Now Stable

"New on the Web": For a given set of browsers, what APIs became stable and when, ordered reverse chronologically.

It's a great source of information for posts like this

Example Comparisons
Browsers
Features

Stable APIs

Below is a list of features that are in Chrome and Edge, ordered reverse chronologically by when they became stable (i.e, available in the last browser).

2026/1

API First Browser Date Last Browser Date Days Notes
http.headers.Permissions-Policy.ch-ua-high-entropy-values πŸ“‹Chrome1/13/2026 Edge1/21/20268

2025/10

API First Browser Date Last Browser Date Days Notes
http.headers.Permissions-Policy.on-device-speech-recognition πŸ“‹Chrome10/28/2025 Edge10/31/20253
http.headers.No-Vary-Search πŸ“‹Chrome9/30/2025 Edge10/3/20253
Chrome: Before Chrome 127, speculation rules are only supported for navigational prefetch, not prerender.Chrome: Before Chrome 141, HTTP cache is not supported.Chrome Android: Before Chrome Android 127, speculation rules are only supported for navigational prefetch, not prerender.Chrome Android: Before Chrome Android 141, HTTP cache is not supported.Edge: Before Edge 127, speculation rules are only supported for navigational prefetch, not prerender.Edge: Before Edge 141, HTTP cache is not supported.Opera: Before Opera 113, speculation rules are only supported for navigational prefetch, not prerender.Opera: Before Opera 125, HTTP cache is not supported.Opera Android: Before Opera Android 84, speculation rules are only supported for navigational prefetch, not prerender.Opera Android: Before Opera Android 93, HTTP cache is not supported.Samsung Internet: Before Samsung Internet 28.0, speculation rules are only supported for navigational prefetch, not prerender.Samsung Internet: Before Samsung Internet false, HTTP cache is not supported.WebView Android: Before WebView Android 127, speculation rules are only supported for navigational prefetch, not prerender.WebView Android: Before WebView Android 141, HTTP cache is not supported.
http.headers.No-Vary-Search.http_cache πŸ“‹Chrome9/30/2025 Edge10/3/20253
http.headers.Permissions-Policy.aria-notify Chrome9/30/2025 Edge10/3/20253
Chrome: Not supported on ChromeOS.Chrome Android: Not supported on ChromeOS.Edge: Not supported on ChromeOS.Opera: Not supported on ChromeOS.Opera Android: Not supported on ChromeOS.WebView Android: Not supported on ChromeOS.

2025/9

API First Browser Date Last Browser Date Days Notes
http.headers.Set-Cookie.http_host-http_prefixes Chrome9/2/2025 Edge9/5/20253
Firefox: __Host-Http- is supported under its original name __HostHttp-. See bug 1982555.Firefox for Android: __Host-Http- is supported under its original name __HostHttp-. See bug 1982555.

2025/6

API First Browser Date Last Browser Date Days Notes
http.headers.Clear-Site-Data.prefetchCache Chrome6/24/2025 Edge6/26/20252
http.headers.Clear-Site-Data.prerenderCache Chrome6/24/2025 Edge6/26/20252
http.headers.Integrity-Policy πŸ“‹Chrome6/24/2025 Edge6/26/20252
Firefox: Reporting endpoints are ignored (violations are logged to console).Firefox for Android: Reporting endpoints are ignored (violations are logged to console).
http.headers.Integrity-Policy.blocked-destinations_script πŸ“‹Chrome6/24/2025 Edge6/26/20252
http.headers.Integrity-Policy-Report-Only πŸ“‹Chrome6/24/2025 Edge6/26/20252
Firefox: Reporting endpoints are ignored (violations are logged to console).Firefox for Android: Reporting endpoints are ignored (violations are logged to console).
http.headers.Integrity-Policy-Report-Only.blocked-destinations_script πŸ“‹Chrome6/24/2025 Edge6/26/20252
http.headers.Permissions-Policy.summarizer πŸ“‹Chrome6/24/2025 Edge6/26/20252
http.mixed-content.private_network_access πŸ“‹Chrome6/24/2025 Edge6/26/20252

2025/5

API First Browser Date Last Browser Date Days Notes
http.headers.Permissions-Policy.captured-surface-control πŸ“‹Chrome4/29/2025 Edge5/1/20252
http.headers.Sec-Speculation-Tags πŸ“‹Chrome4/29/2025 Edge5/1/20252

2025/4

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.deferred-fetch πŸ“‹Chrome4/1/2025 Edge4/4/20253
http.headers.Feature-Policy.deferred-fetch-minimal πŸ“‹Chrome4/1/2025 Edge4/4/20253
http.headers.Permissions-Policy.deferred-fetch πŸ“‹Chrome4/1/2025 Edge4/4/20253
http.headers.Permissions-Policy.deferred-fetch-minimal πŸ“‹Chrome4/1/2025 Edge4/4/20253

2025/2

API First Browser Date Last Browser Date Days Notes
http.headers.Activate-Storage-Access πŸ“‹Chrome2/4/2025 Edge2/6/20252
http.headers.Sec-Fetch-Storage-Access πŸ“‹Chrome2/4/2025 Edge2/6/20252

2024/11

API First Browser Date Last Browser Date Days Notes
http.headers.Cross-Origin-Opener-Policy.noopener-allow-popups πŸ“‹Chrome11/12/2024 Edge11/14/20242

2024/10

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-Encoding.dcb Chrome10/15/2024 Edge10/17/20242
http.headers.Accept-Encoding.dcz Chrome10/15/2024 Edge10/17/20242
http.headers.Available-Dictionary πŸ“‹Chrome10/15/2024 Edge10/17/20242
http.headers.Content-Encoding.dcb Chrome10/15/2024 Edge10/17/20242
http.headers.Content-Encoding.dcz Chrome10/15/2024 Edge10/17/20242
http.headers.Dictionary-ID πŸ“‹Chrome10/15/2024 Edge10/17/20242
http.headers.Use-As-Dictionary πŸ“‹Chrome10/15/2024 Edge10/17/20242

2024/7

API First Browser Date Last Browser Date Days Notes
http.headers.No-Vary-Search.speculation_rules_prerender πŸ“‹Chrome7/23/2024 Edge7/25/20242

2024/6

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.fenced-frame-src πŸ“‹Chrome6/11/2024 Edge6/13/20242
http.headers.Sec-Fetch-Dest.fencedframe Chrome6/11/2024 Edge6/13/20242

2024/5

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.compute-pressure πŸ“‹Chrome5/14/2024 Edge5/17/20243
http.headers.Permissions-Policy.compute-pressure πŸ“‹Chrome5/14/2024 Edge5/17/20243

2024/4

API First Browser Date Last Browser Date Days Notes
http.headers.Priority πŸ“‹Chrome4/16/2024 Edge4/18/20242
http.headers.Sec-CH-UA-Form-Factors πŸ“‹Chrome4/16/2024 Edge4/18/20242

2024/3

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-Encoding.zstd πŸ“‹Chrome3/19/2024 Edge3/22/20243
Safari: Before macOS 26.3 Tahoe, this header value is not sent.
http.headers.Content-Encoding.zstd πŸ“‹Chrome3/19/2024 Edge3/22/20243
Safari: Before macOS 26.3 Tahoe, Safari cannot decode Zstandard responses.

2024/1

API First Browser Date Last Browser Date Days Notes
http.headers.No-Vary-Search.speculation_rules_prefetch πŸ“‹Chrome1/23/2024 Edge1/25/20242
http.headers.Speculation-Rules πŸ“‹Chrome1/23/2024 Edge1/25/20242

2023/12

API First Browser Date Last Browser Date Days Notes
http.headers.Set-Login πŸ“‹Chrome12/5/2023 Edge12/7/20232

2023/11

API First Browser Date Last Browser Date Days Notes
http.headers.Sec-CH-Prefers-Reduced-Transparency πŸ“‹Chrome10/31/2023 Edge11/2/20232

2023/9

API First Browser Date Last Browser Date Days Notes
http.headers.Attribution-Reporting-Eligible πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Attribution-Reporting-Register-Source πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Attribution-Reporting-Register-Trigger πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Attribution-Reporting-Support πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Authorization.Digest.SHA-256 Chrome9/12/2023 Edge9/15/20233
http.headers.Clear-Site-Data.clientHints πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Clear-Site-Data.wildcard πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Feature-Policy.attribution-reporting πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Permissions-Policy.attribution-reporting πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Permissions-Policy.private-state-token-issuance πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Permissions-Policy.private-state-token-redemption πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Sec-Private-State-Token πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Sec-Private-State-Token-Crypto-Version πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Sec-Private-State-Token-Lifetime πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Sec-Redemption-Record πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.Supports-Loading-Mode.fenced-frame πŸ“‹Chrome9/12/2023 Edge9/15/20233
http.headers.WWW-Authenticate.Digest.SHA-256 Chrome9/12/2023 Edge9/15/20233

2023/7

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.browsing-topics Chrome7/18/2023 Edge7/21/20233
http.headers.Observe-Browsing-Topics Chrome7/18/2023 Edge7/21/20233
http.headers.Permissions-Policy.browsing-topics Chrome7/18/2023 Edge7/21/20233
http.headers.Sec-Browsing-Topics Chrome7/18/2023 Edge7/21/20233

2023/6

API First Browser Date Last Browser Date Days Notes
http.headers.Set-Cookie.Partitioned πŸ“‹Chrome5/30/2023 Edge6/2/20233

2023/5

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.storage-access πŸ“‹Chrome5/2/2023 Edge5/5/20233
http.headers.Permissions-Policy.storage-access πŸ“‹Chrome5/2/2023 Edge5/5/20233

2023/2

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.script-src.inline-speculation-rules Chrome2/7/2023 Edge2/9/20232
http.headers.Feature-Policy.identity-credentials-get πŸ“‹Chrome2/7/2023 Edge2/9/20232
http.headers.Permissions-Policy.identity-credentials-get πŸ“‹Chrome2/7/2023 Edge2/9/20232
http.headers.Sec-Purpose πŸ“‹Chrome2/7/2023 Edge2/9/20232
http.headers.Sec-Purpose.speculationrules Chrome2/7/2023 Edge2/9/20232

2023/1

API First Browser Date Last Browser Date Days Notes
http.headers.Supports-Loading-Mode πŸ“‹Chrome1/10/2023 Edge1/12/20232
http.headers.Supports-Loading-Mode.credentialed-prerender πŸ“‹Chrome1/10/2023 Edge1/12/20232

2022/12

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.wildcards Chrome11/29/2022 Edge12/5/20226
http.headers.Permissions-Policy.wildcards Chrome11/29/2022 Edge12/5/20226
http.headers.Sec-CH-Prefers-Reduced-Motion πŸ“‹Chrome11/29/2022 Edge12/5/20226

2022/9

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-CH.Sec-CH-Viewport-Height πŸ“‹Edge9/1/2022 Chrome9/2/20221
http.headers.Sec-CH-Viewport-Height πŸ“‹Edge9/1/2022 Chrome9/2/20221

2022/8

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.bluetooth πŸ“‹Chrome8/2/2022 Edge8/5/20223
http.headers.Permissions-Policy.bluetooth πŸ“‹Chrome8/2/2022 Edge8/5/20223

2022/6

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.local-fonts πŸ“‹Chrome6/21/2022 Edge6/23/20222
http.headers.Link πŸ“‹Chrome6/21/2022 Edge6/23/20222
http.headers.Link.fetchpriority πŸ“‹Chrome6/21/2022 Edge6/23/20222
http.headers.Permissions-Policy.gamepad πŸ“‹Chrome6/21/2022 Edge6/23/20222
http.headers.Permissions-Policy.local-fonts πŸ“‹Chrome6/21/2022 Edge6/23/20222
http.status.103 πŸ“‹Chrome6/21/2022 Edge6/23/20222
Chrome: Supported in HTTP/2 and later only.Chrome Android: Supported in HTTP/2 and later only.Edge: Supported in HTTP/2 and later only.Quest Browser: Supported in HTTP/2 and later only.Opera: Supported in HTTP/2 and later only.Opera Android: Supported in HTTP/2 and later only.Safari: Supported in HTTP/2 and later only.Safari on iOS: Supported in HTTP/2 and later only.Samsung Internet: Supported in HTTP/2 and later only.WebView Android: Supported in HTTP/2 and later only.WebView on iOS: Supported in HTTP/2 and later only.
http.status.103.preconnect Chrome6/21/2022 Edge6/23/20222
http.status.103.preload Chrome6/21/2022 Edge6/23/20222

2022/4

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.window-management πŸ“‹Chrome3/29/2022 Edge4/1/20223
http.headers.Permissions-Policy.window-management πŸ“‹Chrome3/29/2022 Edge4/1/20223
http.headers.Sec-CH-UA-WoW64 πŸ“‹Chrome3/29/2022 Edge4/1/20223

2022/3

API First Browser Date Last Browser Date Days Notes
http.headers.Range.cors_safe Chrome3/1/2022 Edge3/3/20222

2022/2

API First Browser Date Last Browser Date Days Notes
http.headers.Sec-CH-UA-Full-Version-List πŸ“‹Chrome2/1/2022 Edge2/3/20222

2022/1

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-CH.Sec-CH-DPR πŸ“‹Chrome1/4/2022 Edge1/6/20222
http.headers.Accept-CH.Sec-CH-Device-Memory πŸ“‹Chrome1/4/2022 Edge1/6/20222
http.headers.Accept-CH.Sec-CH-Viewport-Width πŸ“‹Chrome1/4/2022 Edge1/6/20222
http.headers.Accept-CH.Sec-CH-Width πŸ“‹Chrome1/4/2022 Edge1/6/20222
http.headers.Content-Security-Policy.script-src.wasm-unsafe-eval Chrome1/4/2022 Edge1/6/20222
http.headers.Sec-CH-DPR πŸ“‹Chrome1/4/2022 Edge1/6/20222
http.headers.Sec-CH-Device-Memory πŸ“‹Chrome1/4/2022 Edge1/6/20222
Chrome: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Chrome: From Chrome 147, reported values are 2, 4, 8, 16, and 32.Chrome: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Chrome: From Chrome 147, reported values are 2, 4, 8, 16, and 32.Chrome Android: From Chrome 147, reported values are 1, 2, 4, and 8.Chrome Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Chrome Android: From Chrome 147, reported values are 1, 2, 4, and 8.Chrome Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Edge: Before Edge 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Edge: From Edge 147, reported values are 2, 4, 8, 16, and 32.Edge: Before Edge 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Edge: From Edge 147, reported values are 2, 4, 8, 16, and 32.Quest Browser: From Chrome 147, reported values are 1, 2, 4, and 8.Quest Browser: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Quest Browser: From Chrome 147, reported values are 1, 2, 4, and 8.Quest Browser: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera: Before Opera false, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera: From Opera false, reported values are 2, 4, 8, 16, and 32.Opera: Before Opera false, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera: From Opera false, reported values are 2, 4, 8, 16, and 32.Opera Android: From Chrome 147, reported values are 1, 2, 4, and 8.Opera Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera Android: From Chrome 147, reported values are 1, 2, 4, and 8.Opera Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Samsung Internet: From Chrome 147, reported values are 1, 2, 4, and 8.Samsung Internet: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Samsung Internet: From Chrome 147, reported values are 1, 2, 4, and 8.Samsung Internet: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.WebView Android: From Chrome 147, reported values are 1, 2, 4, and 8.WebView Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.WebView Android: From Chrome 147, reported values are 1, 2, 4, and 8.WebView Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.
http.headers.Sec-CH-Viewport-Width πŸ“‹Chrome1/4/2022 Edge1/6/20222
http.headers.Sec-CH-Width πŸ“‹Chrome1/4/2022 Edge1/6/20222

2021/11

API First Browser Date Last Browser Date Days Notes
http.headers.Cross-Origin-Embedder-Policy.credentialless πŸ“‹Chrome11/15/2021 Edge11/19/20214
http.headers.Cross-Origin-Embedder-Policy.report-to_parameter πŸ“‹Chrome11/15/2021 Edge11/19/20214
http.headers.Cross-Origin-Opener-Policy.report-to_parameter πŸ“‹Chrome11/15/2021 Edge11/19/20214
http.headers.Reporting-Endpoints πŸ“‹Chrome11/15/2021 Edge11/19/20214

2021/9

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.display-capture πŸ“‹Chrome9/21/2021 Edge9/24/20213
http.headers.Feature-Policy.idle-detection πŸ“‹Chrome9/21/2021 Edge9/24/20213
http.headers.Permissions-Policy.display-capture πŸ“‹Chrome9/21/2021 Edge9/24/20213
http.headers.Permissions-Policy.idle-detection πŸ“‹Chrome9/21/2021 Edge9/24/20213
http.headers.Feature-Policy.otp-credentials πŸ“‹Chrome8/31/2021 Edge9/2/20212
http.headers.Permissions-Policy.otp-credentials πŸ“‹Chrome8/31/2021 Edge9/2/20212
http.headers.Sec-CH-Prefers-Color-Scheme πŸ“‹Chrome8/31/2021 Edge9/2/20212
http.headers.Sec-CH-UA-Bitness πŸ“‹Chrome8/31/2021 Edge9/2/20212

2021/7

API First Browser Date Last Browser Date Days Notes
http.mixed-content.block_mixed_downloads πŸ“‹Chrome7/20/2021 Edge7/22/20212

2021/5

API First Browser Date Last Browser Date Days Notes
http.headers.Critical-CH πŸ“‹Chrome5/25/2021 Edge5/27/20212
http.headers.Set-Cookie.SameSite.schemeful Chrome5/25/2021 Edge5/27/20212

2021/4

API First Browser Date Last Browser Date Days Notes
http.headers.Origin-Agent-Cluster πŸ“‹Chrome4/13/2021 Edge4/15/20212

2021/3

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-CH.Sec-CH-UA Chrome3/2/2021 Edge3/4/20212
http.headers.Accept-CH.Sec-CH-UA-Arch Chrome3/2/2021 Edge3/4/20212
http.headers.Accept-CH.Sec-CH-UA-Full-Version Chrome3/2/2021 Edge3/4/20212
http.headers.Accept-CH.Sec-CH-UA-Mobile Chrome3/2/2021 Edge3/4/20212
http.headers.Accept-CH.Sec-CH-UA-Model Chrome3/2/2021 Edge3/4/20212
http.headers.Accept-CH.Sec-CH-UA-Platform Chrome3/2/2021 Edge3/4/20212
http.headers.Accept-CH.Sec-CH-UA-Platform-Version Chrome3/2/2021 Edge3/4/20212
http.headers.Feature-Policy.hid πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Feature-Policy.serial πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Permissions-Policy.hid πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Permissions-Policy.serial πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Sec-CH-UA πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Sec-CH-UA-Arch πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Sec-CH-UA-Full-Version πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Sec-CH-UA-Mobile πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Sec-CH-UA-Model πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Sec-CH-UA-Platform πŸ“‹Chrome3/2/2021 Edge3/4/20212
http.headers.Sec-CH-UA-Platform-Version πŸ“‹Chrome3/2/2021 Edge3/4/20212

2021/1

API First Browser Date Last Browser Date Days Notes
http.headers.Permissions-Policy πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.accelerometer πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.autoplay πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.camera πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.cross-origin-isolated πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.encrypted-media πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.fullscreen πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.geolocation πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.gyroscope πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.microphone πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.midi πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.payment πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.picture-in-picture πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.publickey-credentials-create πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.publickey-credentials-get πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.screen-wake-lock πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.usb πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.web-share πŸ“‹Chrome1/19/2021 Edge1/21/20212
http.headers.Permissions-Policy.xr-spatial-tracking πŸ“‹Chrome1/19/2021 Edge1/21/20212

2020/11

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.cross-origin-isolated πŸ“‹Chrome11/17/2020 Edge11/19/20202

2020/10

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.web-share πŸ“‹Edge10/9/2020 Chrome10/20/202011
http.mixed-content.auto_upgrade_images πŸ“‹Edge10/9/2020 Chrome10/20/202011
Firefox: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox: Set security.mixed_content.block_display_content preference to true to block all mixed content.Firefox for Android: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox for Android: Set security.mixed_content.block_display_content preference to true to block all mixed content.
http.headers.Set-Cookie.SameSite.Lax_default Chrome2/4/2020 Edge10/9/2020248
http.headers.Set-Cookie.SameSite.none_requires_secure Chrome2/4/2020 Edge10/9/2020248

2020/8

API First Browser Date Last Browser Date Days Notes
http.headers.Referrer-Policy.default_strict-origin-when-cross-origin Chrome8/25/2020 Edge8/27/20202

2020/7

API First Browser Date Last Browser Date Days Notes
http.headers.Feature-Policy.publickey-credentials-create πŸ“‹Edge7/16/2020 Chrome7/27/202011
http.headers.Feature-Policy.publickey-credentials-get πŸ“‹Edge7/16/2020 Chrome7/27/202011
http.headers.Feature-Policy.screen-wake-lock πŸ“‹Edge7/16/2020 Chrome7/27/202011

2020/5

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.require-trusted-types-for πŸ“‹Chrome5/19/2020 Edge5/21/20202
http.headers.Content-Security-Policy.trusted-types πŸ“‹Chrome5/19/2020 Edge5/21/20202
http.headers.Cross-Origin-Embedder-Policy πŸ“‹Chrome5/19/2020 Edge5/21/20202
http.headers.Cross-Origin-Opener-Policy πŸ“‹Chrome5/19/2020 Edge5/21/20202

2020/2

API First Browser Date Last Browser Date Days Notes
http.headers.Sec-Fetch-Dest πŸ“‹Chrome2/4/2020 Edge2/7/20203
http.mixed-content.auto_upgrade_video_audio πŸ“‹Chrome2/4/2020 Edge2/7/20203
Firefox: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox: Set security.mixed_content.block_display_content preference to true to block all mixed content.Firefox for Android: Set security.mixed_content.upgrade_display_content preference to true to allow HTTP fetching and display of upgradable content.Firefox for Android: Set security.mixed_content.block_display_content preference to true to block all mixed content.

2020/1

API First Browser Date Last Browser Date Days Notes
http.data-url.html_files Chrome1/25/2010 Edge1/15/20203642
http.data-url.top_level_navigation_blocked Chrome7/25/2017 Edge1/15/2020904
http.headers.Accept-CH πŸ“‹Chrome10/13/2015 Edge1/15/20201555
http.headers.Accept-CH.Content-DPR Chrome10/13/2015 Edge1/15/20201555
http.headers.Accept-CH.DPR Chrome10/13/2015 Edge1/15/20201555
http.headers.Accept-CH.Device-Memory Chrome9/5/2017 Edge1/15/2020862
http.headers.Accept-CH.Viewport-Width Chrome10/13/2015 Edge1/15/20201555
http.headers.Accept-CH.Width Chrome10/13/2015 Edge1/15/20201555
http.headers.Access-Control-Allow-Headers.wildcard Chrome12/6/2017 Edge1/15/2020770
http.headers.Access-Control-Allow-Methods.wildcard Chrome12/6/2017 Edge1/15/2020770
http.headers.Access-Control-Expose-Headers.wildcard Chrome3/6/2018 Edge1/15/2020680
http.headers.Alt-Svc πŸ“‹Chrome7/20/2016 Edge1/15/20201274
Firefox: Only supports draft-04Firefox for Android: Only supports draft-04
http.headers.Authorization.Digest πŸ“‹Chrome12/11/2008 Edge1/15/20204052
http.headers.Authorization.Digest.md5 Chrome12/11/2008 Edge1/15/20204052
http.headers.Authorization.NTLM Chrome12/11/2008 Edge1/15/20204052
http.headers.Authorization.Negotiate πŸ“‹Chrome12/11/2008 Edge1/15/20204052
http.headers.Cache-Control.stale-while-revalidate πŸ“‹Chrome6/4/2019 Edge1/15/2020225
http.headers.Clear-Site-Data πŸ“‹Chrome9/5/2017 Edge1/15/2020862
http.headers.Clear-Site-Data.cache πŸ“‹Chrome3/6/2018 Edge1/15/2020680
Chrome: Setting this value may increase response duration (see bug 40233601.Chrome: Setting this value may prevent a page from fully load (see bug 41343050.Chrome Android: Setting this value may increase response duration (see bug 40233601.Chrome Android: Setting this value may prevent a page from fully load (see bug 41343050.Edge: Setting this value may increase response duration (see bug 40233601.Quest Browser: Setting this value may increase response duration (see bug 40233601.Opera: Setting this value may increase response duration (see bug 40233601.Opera: Setting this value may prevent a page from fully load (see bug 41343050.Opera Android: Setting this value may increase response duration (see bug 40233601.Opera Android: Setting this value may prevent a page from fully load (see bug 41343050.Samsung Internet: Setting this value may increase response duration (see bug 40233601.WebView Android: Setting this value may increase response duration (see bug 40233601.WebView Android: Setting this value may prevent a page from fully load (see bug 41343050.
http.headers.Clear-Site-Data.cookies πŸ“‹Chrome9/5/2017 Edge1/15/2020862
http.headers.Clear-Site-Data.secure_context_required Chrome9/5/2017 Edge1/15/2020862
http.headers.Clear-Site-Data.storage πŸ“‹Chrome9/5/2017 Edge1/15/2020862
http.headers.Content-DPR Chrome10/13/2015 Edge1/15/20201555
http.headers.Content-Length.cors_response_safelist Chrome7/30/2019 Edge1/15/2020169
http.headers.Content-Security-Policy.base-uri πŸ“‹Chrome1/21/2015 Edge1/15/20201820
http.headers.Content-Security-Policy.block-all-mixed-content Chrome7/21/2015 Edge1/15/20201639
Chrome: Will be removed, see bug 40260100.Chrome Android: Will be removed, see bug 40260100.Edge: Will be removed, see bug 40260100.Quest Browser: Will be removed, see bug 40260100.Opera: Will be removed, see bug 40260100.Opera Android: Will be removed, see bug 40260100.Samsung Internet: Will be removed, see bug 40260100.WebView Android: Will be removed, see bug 40260100.
http.headers.Content-Security-Policy.form-action.blocks_redirects Chrome12/6/2017 Edge1/15/2020770
http.headers.Content-Security-Policy.manifest-src πŸ“‹Chrome1/21/2015 Edge1/15/20201820
http.headers.Content-Security-Policy.report-sample Chrome6/5/2017 Edge1/15/2020954
http.headers.Content-Security-Policy.report-to πŸ“‹Chrome10/16/2018 Edge1/15/2020456
http.headers.Content-Security-Policy.script-src.external_scripts πŸ“‹Chrome6/5/2017 Edge1/15/2020954
http.headers.Content-Security-Policy.script-src-attr πŸ“‹Chrome6/4/2019 Edge1/15/2020225
http.headers.Content-Security-Policy.script-src-elem πŸ“‹Chrome6/4/2019 Edge1/15/2020225
http.headers.Content-Security-Policy.strict-dynamic Chrome7/20/2016 Edge1/15/20201274
http.headers.Content-Security-Policy.style-src-attr πŸ“‹Chrome6/4/2019 Edge1/15/2020225
http.headers.Content-Security-Policy.style-src-elem πŸ“‹Chrome6/4/2019 Edge1/15/2020225
Safari: The style-src-elem directive was parsed, but had no effect. See bug 276931.Safari on iOS: The style-src-elem directive was parsed, but had no effect. See bug 276931.WebView on iOS: The style-src-elem directive was parsed, but had no effect. See bug 276931.
http.headers.Content-Security-Policy.unsafe-hashes Chrome9/4/2018 Edge1/15/2020498
http.headers.Content-Security-Policy.worker-src πŸ“‹Chrome6/5/2017 Edge1/15/2020954
Chrome: Chrome 59 and higher skips the deprecated child-src directive.Chrome Android: Chrome Android 59 and higher skips the deprecated child-src directive.Quest Browser: Quest Browser 5.0 and higher skips the deprecated child-src directive.Opera: Opera 46 and higher skips the deprecated child-src directive.Opera Android: Opera Android 43 and higher skips the deprecated child-src directive.WebView Android: WebView Android 59 and higher skips the deprecated child-src directive.
http.headers.Content-Security-Policy.worker_support Chrome1/25/2017 Edge1/15/20201085
http.headers.Cross-Origin-Resource-Policy πŸ“‹Chrome3/12/2019 Edge1/15/2020309
Chrome: Until version 75, downloads for files with this header would fail in Chrome. See bug 41452948.Chrome: From version 80 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 86, partial PDF loading is disabled.Chrome Android: Until version 75, downloads for files with this header would fail in Chrome Android. See bug 41452948.Chrome Android: From version 80 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 86, partial PDF loading is disabled.Quest Browser: Until version 7.0, downloads for files with this header would fail in Quest Browser. See bug 41452948.Quest Browser: From version 9.0 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 12.0, partial PDF loading is disabled.Opera: Until version 62, downloads for files with this header would fail in Opera. See bug 41452948.Opera: From version 67 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 72, partial PDF loading is disabled.Opera Android: Until version 54, downloads for files with this header would fail in Opera Android. See bug 41452948.Opera Android: From version 57 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 61, partial PDF loading is disabled.WebView Android: Until version 75, downloads for files with this header would fail in WebView Android. See bug 41452948.WebView Android: From version 80 to 85, linearized PDFs served inline with this header fail to render properly. See bug 40127935. From version 86, partial PDF loading is disabled.
http.headers.DPR Chrome10/13/2015 Edge1/15/20201555
http.headers.Device-Memory Chrome9/5/2017 Edge1/15/2020862
Chrome: From Chrome 147, reported values are 2, 4, 8, 16, and 32.Chrome: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Chrome Android: From Chrome 147, reported values are 1, 2, 4, and 8.Chrome Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Edge: From Edge 147, reported values are 2, 4, 8, 16, and 32.Edge: Before Edge 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Quest Browser: From Chrome 147, reported values are 1, 2, 4, and 8.Quest Browser: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera: From Opera false, reported values are 2, 4, 8, 16, and 32.Opera: Before Opera false, reported values were 0.25, 0.5, 1, 2, 4, and 8.Opera Android: From Chrome 147, reported values are 1, 2, 4, and 8.Opera Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.Samsung Internet: From Chrome 147, reported values are 1, 2, 4, and 8.Samsung Internet: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.WebView Android: From Chrome 147, reported values are 1, 2, 4, and 8.WebView Android: Before Chrome 147, reported values were 0.25, 0.5, 1, 2, 4, and 8.
http.headers.Downlink πŸ“‹Chrome5/29/2018 Edge1/15/2020596
Chrome: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Chrome Android: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Edge: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Quest Browser: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Opera: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Opera Android: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.Samsung Internet: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.WebView Android: The value is never greater than 10 Mbps, as a non-standard anti-fingerprinting measure.
http.headers.ECT πŸ“‹Chrome5/29/2018 Edge1/15/2020596
http.headers.Feature-Policy Chrome7/25/2017 Edge1/15/2020904
http.headers.Feature-Policy.accelerometer πŸ“‹Chrome4/17/2018 Edge1/15/2020638
http.headers.Feature-Policy.ambient-light-sensor πŸ“‹Chrome4/17/2018 Edge1/15/2020638
http.headers.Feature-Policy.autoplay πŸ“‹Chrome1/23/2018 Edge1/15/2020722
http.headers.Feature-Policy.camera πŸ“‹Chrome1/23/2018 Edge1/15/2020722
http.headers.Feature-Policy.document-domain πŸ“‹Chrome1/23/2018 Edge1/15/2020722
http.headers.Feature-Policy.encrypted-media πŸ“‹Chrome1/23/2018 Edge1/15/2020722
http.headers.Feature-Policy.fullscreen πŸ“‹Chrome10/17/2017 Edge1/15/2020820
http.headers.Feature-Policy.geolocation πŸ“‹Chrome1/23/2018 Edge1/15/2020722
http.headers.Feature-Policy.gyroscope πŸ“‹Chrome4/17/2018 Edge1/15/2020638
http.headers.Feature-Policy.magnetometer πŸ“‹Chrome4/17/2018 Edge1/15/2020638
http.headers.Feature-Policy.microphone πŸ“‹Chrome1/23/2018 Edge1/15/2020722
http.headers.Feature-Policy.midi πŸ“‹Chrome1/23/2018 Edge1/15/2020722
http.headers.Feature-Policy.payment πŸ“‹Chrome7/25/2017 Edge1/15/2020904
http.headers.Feature-Policy.picture-in-picture πŸ“‹Chrome9/4/2018 Edge1/15/2020498
http.headers.Feature-Policy.usb πŸ“‹Chrome7/25/2017 Edge1/15/2020904
http.headers.Feature-Policy.xr-spatial-tracking πŸ“‹Chrome12/10/2019 Edge1/15/202036
http.headers.NEL πŸ“‹Chrome12/4/2018 Edge1/15/2020407
http.headers.Origin πŸ“‹Chrome12/11/2008 Edge1/15/20204052
Edge: Not sent with POST requestsFirefox: Not sent with POST requests, see bug 446344.Firefox for Android: Not sent with POST requests, see bug 446344.
http.headers.Permissions-Policy.ambient-light-sensor πŸ“‹Chrome4/17/2018 Edge1/15/2020638
http.headers.Permissions-Policy.magnetometer πŸ“‹Chrome4/17/2018 Edge1/15/2020638
http.headers.RTT πŸ“‹Chrome5/29/2018 Edge1/15/2020596
Chrome: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Chrome Android: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Edge: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Quest Browser: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Opera: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Opera Android: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.Samsung Internet: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.WebView Android: The value is never greater than 3000 ms, as a non-standard anti-fingerprinting measure.
http.headers.Referer.length_limit_4096B Chrome9/10/2019 Edge1/15/2020127
http.headers.Referrer-Policy πŸ“‹Chrome1/25/2017 Edge1/15/20201085
http.headers.Referrer-Policy.no-referrer-when-downgrade Chrome1/25/2017 Edge1/15/20201085
http.headers.Referrer-Policy.origin-when-cross-origin Chrome1/25/2017 Edge1/15/20201085
http.headers.Referrer-Policy.same-origin Chrome9/5/2017 Edge1/15/2020862
http.headers.Referrer-Policy.strict-origin Chrome9/5/2017 Edge1/15/2020862
http.headers.Referrer-Policy.strict-origin-when-cross-origin Chrome9/5/2017 Edge1/15/2020862
http.headers.Referrer-Policy.unsafe-url Chrome1/25/2017 Edge1/15/20201085
http.headers.Report-To Chrome10/16/2018 Edge1/15/2020456
http.headers.Save-Data πŸ“‹Chrome3/2/2016 Edge1/15/20201414
http.headers.Sec-Fetch-Mode πŸ“‹Chrome7/30/2019 Edge1/15/2020169
http.headers.Sec-Fetch-Site πŸ“‹Chrome7/30/2019 Edge1/15/2020169
http.headers.Sec-Fetch-User πŸ“‹Chrome7/30/2019 Edge1/15/2020169
http.headers.Server-Timing πŸ“‹Chrome3/6/2018 Edge1/15/2020680
http.headers.Set-Cookie.host_secure_prefixes Chrome3/2/2016 Edge1/15/20201414
http.headers.Snapshot-Content-Location Chrome12/6/2017 Edge1/15/2020770
http.headers.SourceMap πŸ“‹Chrome3/28/2012 Edge1/15/20202849
Chrome: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Chrome Android: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Edge: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Quest Browser: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Opera: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Opera Android: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.Samsung Internet: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.WebView Android: Not supported for ECMAScript Modules (<script type="module">). See bug 40854862.
http.headers.Timing-Allow-Origin πŸ“‹Chrome10/12/2016 Edge1/15/20201190
http.headers.Viewport-Width Chrome10/13/2015 Edge1/15/20201555
http.headers.WWW-Authenticate.NTLM Chrome12/11/2008 Edge1/15/20204052
http.headers.WWW-Authenticate.Negotiate πŸ“‹Chrome12/11/2008 Edge1/15/20204052
http.headers.Width Chrome10/13/2015 Edge1/15/20201555
http.headers.X-DNS-Prefetch-Control Chrome12/11/2008 Edge1/15/20204052
http.mixed-content πŸ“‹Chrome12/10/2019 Edge1/15/202036
http.mixed-content.allow_file_urls πŸ“‹Chrome12/10/2019 Edge1/15/202036
http.mixed-content.allow_localhost_url πŸ“‹Chrome12/10/2019 Edge1/15/202036
http.mixed-content.allow_loopback_url πŸ“‹Chrome12/10/2019 Edge1/15/202036
http.mixed-content.blockable_mixed_content πŸ“‹Chrome12/10/2019 Edge1/15/202036
Chrome: From version 79 blocks iframes, scripts, and stylesheets.Chrome Android: From version 79 blocks iframes, scripts, and stylesheets.Edge: From version 79 blocks iframes, scripts, and stylesheets.Quest Browser: From version 8.0 blocks iframes, scripts, and stylesheets.Opera: From version 66 blocks iframes, scripts, and stylesheets.Opera Android: From version 57 blocks iframes, scripts, and stylesheets.Samsung Internet: From version 12.0 blocks iframes, scripts, and stylesheets.WebView Android: From version 79 blocks iframes, scripts, and stylesheets.

2018/10

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.meta-element-support Chrome2/21/2013 Edge10/2/20182049
http.headers.Retry-After πŸ“‹Chrome1/10/2013 Edge10/2/20182091
http.headers.Service-Worker-Navigation-Preload πŸ“‹Chrome6/5/2017 Edge10/2/2018484

2018/5

API First Browser Date Last Browser Date Days Notes
http.headers.Set-Cookie.SameSite.None Edge10/17/2017 Chrome5/29/2018224
Chrome: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Chrome Android: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Quest Browser: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Opera: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Opera Android: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.Safari: Not supported before macOS version 10.15 (Catalina).Samsung Internet: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.WebView Android: Rejects cookies with SameSite=None. See SameSite=None: Known Incompatible Clients.

2018/4

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy.upgrade-insecure-requests πŸ“‹Chrome5/19/2015 Edge4/30/20181077
http.headers.Upgrade-Insecure-Requests πŸ“‹Chrome7/21/2015 Edge4/30/20181014

2018/1

API First Browser Date Last Browser Date Days Notes
http.headers.X-Content-Type-Options πŸ“‹Edge7/29/2015 Chrome1/23/2018909
Chrome: Not supported for stylesheets.Chrome Android: Not supported for stylesheets.Opera: Not supported for stylesheets.Opera Android: Not supported for stylesheets.Samsung Internet: Not supported for stylesheets.WebView Android: Not supported for stylesheets.

2017/10

API First Browser Date Last Browser Date Days Notes
http.headers.Service-Worker πŸ“‹Chrome10/7/2014 Edge10/17/20171106
http.headers.Service-Worker-Allowed πŸ“‹Chrome4/14/2015 Edge10/17/2017917
http.headers.Set-Cookie.SameSite πŸ“‹Chrome5/25/2016 Edge10/17/2017510
Safari: Safari 13 on macOS 10.14 (Mojave), treats SameSite=None and invalid values as Strict. This is fixed in version 10.15 (Catalina) and later.Safari: Treats SameSite=None and invalid values as Strict in macOS before 10.15 Catalina. See bug 198181.Safari on iOS: Treats SameSite=None and invalid values as Strict in iOS before 13. See bug 198181.WebView on iOS: Treats SameSite=None and invalid values as Strict in iOS before 13. See bug 198181.
http.headers.Set-Cookie.SameSite.Lax Chrome5/25/2016 Edge10/17/2017510
http.headers.Set-Cookie.SameSite.Strict Chrome5/25/2016 Edge10/17/2017510

2017/4

API First Browser Date Last Browser Date Days Notes
http.headers.Accept-Encoding.br πŸ“‹Chrome4/13/2016 Edge4/5/2017357
Safari: Unsupported before macOS 10.13 High Sierra.
http.headers.Content-Encoding.br πŸ“‹Chrome4/13/2016 Edge4/5/2017357
Safari: Unsupported before macOS 10.13 High Sierra.
http.headers.Content-Security-Policy.child-src πŸ“‹Chrome1/21/2015 Edge4/5/2017805
http.headers.Content-Security-Policy.form-action πŸ“‹Chrome1/21/2015 Edge4/5/2017805
http.headers.Content-Security-Policy.frame-ancestors πŸ“‹Chrome1/21/2015 Edge4/5/2017805
Firefox: Before Firefox 58, frame-ancestors is ignored in Content-Security-Policy-Report-Only.Firefox for Android: Before Firefox for Android 58, frame-ancestors is ignored in Content-Security-Policy-Report-Only.

2016/8

API First Browser Date Last Browser Date Days Notes
http.headers.Content-Security-Policy πŸ“‹Chrome2/21/2013 Edge8/2/20161258
Internet Explorer: Only supporting 'sandbox' directive.
http.headers.Content-Security-Policy.connect-src πŸ“‹Chrome2/21/2013 Edge8/2/20161258
Firefox: Before Firefox 50, ping attributes of <a> elements weren't covered by connect-src.
http.headers.Content-Security-Policy.default-src πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy.font-src πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy.frame-src πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy.img-src πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy.media-src πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy.object-src πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy.report-uri πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy.sandbox πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy.script-src πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy.style-src πŸ“‹Chrome2/21/2013 Edge8/2/20161258
http.headers.Content-Security-Policy-Report-Only πŸ“‹Chrome2/21/2013 Edge8/2/20161258

2015/7

API First Browser Date Last Browser Date Days Notes
http.data-url πŸ“‹Chrome1/25/2010 Edge7/29/20152011
Edge: Before Edge 79, the maximum size supported is 4GB.Internet Explorer: Since Internet Explorer 9, the maximum size supported is 4GB.Internet Explorer: In Internet Explorer 8, the maximum size supported is 32kB.
http.data-url.css_files Chrome1/25/2010 Edge7/29/20152011
http.data-url.js_files Chrome1/25/2010 Edge7/29/20152011
http.headers.Accept πŸ“‹Chrome12/11/2008 Edge7/29/20152421
Firefox: In Firefox 66, the default Accept header value changed to */*.Firefox for Android: In Firefox for Android 66, the default Accept header value changed to */*.
http.headers.Accept-Encoding πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Accept-Language πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Accept-Ranges πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Access-Control-Allow-Credentials πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.Access-Control-Allow-Headers πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.Access-Control-Allow-Methods πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.Access-Control-Allow-Origin πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.Access-Control-Expose-Headers πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.Access-Control-Max-Age πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.Access-Control-Request-Headers πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.Access-Control-Request-Method πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.Age πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Authorization πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Authorization.Basic πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Cache-Control πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Connection πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Content-Disposition πŸ“‹Chrome12/11/2008 Edge7/29/20152421
Chrome: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Chrome Android: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Firefox: From version 82, if an <a> element's download attribute is set (for a same-origin URL) then the inline directive is ignored. Earlier versions did not match the specification and respected the header directive over the attribute. See bug 1658877.Firefox for Android: From version 82, if an <a> element's download attribute is set (for a same-origin URL) then the inline directive is ignored. Earlier versions did not match the specification and respected the header directive over the attribute. See bug 1658877.Quest Browser: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Opera: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Opera Android: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.Safari: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 18384.Safari on iOS: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 18384.Samsung Internet: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.WebView Android: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 352093465.WebView on iOS: When saving documents, the document title is used instead of the filename parameter if the disposition type is inline. See bug 18384.
http.headers.Content-Encoding πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Content-Language πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Content-Length πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Content-Location πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Content-Range πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Content-Type πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Cookie πŸ“‹Chrome12/11/2008 Edge7/29/20152421
Safari: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.Safari on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.WebView on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.
http.headers.DNT Chrome11/6/2012 Edge7/29/2015995
http.headers.Date πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.ETag πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Expires πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.From πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Host πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.If-Match πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.If-Modified-Since πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.If-None-Match πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.If-Range πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.If-Unmodified-Since πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Keep-Alive πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Last-Modified πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Location πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Pragma πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Proxy-Authenticate πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Range πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Referer πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Refresh πŸ“‹Chrome12/11/2008 Edge7/29/20152421
Firefox: From version 136 the HTTP Referer header is sent following a refresh that redirects to another page (if permitted)Firefox for Android: From version 136 the HTTP Referer header is sent following a refresh that redirects to another page (if permitted)
http.headers.Sec-WebSocket-Accept πŸ“‹Chrome12/13/2011 Edge7/29/20151324
http.headers.Sec-WebSocket-Extensions πŸ“‹Chrome12/13/2011 Edge7/29/20151324
http.headers.Sec-WebSocket-Key πŸ“‹Chrome12/13/2011 Edge7/29/20151324
http.headers.Sec-WebSocket-Protocol πŸ“‹Chrome12/13/2011 Edge7/29/20151324
http.headers.Sec-WebSocket-Version πŸ“‹Chrome12/13/2011 Edge7/29/20151324
http.headers.Server πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Set-Cookie πŸ“‹Chrome12/11/2008 Edge7/29/20152421
Safari: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.Safari on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.WebView on iOS: Cookies with Secure flag are not sent to unsecured http://localhost/ endpoints. See bug 281149.
http.headers.Set-Cookie.HttpOnly Chrome12/11/2008 Edge7/29/20152421
http.headers.Set-Cookie.Max-Age Chrome12/11/2008 Edge7/29/20152421
http.headers.Strict-Transport-Security πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.TE πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Transfer-Encoding πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Upgrade πŸ“‹Chrome5/25/2010 Edge7/29/20151891
http.headers.User-Agent πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Vary πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.Via πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.WWW-Authenticate πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.WWW-Authenticate.Basic πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.WWW-Authenticate.Digest πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.WWW-Authenticate.Digest.md5 Chrome12/11/2008 Edge7/29/20152421
http.headers.Warning πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.headers.X-Frame-Options πŸ“‹Chrome1/25/2010 Edge7/29/20152011
http.headers.X-Frame-Options.SAMEORIGIN Chrome1/25/2010 Edge7/29/20152011
Chrome: Starting in Chrome 61, this applies to all of a frame's ancestors.Chrome Android: Starting in Chrome Android 61, this applies to all of a frame's ancestors.Firefox: Starting in Firefox 59, this applies to all of a frame's ancestors.Firefox for Android: Starting in Firefox for Android 59, this applies to all of a frame's ancestors.Quest Browser: Starting in Quest Browser 5.0, this applies to all of a frame's ancestors.Opera: Starting in Opera 48, this applies to all of a frame's ancestors.Opera Android: Starting in Opera Android 45, this applies to all of a frame's ancestors.Samsung Internet: Starting in Samsung Internet 8.0, this applies to all of a frame's ancestors.WebView Android: Starting in WebView Android 61, this applies to all of a frame's ancestors.
http.methods.CONNECT πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.methods.DELETE πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.methods.GET πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.methods.HEAD πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.methods.OPTIONS πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.methods.POST πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.methods.PUT πŸ“‹Chrome12/11/2008 Edge7/29/20152421
http.status.308 πŸ“‹Chrome7/16/2014 Edge7/29/2015378
Internet Explorer: Does not work below Windows 10.