9/5/2017
http.headers.Device-Memory Chrome9/5/2017 Chrome Android9/5/2017
Chrome: From Chrome 147, reported values are 2, 4, 8, 16, and 32.Chrome: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Chrome Android: From Chrome 147, reported values are 1, 2, 4, and 8.Chrome Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Edge: From Edge 147, reported values are 2, 4, 8, 16, and 32.Edge: Before Edge 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Quest Browser: From Chrome 147, reported values are 1, 2, 4, and 8.Quest Browser: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera: From Opera false, reported values are 2, 4, 8, 16, and 32.Opera: Before Opera false, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera Android: From Chrome 147, reported values are 1, 2, 4, and 8.Opera Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Samsung Internet: From Chrome 147, reported values are 1, 2, 4, and 8.Samsung Internet: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.WebView Android: From Chrome 147, reported values are 1, 2, 4, and 8.WebView Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.
http.headers.Referrer-Policy.same-origin Chrome9/5/2017 Chrome Android9/5/2017
http.headers.Referrer-Policy.strict-origin Chrome9/5/2017 Chrome Android9/5/2017
http.headers.Referrer-Policy.strict-origin-when-cross-origin Chrome9/5/2017 Chrome Android9/5/2017

2017/8

API First Browser Date Last Browser Date Days Notes
http.data-url.top_level_navigation_blocked Chrome7/25/2017 Chrome Android8/1/20177
http.headers.Feature-Policy Chrome7/25/2017 Chrome Android8/1/20177
http.headers.Feature-Policy.payment πŸ“‹Chrome7/25/2017 Chrome Android8/1/20177
http.headers.Feature-Policy.usb πŸ“‹Chrome7/25/2017 Chrome Android8/1/20177

2017/6

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.report-sample Chrome6/5/2017 Chrome Android6/6/20171
http.headers.Content-Security-Policy.script-src.external_scripts πŸ“‹Chrome6/5/2017 Chrome Android6/6/20171
http.headers.Content-Security-Policy.worker-src πŸ“‹Chrome6/5/2017 Chrome Android6/6/20171
Chrome: Chrome 59 and higher skips the deprecated child-src directive.Chrome Android: Chrome Android 59 and higher skips the deprecated child-src directive.Quest Browser: Quest Browser 5.0 and higher skips the deprecated child-src directive.Opera: Opera 46 and higher skips the deprecated child-src directive.Opera Android: Opera Android 43 and higher skips the deprecated child-src directive.WebView Android: WebView Android 59 and higher skips the deprecated child-src directive.
http.headers.Service-Worker-Navigation-Preload πŸ“‹Chrome6/5/2017 Chrome Android6/6/20171

2017/2

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.worker_support Chrome1/25/2017 Chrome Android2/1/20177
http.headers.Referrer-Policy πŸ“‹Chrome1/25/2017 Chrome Android2/1/20177
http.headers.Referrer-Policy.no-referrer-when-downgrade Chrome1/25/2017 Chrome Android2/1/20177
http.headers.Referrer-Policy.origin-when-cross-origin Chrome1/25/2017 Chrome Android2/1/20177
http.headers.Referrer-Policy.unsafe-url Chrome1/25/2017 Chrome Android2/1/20177

2016/10

API First Browser Date Last Browser Date Days Notes
http.headers.Timing-Allow-Origin πŸ“‹Chrome10/12/2016 Chrome Android10/19/20167

2016/7

API First Browser Date Last Browser Date Days Notes
http.headers.Alt-Svc πŸ“‹Chrome7/20/2016 Chrome Android7/27/20167
Firefox: Only supports draft-04Firefox for Android: Only supports draft-04
http.headers.Content-Security-Policy.strict-dynamic Chrome7/20/2016 Chrome Android7/27/20167

2016/6

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-Encoding.br πŸ“‹Chrome4/13/2016 Chrome Android6/8/201656
Safari: Unsupported before macOS 10.13 High Sierra.
http.headers.Content-Encoding.br πŸ“‹Chrome4/13/2016 Chrome Android6/8/201656
Safari: Unsupported before macOS 10.13 High Sierra.
http.headers.Set-Cookie.SameSite πŸ“‹Chrome5/25/2016 Chrome Android6/8/201614
Safari: Safari 13 on macOS 10.14 (Mojave), treats SameSite=None and invalid values as Strict. This is fixed in version 10.15 (Catalina) and later.Safari: Treats SameSite=None and invalid values as Strict in macOS before 10.15 Catalina. See bug 198181.Safari on iOS: Treats SameSite=None and invalid values as Strict in iOS before 13. See bug 198181.WebView on iOS: Treats SameSite=None and invalid values as Strict in iOS before 13. See bug 198181.
http.headers.Set-Cookie.SameSite.Lax Chrome5/25/2016 Chrome Android6/8/201614
http.headers.Set-Cookie.SameSite.Strict Chrome5/25/2016 Chrome Android6/8/201614

2016/3

API First Browser Date Last Browser Date Days Notes
http.headers.Save-Data πŸ“‹Chrome3/2/2016 Chrome Android3/9/20167
http.headers.Set-Cookie.host_secure_prefixes Chrome3/2/2016 Chrome Android3/9/20167

2015/10

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-CH πŸ“‹Chrome10/13/2015 Chrome Android10/14/20151
http.headers.Accept-CH.Content-DPR Chrome10/13/2015 Chrome Android10/14/20151
http.headers.Accept-CH.DPR Chrome10/13/2015 Chrome Android10/14/20151
http.headers.Accept-CH.Viewport-Width Chrome10/13/2015 Chrome Android10/14/20151
http.headers.Accept-CH.Width Chrome10/13/2015 Chrome Android10/14/20151
http.headers.Content-DPR Chrome10/13/2015 Chrome Android10/14/20151
http.headers.DPR Chrome10/13/2015 Chrome Android10/14/20151
http.headers.Viewport-Width Chrome10/13/2015 Chrome Android10/14/20151
http.headers.Width Chrome10/13/2015 Chrome Android10/14/20151

2015/7

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.block-all-mixed-content Chrome7/21/2015 Chrome Android7/29/20158
Chrome: Will be removed, see bug 40260100.Chrome Android: Will be removed, see bug 40260100.Edge: Will be removed, see bug 40260100.Quest Browser: Will be removed, see bug 40260100.Opera: Will be removed, see bug 40260100.Opera Android: Will be removed, see bug 40260100.Samsung Internet: Will be removed, see bug 40260100.WebView Android: Will be removed, see bug 40260100.
http.headers.Upgrade-Insecure-Requests πŸ“‹Chrome7/21/2015 Chrome Android7/29/20158

2015/5

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.upgrade-insecure-requests πŸ“‹Chrome5/19/2015 Chrome Android5/27/20158

2015/4

API First Browser Date Last Browser Date Days Notes
http.headers.Service-Worker-Allowed πŸ“‹Chrome4/14/2015 Chrome Android4/15/20151

2015/1

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.base-uri πŸ“‹Chrome1/21/2015 Chrome Android1/21/2015
http.headers.Content-Security-Policy.child-src πŸ“‹Chrome1/21/2015 Chrome Android1/21/2015
http.headers.Content-Security-Policy.form-action πŸ“‹Chrome1/21/2015 Chrome Android1/21/2015
http.headers.Content-Security-Policy.frame-ancestors πŸ“‹Chrome1/21/2015 Chrome Android1/21/2015
Firefox: Before Firefox 58, frame-ancestors is ignored in Content-Security-Policy-Report-Only.Firefox for Android: Before Firefox for Android 58, frame-ancestors is ignored in Content-Security-Policy-Report-Only.
http.headers.Content-Security-Policy.manifest-src πŸ“‹Chrome1/21/2015 Chrome Android1/21/2015

2014/10

API First Browser Date Last Browser Date Days Notes
http.headers.Service-Worker πŸ“‹Chrome10/7/2014 Chrome Android10/8/20141

2014/7

API First Browser Date Last Browser Date Days Notes
http.status.308 πŸ“‹Chrome7/16/2014 Chrome Android7/16/2014
Internet Explorer: Does not work below Windows 10.

2013/2

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
Internet Explorer: Only supporting 'sandbox' directive.
http.headers.Content-Security-Policy.connect-src πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
Firefox: Before Firefox 50, ping attributes of <a> elements weren't covered by connect-src.
http.headers.Content-Security-Policy.default-src πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.font-src πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.frame-src πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.img-src πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.media-src πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.meta-element-support Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.object-src πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.report-uri πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.sandbox πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.script-src πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy.style-src πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.Content-Security-Policy-Report-Only πŸ“‹Chrome2/21/2013 Chrome Android2/27/20136
http.headers.DNT Chrome11/6/2012 Chrome Android2/27/2013113
http.headers.Retry-After πŸ“‹Chrome1/10/2013 Chrome Android2/27/201348

2012/6

API First Browser Date Last Browser Date Days Notes
http.data-url πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
Edge: Before Edge 79, the maximum size supported is 4GB.Internet Explorer: Since Internet Explorer 9, the maximum size supported is 4GB.Internet Explorer: In Internet Explorer 8, the maximum size supported is 32kB.
http.data-url.css_files Chrome1/25/2010 Chrome Android6/27/2012884
http.data-url.html_files Chrome1/25/2010 Chrome Android6/27/2012884
http.data-url.js_files Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.Accept πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
Firefox: In Firefox 66, the default Accept header value changed to */*.Firefox for Android: In Firefox for Android 66, the default Accept header value changed to */*.
http.headers.Accept-Encoding πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Accept-Language πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Accept-Ranges πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Access-Control-Allow-Credentials πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.Access-Control-Allow-Headers πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.Access-Control-Allow-Methods πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.Access-Control-Allow-Origin πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.Access-Control-Expose-Headers πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.Access-Control-Max-Age πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.Access-Control-Request-Headers πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.Access-Control-Request-Method πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.Age πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Authorization πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Authorization.Basic πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Authorization.Digest πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Authorization.Digest.md5 Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Authorization.NTLM Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Authorization.Negotiate πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Cache-Control πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Connection πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Content-Disposition πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
Chrome: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Chrome Android: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Firefox: From version 82, if an <a> element's download attribute is set (for a same-origin URL) then the inline directive is ignored. Earlier versions did not match the specification and respected the header directive over the attribute. See bug 1658877.Firefox for Android: From version 82, if an <a> element's download attribute is set (for a same-origin URL) then the inline directive is ignored. Earlier versions did not match the specification and respected the header directive over the attribute. See bug 1658877.Quest Browser: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Opera: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Opera Android: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Safari: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 18384.Safari on iOS: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 18384.Samsung Internet: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.WebView Android: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.WebView on iOS: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 18384.
http.headers.Content-Encoding πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Content-Language πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Content-Length πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Content-Location πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Content-Range πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Content-Type πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Cookie πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
Safari: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.Safari on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.WebView on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.
http.headers.Date πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.ETag πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Expires πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.From πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Host πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.If-Match πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.If-Modified-Since πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.If-None-Match πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.If-Range πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.If-Unmodified-Since πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Keep-Alive πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Last-Modified πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Location πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Origin πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
Edge: Not sent with POST requestsFirefox: Not sent with POST requests, see bug 446344.Firefox for Android: Not sent with POST requests, see bug 446344.
http.headers.Pragma πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Proxy-Authenticate πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Range πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Referer πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Refresh πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
Firefox: From version 136 the HTTP Referer header is sent following a refresh that redirects to another page (if permitted)Firefox for Android: From version 136 the HTTP Referer header is sent following a refresh that redirects to another page (if permitted)
http.headers.Sec-WebSocket-Accept πŸ“‹Chrome12/13/2011 Chrome Android6/27/2012197
http.headers.Sec-WebSocket-Extensions πŸ“‹Chrome12/13/2011 Chrome Android6/27/2012197
http.headers.Sec-WebSocket-Key πŸ“‹Chrome12/13/2011 Chrome Android6/27/2012197
http.headers.Sec-WebSocket-Protocol πŸ“‹Chrome12/13/2011 Chrome Android6/27/2012197
http.headers.Sec-WebSocket-Version πŸ“‹Chrome12/13/2011 Chrome Android6/27/2012197
http.headers.Server πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Set-Cookie πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
Safari: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.Safari on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.WebView on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.
http.headers.Set-Cookie.HttpOnly Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Set-Cookie.Max-Age Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.SourceMap πŸ“‹Chrome3/28/2012 Chrome Android6/27/201291
Chrome: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Chrome Android: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Edge: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Quest Browser: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Opera: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Opera Android: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Samsung Internet: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.WebView Android: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.
http.headers.Strict-Transport-Security πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.TE πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Transfer-Encoding πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Upgrade πŸ“‹Chrome5/25/2010 Chrome Android6/27/2012764
http.headers.User-Agent πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Vary πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Via πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.WWW-Authenticate πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.WWW-Authenticate.Basic πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.WWW-Authenticate.Digest πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.WWW-Authenticate.Digest.md5 Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.WWW-Authenticate.NTLM Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.WWW-Authenticate.Negotiate πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.Warning πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.X-DNS-Prefetch-Control Chrome12/11/2008 Chrome Android6/27/20121294
http.headers.X-Frame-Options πŸ“‹Chrome1/25/2010 Chrome Android6/27/2012884
http.headers.X-Frame-Options.SAMEORIGIN Chrome1/25/2010 Chrome Android6/27/2012884
Chrome: Starting in Chrome 61, this applies to all of a frame's ancestors.Chrome Android: Starting in Chrome Android 61, this applies to all of a frame's ancestors.Firefox: Starting in Firefox 59, this applies to all of a frame's ancestors.Firefox for Android: Starting in Firefox for Android 59, this applies to all of a frame's ancestors.Quest Browser: Starting in Quest Browser 5.0, this applies to all of a frame's ancestors.Opera: Starting in Opera 48, this applies to all of a frame's ancestors.Opera Android: Starting in Opera Android 45, this applies to all of a frame's ancestors.Samsung Internet: Starting in Samsung Internet 8.0, this applies to all of a frame's ancestors.WebView Android: Starting in WebView Android 61, this applies to all of a frame's ancestors.
http.methods.CONNECT πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.methods.DELETE πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.methods.GET πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.methods.HEAD πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.methods.OPTIONS πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.methods.POST πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294
http.methods.PUT πŸ“‹Chrome12/11/2008 Chrome Android6/27/20121294