Sec-CH-UA-Full-Version-List
Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.
Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
The HTTP Sec-CH-UA-Full-Version-List request header is a user agent client hint which provides the user-agent's branding and full version information.
The Sec-CH-UA-Full-Version-List header provides the brand and full version information for each brand associated with the browser, in a comma-separated list.
The header may include "fake" brands in any position and with any name. This is a feature designed to prevent servers from rejecting unknown user agents outright, forcing user agents to lie about their brand identity.
Note: This is similar to Sec-CH-UA, but includes the full version number instead of the significant version number for each brand.
| Header type | Request header, Client hint |
|---|---|
| Forbidden header name | Yes (Sec- prefix) |
Syntax
A comma separated list of brands in the user agent brand list, and their associated full version number. The syntax for a single entry has the following format:
Sec-CH-UA-Full-Version-List: "<brand>";v="<full version>", ...
Directives
<brand>-
A brand associated with the user agent, like "Chromium", "Google Chrome". This may be an intentionally incorrect brand like
" Not A;Brand"or"(Not(A:Brand"(the actual value is expected change over time and be unpredictable). <full version>-
A full version number, such as 98.0.4750.0.
Description
A brand is a commercial name for the user agent like: Chromium, Opera, Google Chrome, Microsoft Edge, Firefox, and Safari.
A user agent might have several associated brands.
For example, Opera, Chrome, and Edge are all based on Chromium, and will provide both brands in the Sec-CH-UA-Full-Version-List header.
The header allows the server to customize its response based on both shared brands and on particular customizations in their specific respective builds.
Examples
Using Sec-CH-UA-Full-Version-List
A server requests the Sec-CH-UA-Full-Version-List header by including the Accept-CH in a response to any request from the client, using the name of the desired header as a token:
HTTP/1.1 200 OK
Accept-CH: Sec-CH-UA-Full-Version-List
The client may choose to provide the hint, and add the Sec-CH-UA-Full-Version-List header to subsequent requests, as shown below:
GET /my/page HTTP/1.1
Host: example.site
Sec-CH-UA: " Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"
Sec-CH-UA-Mobile: ?0
Sec-CH-UA-Full-Version-List: " Not A;Brand";v="99.0.0.0", "Chromium";v="98.0.4750.0", "Google Chrome";v="98.0.4750.0"
Sec-CH-UA-Platform: "Linux"
Specifications
| Specification |
|---|
| User-Agent Client Hints # sec-ch-ua-full-version-list |
Browser compatibility
BCD tables only load in the browser
See also
- Client hints
- User-Agent Client Hints API
Accept-CH- HTTP Caching: Vary and
Varyheader - Improving user privacy and developer experience with User-Agent Client Hints (developer.chrome.com)