CSRF Protection

Fulu Network R&D Team

Oct 27, 2020 · Information Security

Understanding Fetch Metadata Request Headers (Sec-Fetch-*) and Their Security Implications

This article explains the purpose, possible values, and security impact of the Sec-Fetch request headers introduced by the Fetch Metadata specification, showing how browsers automatically add them, how servers can use them to filter illegal requests, and providing practical policy examples and code snippets.