Back to HTTP Headers
Request

HTTP Origin Header

Indicates where the request originates from. Used in CORS to determine if the server allows cross-origin requests.

Purpose

Tells the server the origin (scheme, host, and port) of the request for CORS validation and security purposes.

Origin: null Origin: <scheme>://<hostname>:<port> Example: Origin: https://myapp.com Example: Origin: https://myapp.com:3000

Code Examples

See how to use the Origin header in different tools and languages.

curl -H "Origin: https://myapp.com" -I https://api.example.com/data
# Check if the response allows this origin
# Access-Control-Allow-Origin: https://myapp.com

Related Headers

Access-Control-Allow-Origin

Part of the CORS (Cross-Origin Resource Sharing) system. Indicates whether the response can be shared with requesting code from a different origin.

Host

Specifies the domain name of the server and optionally the TCP port number. Mandatory in HTTP/1.1 requests.

Referer

Contains the address of the previous page from which the current page was requested. Used for analytics, logging, and cache optimization.

X-Requested-With

Identifies that the request was made with JavaScript (e.g., via XMLHttpRequest). Commonly used to distinguish AJAX requests from normal browser navigation.

Test Your APIs

API Response Time Checker

Test your APIs and inspect response headers in real-time

HTTP Headers Reference

Complete reference of all HTTP request and response headers

origin headerhttp originhttp headers guide