Fetch Metadata is a suite of HTTP request headers—Sec-Fetch-Site, Sec-Fetch-Mode, Sec-Fetch-Dest, and Sec-Fetch-User—that automatically expose the relationship between the requesting page and the target resource. These headers allow a server to distinguish between a user navigating directly to a page, a same-origin API call, and a malicious cross-site request initiated by a third-party script or embedded iframe.
Glossary
Fetch Metadata

What is Fetch Metadata?
A set of HTTP request headers that provide the server with contextual information about a request's origin, enabling precise security decisions against cross-site attacks and unauthorized scraping.
For AI crawler identification, Fetch Metadata provides a robust, browser-enforced defense layer. By inspecting Sec-Fetch-Site: cross-site combined with Sec-Fetch-Mode: navigate, a server can programmatically reject scraping attempts where an automated browser is instrumented to traverse a domain from an external origin, blocking the request at the application layer before any content is served.
Core Characteristics of Fetch Metadata
Fetch Metadata headers provide the server with declarative context about a request's provenance, enabling precise security policies against cross-site scraping and injection attacks.
Sec-Fetch-Site
Declares the relationship between the request initiator's origin and the requested resource's origin.
- same-origin: Request originates from the same site (e.g., navigation within your app)
- same-site: Request comes from a different scheme but same registrable domain (e.g., http:// to https:// on same domain)
- cross-site: Request originates from a completely different registrable domain
- none: Request is user-initiated (e.g., typing a URL directly, bookmark click)
For AI crawler defense, rejecting all cross-site requests to sensitive API endpoints immediately blocks scraping tools that inject requests from external origins.
Sec-Fetch-Mode
Indicates the request's initiation mode, revealing whether the browser expects a navigation, a resource load, or an API-style fetch.
- navigate: Top-level document request (user clicking a link)
- nested-navigate: Request for a nested browsing context like an iframe
- no-cors: Opaque request with limited response access (image, script tags)
- cors: Cross-origin request requiring CORS headers
- websocket: Upgrade request for a WebSocket connection
AI scrapers often use no-cors mode to pull content without triggering CORS preflight checks. Blocking no-cors on HTML endpoints prevents silent data extraction.
Sec-Fetch-Dest
Specifies the intended destination of the fetched resource within the browser's processing pipeline.
- document: Full HTML page (top-level navigation)
- iframe: Embedded sub-document
- script, style, image: Sub-resource loads
- empty: Requests initiated via
fetch()orXMLHttpRequest - audio, video, font, worker: Specialized resource types
Requests with dest: empty and site: cross-site are a strong signal of programmatic scraping. Legitimate browser navigations always carry dest: document or dest: iframe.
Sec-Fetch-User
A boolean header indicating whether the request was triggered by a user activation (a click, tap, or keypress).
- ?1: User-initiated action (genuine human interaction)
- ?0: No user activation (automated or background request)
- Absent: Header not sent (older browser or non-browser client)
Automated crawlers and headless browsers cannot simulate true user activation gestures. Requiring Sec-Fetch-User: ?1 on sensitive endpoints blocks bots that programmatically trigger navigation without real interaction events.
Combined Policy Enforcement
Fetch Metadata headers are most powerful when evaluated together as a composite signal. A single request carrying:
Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-User: ?0
represents a near-certain automated scraping attempt with no legitimate browser use case. This combination can be rejected at the edge with zero false positives.
Deploy these policies in reverse proxies (NGINX, Envoy) or CDN edge workers to block scraping before it reaches origin infrastructure.
Browser Support & Limitations
Fetch Metadata headers are supported by all modern Chromium-based browsers (Chrome 76+, Edge 79+) and Firefox 90+. Safari added support in version 16.0.
Critical caveats for AI crawler defense:
- Non-browser clients (Python requests, cURL, headless automation) may omit these headers entirely. Absence itself is a detection signal.
- Spoofing is possible but requires the attacker to know your exact policy logic. Defense-in-depth with TLS fingerprinting (JA4) and IP reputation is essential.
- Legitimate API consumers (mobile apps, server-to-server integrations) won't send Fetch Metadata. Maintain an allowlist for known partners.
Frequently Asked Questions
Clear, technical answers to the most common questions about the Sec-Fetch header family and its role in mitigating unauthorized AI-driven data extraction.
Fetch Metadata is a set of HTTP request headers (Sec-Fetch-Site, Sec-Fetch-Mode, Sec-Fetch-Dest) that provide a server with contextual information about the browser's request initiation. These headers are automatically appended by the user agent and cannot be modified by JavaScript, making them a tamper-proof mechanism for distinguishing legitimate user navigation from malicious cross-site requests. By inspecting these headers, a server can determine if a request originated from the same origin, a same-site origin, or a completely unrelated cross-site origin, and then apply granular security policies to reject suspicious traffic before it reaches the application layer.
Fetch Metadata vs. Traditional Bot Detection
Comparing server-side Fetch Metadata header analysis with conventional client-interrogation techniques for identifying and blocking unauthorized AI crawlers.
| Feature | Fetch Metadata | JavaScript Fingerprinting | CAPTCHA Challenges |
|---|---|---|---|
Detection Layer | HTTP request headers (server-side) | Client-side JavaScript execution | Client-side challenge-response |
Works on headless browsers | |||
Requires JavaScript execution | |||
Detects cross-site scraping | |||
Computational overhead | Negligible | Moderate | High |
User friction | Zero | Zero | Significant |
Bypassable via browser automation | |||
Privacy-preserving |
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Understanding Fetch Metadata headers requires familiarity with the broader landscape of browser security policies, request forgery defenses, and the specific mechanisms that distinguish legitimate user navigation from malicious cross-site requests.
Cross-Site Request Forgery (CSRF)
An attack that forces an authenticated user's browser to execute unwanted actions on a web application. Fetch Metadata provides a server-side defense layer against CSRF by allowing applications to reject requests that lack the expected Sec-Fetch-Site: same-origin or Sec-Fetch-Site: same-site headers, effectively blocking cross-site form submissions and resource loads that originate from malicious domains.
Cross-Origin Resource Sharing (CORS)
A browser-enforced mechanism that controls how web pages request resources from a different origin than the one that served the page. While CORS governs client-side permission checks, Fetch Metadata complements it by enabling server-side validation of the request's provenance. Together, they form a defense-in-depth strategy: CORS prevents unauthorized reads, while Fetch Metadata rejects suspicious writes and navigation requests before they reach application logic.
Same-Origin Policy
The foundational browser security principle that isolates documents and scripts retrieved from one origin from interacting with resources from another. Fetch Metadata headers make the origin context explicit to the server, allowing applications to enforce policy violations server-side. For example, a request with Sec-Fetch-Site: cross-site attempting to access a JSON endpoint can be immediately blocked, preventing data exfiltration even if the Same-Origin Policy is bypassed through misconfiguration.
Sec-Fetch-User Header
A boolean header (?1 or ?0) that indicates whether the request was triggered by a user activation such as a mouse click or keyboard press. This is critical for distinguishing intentional user navigation from automated or scripted requests. Security policies can use this signal to allow cross-site top-level navigations only when Sec-Fetch-User: ?1 is present, blocking <a> tag clicks from being silently triggered by JavaScript-based scrapers or clickjacking overlays.
Resource Isolation Policy
A proposed security mechanism that allows servers to declare which contexts are permitted to load specific resources. Fetch Metadata serves as the runtime enforcement layer for such policies. By inspecting Sec-Fetch-Dest (e.g., image, script, iframe) and Sec-Fetch-Mode (e.g., navigate, no-cors), servers can reject mismatched requests—such as a <script> tag attempting to load a JSON API endpoint—preventing cross-site data leakage and speculative execution attacks.
Navigation Requests
Requests where Sec-Fetch-Mode: navigate indicates the browser is loading a new document, typically from a user clicking a link or entering a URL. These requests are the primary target for scraping bots that simulate human browsing. By combining Sec-Fetch-Site: cross-site with Sec-Fetch-Mode: navigate, servers can identify and challenge automated crawlers that traverse a site programmatically, distinguishing them from legitimate same-origin navigation flows.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us