The Sec-Fetch-Dest header indicates the destination of the request, e.g. document, image, script, etc.
If the value is empty it means it will be used by a fetch call, this means you can differentiate between a request made with and without JS by checking if it's document (no JS) or empty (JS enabled).
// if the request was made with JS, we can just return json if (fetchDest(request) === "empty") returnjson(data); // otherwise we redirect to avoid a reload to trigger a new submission returnredirect(destination); }
The Sec-Fetch-Mode header indicates how the request was initiated, e.g. if the value is navigate it was triggered by the user loading the page, if the value is no-cors it could be an image being loaded.
import { fetchMode } from"remix-utils/sec-fetch";
exportasyncfunctionloader({ request }: Route.LoaderArgs) { letmode = fetchMode(request); // do something based on the mode value }
The Sec-Fetch-Site header indicates where the request is being made, e.g. same-origin means the request is being made to the same domain, cross-site means the request is being made to a different domain.
import { fetchSite } from"remix-utils/sec-fetch";
exportasyncfunctionloader({ request }: Route.LoaderArgs) { letsite = fetchSite(request); // do something based on the site value }
The Sec-Fetch-User header indicates if the request was initiated by the user, this can be used to differentiate between a request made by the user and a request made by the browser, e.g. a request made by the browser to load an image.
exportasyncfunctionloader({ request }: Route.LoaderArgs) { letuserInitiated = isUserInitiated(request); // do something based on the userInitiated value }
Install using
bunx shadcn@latest add @remix-utils/sec-fetch.This depends on
zod.The
Sec-Fetchheaders include information about the request, e.g. where is the data going to be used, or if it was initiated by the user.You can use the
remix-utils/sec-fetchutils to parse those headers and get the information you need.The
Sec-Fetch-Destheader indicates the destination of the request, e.g.document,image,script, etc.If the value is
emptyit means it will be used by afetchcall, this means you can differentiate between a request made with and without JS by checking if it'sdocument(no JS) orempty(JS enabled).The
Sec-Fetch-Modeheader indicates how the request was initiated, e.g. if the value isnavigateit was triggered by the user loading the page, if the value isno-corsit could be an image being loaded.The
Sec-Fetch-Siteheader indicates where the request is being made, e.g.same-originmeans the request is being made to the same domain,cross-sitemeans the request is being made to a different domain.The
Sec-Fetch-Userheader indicates if the request was initiated by the user, this can be used to differentiate between a request made by the user and a request made by the browser, e.g. a request made by the browser to load an image.Author
Sergio XalambrÃ