access-control-expose-headers

HTTP response header

The Access-Control-Expose-Headers response header indicates which headers can be exposed as part of the response by listing their names

Header usage statistics

access-control-expose-headers response header information and usage statistics.

Websites using header access-control-expose-headers 28,407
Percentage of websites that use access-control-expose-headers header 0.24%
Total discovered header values 858
Header uses directives Yes
Header values are unique or random No
Most popular in the country United States of America

access-control-expose-headers Directives (24 total)

  • *
  • api-version
  • cache-control
  • content-length
  • content-range
  • content-type
  • date
  • dnt
  • if-modified-since
  • keep-alive
  • location
  • range
  • request-context
  • transfer-encoding
  • user-agent
  • x-cdn-diag
  • x-csrf-token
  • x-customheader
  • x-fb-cec-video-limit
  • x-frame-options
  • x-frontend
  • x-proxy-cache
  • x-request-id
  • x-requested-with

access-control-expose-headers Directives

access-control-expose-headers directives value information and usage statistics

Directive Share Websites count Unique Values
request-context 24.96% 7,090 1
content-length 23.65% 6,719 1
date 17.04% 4,841 1
transfer-encoding 16.42% 4,665 1
x-frontend 11.54% 3,278 1
content-range 7.05% 2,002 1
location 5.89% 1,672 1
x-request-id 4.95% 1,406 1
content-type 4.02% 1,143 1
cache-control 2.41% 684 1
range 2.32% 659 1
x-requested-with 2.11% 599 1
if-modified-since 1.85% 525 1
user-agent 1.78% 507 1
keep-alive 1.76% 500 1
dnt 1.75% 498 1
x-customheader 1.70% 482 1
x-csrf-token 1.02% 291 1
x-proxy-cache 0.93% 265 1
* 0.83% 237 1
x-fb-cec-video-limit 0.63% 178 1
x-frame-options 0.51% 145 1
api-version 0.35% 99 1
x-cdn-diag 0.27% 76 1

Distribution by websites popularity

access-control-expose-headers detection in the top websites by popularity

Top 10k sites 107 websites
Top 100k sites 290 websites
Top 1m sites 2,915 websites

Websites utilizing access-control-expose-headers

List of websites that use access-control-expose-headers header

Domain Country Rank Contacts
instagram.com United States of America 7
www.instagram.com United States of America 7
vk.com Russian Federation 38
www.oracle.com United States of America 282
www.udemy.com United States of America 312
www.agoda.com United States of America 339
See full domain list

Geographical Distribution

Header usage distribution by websites across the globe.






Common header values

List of top common access-control-expose-headers header values

Header value Value prevalence
Request-Context 31.18%
x-ms-request-id,Content-Length,Date,Transfer-Encoding 20.24%
X-Frontend 14.39%
Location, X-Request-Id 5.89%
Content-Length,Content-Range 4.33%
X-Log, X-Reqid 1.20%
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-CSRF-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,X-Proxy-Cache 1.18%
* 0.99%
Location 0.96%
Content-Type 0.92%
X-FB-CEC-Video-Limit 0.77%
AMP-Access-Control-Allow-Source-Origin 0.73%
Content-Length 0.59%
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range 0.56%
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error 0.47%
API-Version,X-FRAME-OPTIONS,Content-Security-Policy 0.45%
X-Auth-Token 0.42%
origin 0.36%
Link,X-RateLimit-Reset,X-RateLimit-Limit,X-RateLimit-Remaining,X-Request-Id,Idempotency-Key 0.34%
x-cdn-diag 0.34%