"'allow-duplicates'"
"'block-all-mixed-content'"
"'frame-ancestors'"
"'inline-speculation-rules'"
"'none'"
"'script'"
"'sha-256"
"'sha-384-"
"'sha-512-"
"'sha256"
"'strict-dynamic'"
"'unsafe-allow-redirects'"
"'unsafe-eval'"
"'unsafe-inline'"
"'wasm'"
"'wasm'""
"'wasm-eval'"
"'wasm-unsafe-eval'"
"about:"
"accept-ch"
"accept-charset"
"accept-encoding"
"accept-language"
"accept-language;de;en;jp"
"accept-language=()"
"accept-language=(en)"
"accept-ranges"
"access-control-allow-credentials"
"access-control-allow-headers"
"access-control-allow-methods"
"access-control-allow-origin"
"access-control-allow-private-network"
"access-control-max-age"
"access-control-request-headers"
"access-control-request-method"
"access-control-request-private-network"
"access-from-coop-page-to-openee"
"access-from-coop-page-to-opener"
"access-from-coop-page-to-other"
"access-to-coop-page-from-openee"
"access-to-coop-page-from-opener"
"access-to-coop-page-from-other"
"additional-private-state-token-key-commitments"
"age"
"all-operations-require-origin-trial"
"allow"
"allow-csp-from"
"allow-downloads"
"allow-forms"
"allow-from"
"allow-modals"
"allow-orientation-lock"
"allow-pointer-lock"
"allow-popups"
"allow-popups-to-escape-sandbox"
"allow-presentation"
"allow-same-origin"
"allow-scripts"
"allow-storage-access-by-user-activation"
"allow-top-navigation"
"allow-top-navigation-by-user-activation"
"allow-top-navigation-to-custom-protocols"
"allowall"
"allowall,allowall"
"allowall,deny"
"allowall,invalid"
"allowall,sameorigin"
"allowed-by-policy-allow"
"allowed-by-policy-preflight-warn"
"allowed-by-policy-warn"
"allowed-by-target-ip-address-space"
"allowed-missing-client-security-state"
"allowed-no-less-public"
"allowed-potentially-trustworthy-same-origin"
"alpn"
"anonymous"
"application/"
"application/activity+json"
"application/dash+xml"
"application/gzip"
"application/javascript"
"application/json"
"application/json+protobuf"
"application/jsonp"
"application/msexcel"
"application/mspowerpoint"
"application/msword"
"application/msword-template"
"application/octet-stream"
"application/ogg"
"application/pdf"
"application/rss+xml"
"application/x-gzip"
"application/x-protobuf"
"application/x-www-form-urlencoded"
"application/xml"
"application/xml+blah"
"application/xmlfoobar"
"application/zip"
"as"
"attribution"
"audio"
"audio/"
"audioworklet"
"authentication headers"
"authorization"
"auto"
"blob://me"
"blob:about:blank"
"blob:data:text/html,hello"
"blob:ftp://evil:99/578223a1-8c13-17b3-84d5-eca045ae384a"
"blob:http://baz:99/578223a1-8c13-17b3-84d5-eca045ae384a"
"blob:http://localhost:1000/578223a1-8c13-17b3-84d5-eca045ae384a"
"blob:https://foopy:99/578223a1-8c13-17b3-84d5-eca045ae384a"
"block"
"block-all-mixed-content"
"blocked-by-inconsistent-ip-address-space"
"blocked-by-load-option"
"blocked-by-policy-preflight-block"
"blocked-by-policy-preflight-warn"
"blocked-by-target-ip-address-space"
"body"
"buildflags"
"cache-control"
"charset"
"child-src"
"chrome-extension"
"chrome:"
"chunked"
"chunky"
"clienttoserver"
"close"
"com"
"conjured"
"connect"
"connect-src"
"connection"
"content-disposition"
"content-encoding"
"content-language"
"content-length"
"content-location"
"content-range"
"content-security-embedder-policy"
"content-security-opener-policy"
"content-security-policy"
"content-security-policy-report-only"
"content-type"
"continue"
"cookie"
"cookie-string"
"cookie2"
"correct"
"cors"
"credentialed-prerender"
"credentialless"
"critical-ch"
"cross-origin"
"cross-origin-embedder-policy"
"cross-origin-embedder-policy-report-only"
"cross-origin-opener-policy"
"cross-origin-opener-policy-report-only"
"cross-origin-resource-policy"
"custom-scheme:"
"custom-scheme://a/b"
"dark"
"data"
"datapipe"
"date"
"default"
"default-src"
"deny"
"deny,allowall"
"deny,deny"
"deny,invalid"
"deny,sameorigin"
"desc"
"description"
"deserialized="
"device-memory"
"device-memory,rtt"
"dictionary"
"dns-prefetch"
"document"
"downlink"
"dur"
"echo"
"ecmascript"
"embed"
"emerges"
"empty"
"endpoint"
"endpoint2"
"endpointb"
"entity headers"
"etag"
"everything"
"expect"
"expect-ct"
"expires"
"fc00::"
"fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"
"fe00::"
"fe7f:ffff:ffff:ffff:ffff:ffff:ffff:ffff"
"fe80::"
"fe80::/10"
"feature-policy"
"febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff"
"fec0::"
"fenced-frame"
"fenced-frame-src"
"fencedframe"
"fetch"
"fetchpriority"
"fetchpriority=low"
"file:///"
"file:///etc/passwd"
"file:///foo"
"filesystem://me"
"filesystem:about:blank"
"filesystem:data:text/html,hello"
"filesystem:http://localhost:1000/foo"
"filesystem:https://foopy:99/foo"
"font"
"font-src"
"font/woff2"
"foo"
"foo://bar/"
"foo://bar/initial"
"foobar"
"force-effective-connection-type"
"form-action"
"forwarded"
"frame"
"frame-ancestors"
"frame-options"
"frame-src"
"ftp"
"group"
"gzip"
"head"
"header"
"host"
"host-resolver-rules"
"if-match"
"if-modified-since"
"if-none-match"
"if-unmodified-since"
"ignore-certificate-errors-spki-list"
"ignore-urlfetcher-cert-requests"
"image"
"image/"
"image/png"
"image/svg+xml"
"img-src"
"insecure-private-network"
"internals>network>certificate"
"intervention"
"ip-address-space-overrides"
"ipendpoint:"
"iso-8859-1"
"javascript"
"javascript:"
"js"
"jscript"
"keep-alive"
"lang"
"last-modified"
"light"
"link"
"link-local"
"livescript"
"local"
"location"
"log-net-log"
"low"
"major"
"manifest"
"manifest-src"
"max-age"
"max-forwards"
"media-src"
"method"
"metric"
"mime_type"
"mode"
"modulepreload"
"multipart/byteranges"
"multipart/signed"
"must-revalidate"
"myproxy:80"
"n/a"
"navigate"
"navigate-to"
"net-log-capture-mode"
"net-log-max-size-mb"
"no-cache"
"no-cors"
"no-preference"
"no-referrer"
"no-referrer,unsafe-url"
"no-referrer-when-downgrade"
"no-store"
"noaccess"
"noaccess:blah"
"none"
"nonsense"
"nosniff"
"not-a-policy"
"not-a-uuid"
"not-a-value"
"not-nosniff"
"null"
"object"
"object-src"
"observe-browsing-topics"
"on"
"only-issuance-requires-origin-trial"
"options"
"origin"
"origin-agent-cluster"
"origin-trial-not-required"
"origin-when-cross-origin"
"original="
"other-scheme://a/b"
"paintworklet"
"payload!"
"permessage-deflate"
"permissions-policy"
"plugin-types"
"policy"
"policy-uri"
"post"
"pragma"
"preconnect"
"preload"
"private"
"proxy"
"proxy-"
"proxy-authenticate"
"proxy-authorization"
"public"
"quantum-entanglement"
"range"
"reduce"
"reduce-accept-language-cache-duration"
"referrer"
"referrer-policy"
"register-empty-network-service"
"rel"
"report"
"report-to"
"report-uri"
"reporting"
"reporting-endpoints"
"require-corp"
"require-trusted-types-for"
"restrict-properties"
"retry-after"
"rtt"
"same-origin"
"same-origin-allow-popups"
"same-origin-plus-coep"
"same-site"
"sameorigin"
"sameorigin,allowall"
"sameorigin,deny"
"sameorigin,invalid"
"sameorigin,sameorigin"
"sandbox"
"save-data"
"scheme://host:"
"script"
"script-src"
"script-src-attr"
"script-src-elem"
"sec"
"sec-ch-device-memory"
"sec-ch-dpr"
"sec-ch-prefers-color-scheme"
"sec-ch-prefers-reduced-motion"
"sec-ch-prefers-reduced-transparency"
"sec-ch-ua"
"sec-ch-ua-arch"
"sec-ch-ua-bitness"
"sec-ch-ua-form-factors"
"sec-ch-ua-full-version"
"sec-ch-ua-full-version-list"
"sec-ch-ua-mobile"
"sec-ch-ua-model"
"sec-ch-ua-platform"
"sec-ch-ua-platform-version"
"sec-ch-ua-wow64"
"sec-ch-viewport-height"
"sec-ch-viewport-width"
"sec-ch-width"
"sec-noaccess"
"sec-private-state-token"
"sec-private-state-token-crypto-version"
"sec-private-state-token-lifetime"
"sec-private-state-tokens-additional-signing-data"
"sec-redemption-record"
"sec-signature"
"sec-std-with-host"
"sec-time"
"sec-websocket-extensions"
"sec-websocket-key"
"sec-websocket-version"
"server"
"servertoclient"
"serviceworker"
"set-cookie"
"sha256/"
"sharedworker"
"sharedzstd"
"signed-headers"
"simple"
"sniffers"
"socks=foopy"
"some-origin"
"spectre"
"ssl-key-log-file"
"strict-origin"
"strict-origin-when-cross-origin"
"strict-transport-security"
"style"
"style-src"
"style-src-attr"
"style-src-elem"
"subsequent"
"supports-loading-mode"
"switching protocols"
"text/css"
"text/csv"
"text/event-stream"
"text/foobar+xml"
"text/html"
"text/json"
"text/json+blah"
"text/plain"
"text/salted"
"text/vtt"
"text/x-json"
"text/xml"
"text/xml+blah"
"this/file/does/not/exist"
"timing-allow-origin"
"token"
"trace"
"track"
"tracz"
"trailer"
"transfer-encoding"
"treat-as-public-address"
"true"
"trusted-types"
"trusttokens"
"type"
"uncredentialed-prefetch"
"uncredentialed-prerender"
"unique-local"
"unknown"
"unknown-value"
"unknown/mime_type"
"unsafe-none"
"unsafe-url"
"unsafely-treat-insecure-origin-as-secure"
"upgrade"
"upgrade-insecure-request"
"url"
"urn:uuid"
"use-credentials"
"use-first-party-set"
"user-agent"
"utf-8"
"variants"
"vary"
"via"
"video"
"video/"
"video/mp4"
"viewport-width"
"warning"
"webbundle"
"webidentity"
"width"
"worker"
"worker-src"
"www-authenticate"
Codebase Browser
chromium