Sec-Fetch-Mode Header Has an Invalid Value
- Risk:
Informational
- Type:
- Passive
- CWE:
- 352
- Summary
- Allows to differentiate between requests for navigating between HTML pages and requests for loading resources like images, audio etc.
- Solution
- Sec-Fetch-Mode header must have one of the following values: cors, no-cors, navigate, same-origin, or websocket.