network request blocking safari

• PRO Courses Guides New Tech Help Pro Expert Videos About wikiHow Pro Upgrade Sign In
• EDIT Edit this Article
• EXPLORE Tech Help Pro About Us Random Article Quizzes Request a New Article Community Dashboard This Or That Game Popular Categories Arts and Entertainment Artwork Books Movies Computers and Electronics Computers Phone Skills Technology Hacks Health Men's Health Mental Health Women's Health Relationships Dating Love Relationship Issues Hobbies and Crafts Crafts Drawing Games Education & Communication Communication Skills Personal Development Studying Personal Care and Style Fashion Hair Care Personal Hygiene Youth Personal Care School Stuff Dating All Categories Arts and Entertainment Finance and Business Home and Garden Relationship Quizzes Cars & Other Vehicles Food and Entertaining Personal Care and Style Sports and Fitness Computers and Electronics Health Pets and Animals Travel Education & Communication Hobbies and Crafts Philosophy and Religion Work World Family Life Holidays and Traditions Relationships Youth
• Browse Articles
• Learn Something New
• Quizzes Hot
• This Or That Game
• Train Your Brain
• Explore More
• Support wikiHow
• About wikiHow
• Log in / Sign up
• Computers and Electronics
• Internet Browsers
• Safari Browser

How to Unblock Websites on Safari

Last Updated: March 16, 2024 References

This article was written by Luigi Oppido and by wikiHow staff writer, Nicole Levine, MFA . Luigi Oppido is the Owner and Operator of Pleasure Point Computers in Santa Cruz, California. Luigi has over 25 years of experience in general computer repair, data recovery, virus removal, and upgrades. He is also the host of the Computer Man Show! broadcasted on KSQD covering central California for over two years. This article has been viewed 58,472 times.

Need to access a website that's blocked on your Mac, iPhone, or iPad? We'll show you a variety of ways to access blocked sites in Safari, including those restricted by your school, work, or internet provider's network. We'll also show you how to unblock sites you've blocked yourself by changing parental controls and your Mac's hosts file.

Removing Parental Restrictions on an iPhone/iPad

• Use this method if you or someone else is restricting access to certain websites using the tools built into your iPhone or iPad.
• You're going to need the Content & Privacy Restrictions passcode to disable website blocking.

• If you want to continue blocking some websites, you can skip this step.

Removing Parental Restrictions on a Mac

• If the Mac is set up to use Family Sharing and the restrictions were created by a parent's account, you'll need to log into the Mac using the parent's account to make this change. [6] X Research source

• If you're using Family Sharing, click the menu in the sidebar and select the account you want to edit.

• If you want to keep blocking certain websites, you can skip this step.

Access Sites Blocked by Region or Network

• Some networks and providers may block your access to free proxy sites, so your mileage may vary.
• This method might not work if your parents, school, or company have set up parental controls on your computer, phone, or tablet.

• The best, safest, and most reliable VPN services are not free, but many have free trials and/or very affordable subscription prices. Some popular options are NordVPN , Private Internet Access , and ExpressVPN .
• If your parents, company, school, or other authority has restricted your ability to install software on your Mac, iPhone, or iPad, you won't be able to install a VPN.
• Once you sign up for a VPN service, you can download the service's Mac or iPhone/iPad software for a painless setup.

• While there is no official Tor browser for iPhones or iPads, the developers of Tor recommend using Onion Browser https://onionbrowser.com , a free Tor-based browser you can install from the App Store. [9] X Research source
• Some networks will block the Tor network, so this might not be effective for everyone.

Removing Sites from Mac Hosts File

• If you think you'll want to block the site again in the future, you can just place a hash symbol # before the line to comment it out. This tells your Mac to ignore this line until you remove that symbol.

• sudo killall -HUP mDNSResponder;sudo killall mDNSResponderHelper;sudo dscacheutil -flushcache .

Expert Q&A

You might also like.

• ↑ https://support.apple.com/en-us/HT201304
• ↑ https://support.apple.com/guide/mac-help/set-up-screen-time-for-a-child-mchlc5595037/12.0/mac/12.0
• ↑ https://support.apple.com/guide/mac-help/set-up-content-and-privacy-restrictions-mchl8490d51e/12.0/mac/12.0
• ↑ https://support.apple.com/guide/mac-help/change-content-privacy-preferences-screen-mchlbcf0dfe2/12.0/mac/12.0
• ↑ https://www.torproject.org/download/#downloads
• ↑ https://www.freecodecamp.org/news/how-to-flush-dns-on-mac-macos-clear-dns-cache/

About This Article

1. A free online proxy can help you access websites blocked by your school, work, or home network. 2. A VPN is the most reliable way to get around georestricted and network blocks. 3. Install Tor for another easy way to get to sites that are blocked. 4. If you blocked the site yourself, you can edit your Screen Time content restrictions or remove the blocked site from your Mac's hosts file. Did this summary help you? Yes No

• Send fan mail to authors

Is this article up to date?

Featured Articles

Trending Articles

Watch Articles

• Terms of Use
• Privacy Policy
• Do Not Sell or Share My Info
• Not Selling Info

Keep up with tech in just 5 minutes a week!

• Web Browser
• Google Chrome Browser
• Mozilla Firefox Browser
• Microsoft Edge Browser
• Apple Safari Browser
• Tor Browser
• Opera Browser
• DuckDuckGo Browser
• Brave Browser
• Basic and advance shortcut keys in Apple Safari Browser
• Hidden tricks inside Apple Safari Browser
• Bookmark in Apple Safari Browser
• Architecture of Apple Safari Browser
• Apple to Launch Search Engine to Rival Google

Safari for Developement

• DevTools in Apple Safari Browser
• Developer Mode in Safari Browser
• Debugger In Apple Safari Browser

Safari Tabs

• Console Tab in Safari Browser
• Sources Tab in Apple Safari Browser
• Storage Tab in Apple Safari Browser
• Elements Tab in Apple Safari Browser

Network Tab in Apple Safari Browser

• Web Capture Tabs in Apple Safari Browser

How to .. in Safari

• How to enable or disable split view in Apple Safari Browser ?
• How to disable or enable auto-play videos in Apple Safari Browser ?
• How to Allow Pop-Ups in Safari?
• How to use Safari for web development
• How to use inspect element in Chrome, Firefox and Safari ?
• How to Browse in Apple Safari Browser ?

The Safari network tab acts as a valuable developer tool designed to help web architects, designers, and people eager to uncover the complexities of loading a web web page and interacting with servers It’s a thing that is required in the Safari Developer Tools Suite, a number of applications in order to facilitate debugging and enhancing net pages for

In the Network Tab, the Internet page benefits from a function that monitors local activity and is thoroughly analyzed for a set period of time. This function provides useful insights on many things, such as retrieved content, the time needed to complete each useful input, the overall performance of the web page and this data store that is critical to tracking optimal website performance, finding capacity issues and enjoying passive customers.

Overview of Network Tab:

The Network tab in Safari serves the primary purpose of managing network requests from the web browser. While Safari does not categorize its Network Tabs into specific categories, the information it provides can be broken down into several main sections:

• Requests: In this section, you will find a detailed list of all network requests initiated by the network. Each request is presented as a row in the tab, providing important information such as the request method (e.g., GET, POST), URL of the object, status code, and size
• Period: Time lets you carefully allocate the time needed for each network request to complete. This partitioning includes various factors such as DNS resolution time, connection establishment, and duration of request and response. These moments prove invaluable in identifying complications in packaging.
• Title: Headers as shown in this section specify the request and response headers associated with each network request. This feature is especially handy when troubleshooting headers, such as those with Cross-Origin Resource Sharing (CORS).
• Example View: The Preview tab allows users to directly browse the content of specific objects, including HTML, CSS, JavaScript, or JSON, right in the Network tab. This functionality proves to be very helpful in managing the content of the response quickly.
• Founded by: The initiator column provides insight into what triggers a particular web request. This trigger can be a user action, such as clicking on a link or button, or from the execution of the script that initiated the request.

The Network tab in Safari offers a whole lot of precious functions for internet builders and architects. Let’s take a more in-depth look at a number of its key roles

• Real-time monitoring: The Network tab gives an in-flight view of community hobbies. As the net page loads, it presents the requests which have been submitted and the corresponding responses. This characteristic helps loads in identifying issues and optimizing performance in real-time.
• Filtering and Sorting: This tool lets you customise and configure network requests primarily based on criteria inclusive of request type, reputation code, domain, and greater. This function simplifies the process of figuring out precise requests that require your interest.
• Ask questions about: For each community request, you’ll have get admission to to special information, along with request reaction headers, timeouts, and reaction content material. This stage of detail is essential for trouble solving and product improvement.
• Initiator Series: The Initiator Chain function enables you recognize the foundation reason of a selected community request. It is particularly useful to know where sudden or undesirable requests have happened.
• Throttle and Performance Analysis: Safari’s Network tab allows you to simulate exclusive community situations to see how your network performs below distinctive conditions, consisting of gradual 3G or speedy 4G, an vital ability so as to flex to one-of-a-kind network connections They’ve been watching them meet
• HAR exports: You have the capability to export community facts in HAR (HTTP Archive) format, that’s the default format for writing HTTP offerings. This function proves beneficial for sharing net records with friends or other analytics using external tools.

The Safari Network tab gives many treasured benefits for web developers and architects:

• Increased productiveness: One of its fundamental benefits is its potential to reveal network requests and uptime. This characteristic lets in you to become aware of bottlenecks and first-class song resource loads, in the long run ensuing in faster web page load instances and an advanced person experience
• Debugging functions: The Network tab goes beyond page-degree facts, supplying specified insights into community requests, header chains, and trigger chains. This depth makes it an vital tool for troubleshooting community connectivity, inputs, and server connectivity.
• Troubleshooting CORS Problems: Where networks request assets from distinctive assets, CORS-associated demanding situations may get up. Network Tab involves the rescue through enabling you to discover and remedy those problems by means of scrutinizing the request reaction headers.
• Improves the consumer experience: After all, optimizing the community without delay affects the overall person revel in. By leveraging the power of the Network Tab, you may ensure that your web pages load faster and less complicated, reducing bounce prices and growing consumer engagement

When to Use?

The Network Tab in Safari acts as a multitasking tool with many applications. Here are guidelines on when and how to use them effectively:

Correct page loading:

• Use the Network Tab to test the loading of your websites.
• Identify any slow drivers, redundant files, or unnecessary requests.
• Make necessary optimizations to enhance the user experience and to ensure fast and smooth loading time.

Troubleshooting network issues:

• When your web browser encounters network-related errors such as failed requests or unexpected actions, the Network tab becomes your troubleshooting partner.
• Analyze the request header, response status, and timer to identify and resolve the underlying problem.

Testing on networks:

• Use throttling features to simulate network conditions.
• This allows you to measure the performance of your web page under different network speeds, assuring that it performs well for users with different levels of connectivity.

CORS information search:

• Where your network starts making requests for a particular zone and runs into CORS (Cross-Origin Resource Sharing) problems, go to the Network Tab.
• Here, you can monitor request and response headers, gaining insights to help understand and resolve cross-origin issues.

Third party content management:

• If your web application relies on external resources such as APIs or external scripts, carefully monitor their loading behavior using the Network tab.
• Ensure that these items load properly and do not cause performance issues that could hamper the overall performance of your website.

Steps to use Network Tab in Safari:

Here are the steps to use the Network Tab in Safari with images and pictures:

Step 1: Open Safari Developer Tools

First, go to Safari Developer Tools on your Mac to start things off. Here’s how you can do it:

• Launch Safari on your Mac.
• Go to the Safari menu, which can be found in the top left corner of your screen.
• Select “Preferences”/”Settings…” from the drop down menu.
• Go to the “Advanced” tab in the Preferences window.
• Look for the “Show Develop menu in the menu bar” option and make sure it is enabled. This is necessary to get developer tools.

Step 2: Open the website you want to manage

Now, it’s time to determine which network you want to monitor using the Network Tab. Make sure the web page loads completely before proceeding to the next step.

Step 3: Go to the Network Tab

Let’s go to the Network Tab. Follow these steps:

• Click on the “Develop” menu in the Safari menu bar at the top of your screen.
• A dropdown menu will appear. Select “Connect Web Inspector”/”Show Web Inspector” from this menu.

Step 4: Go to the Network Tab

Once you’re done with the Web Inspector, you’re almost there. Here’s what happens next:

• In the Web Inspector screen that appears, note the navigation tabs at the top.
• Click on the one labeled “Network” to go to the Network Tab.

Step 5: Monitor Network Activity

Now that you are in the Network Tab, you will see network requests and other useful information. This is where you can start viewing web activity while the web browser is running.

Step 6: Analyze Requests and Resources

This is where the real magic happens. You can explore network requests in more detail:

• Click on individual web requests to see the subject, time, and content previews of the requests and responses.
• Use filtering and sorting options to focus on specific requests or business issues.

Example Showing Usage

Let’s use a actual-international scenario to illustrate a way to efficiently use Safari’s Network tab. Imagine you are an internet developer tasked with enhancing the capability of a internet site. Large photo documents are thought to be responsible for slower web page loads. Here is how you could use the Network Tab to diagnose and remedy this trouble:

Step 1: Get Safari Developer Tools

As noted earlier, visit Safari Developer Tools and launch the Network Tab.

Step 2: Load the Website

Go to the specific website you need to search. For this demonstration, we can use the GFG internet site.

Step 3: Monitor Network Requests

Notice how the Network Tab populates network requests as the website masses. These requests will consist of diverse elements consisting of HTML, CSS, JavaScript, and pics.

Step 4: Determine photograph file sizes

Use the Network Tab to manage requests by way of length, that specialize in those large picture files that make contributions to sluggish page load times

Step 5: Optimize Image Loading

Once you have got identified these big image documents, paintings on growing their weight. You can do that by means of clicking on pictures, using responsive graphics strategies, or applying lazy-weighting to the photographs at the lowest of the preview location of ​​the internet page

Step 6: Confirm the performance development

Reload the web browser and take a look at the Network Tab once more. You ought to observe a lower in photograph loading time and an overall development in internet browser loading velocity.

In this situation, Safari’s Network tab played a key role in solving the overall performance challenges related to picture loading. This empowered you to enforce features that considerably advanced the overall performance of the website.

In precis, Safari’s Network tab stands as a versatile and powerful device, presenting precious insights into web web page loading and community connectivity. Whether your goal is to enhance internet site overall performance, edit network problems, or look for CORS data, the community tab is an important partner for web developers and architects Through its potential to implement the steps mentioned on this manual in addition you may assure a web web page that performs well and offers an extraordinary consumer experience.

Please Login to comment...

Similar reads.

• Apple Safari
• Geeks Premier League 2023
• Geeks Premier League
• Web Browsers

Improve your Coding Skills with Practice

What kind of Experience do you want to share?

Effective Ways to Block Websites on Safari

Learn different ways you can effectively block websites on the Safari browser.

If you're trying to control what websites are accessed on your Apple devices, then you may have wondered how you can block specific websites on Safari. Fortunately, there are a few different ways that you can do this on both MacOS and iOS.

There are a few ways to block websites in Safari. Consider combining these methods together if you are trying to prevent websites from easily being unblocked.

• Point your Apple device to a DNS Content Policy, which will allow you to block websites comprehensively in Safari.
• On MacOS, the hosts file is a reliable way to block websites on Safari.
• Adding to these methods, Apple's Screen Time web content filter can be used to specify website blocklists, which will block websites in Safari on a Mac or iOS device.

Configure a DNS Content Policy to Block Websites on Safari

The best way to block websites on Safari or other browsers is to set a DNS Content Policy . A Content Policy allows you to control what kinds of content your Apple devices can access in Safari, who can access it, and when it can be accessed.

You can specify domains that you want to block with a DNS Content Policy.

Furthermore, you can specific apps to block . For example. instead of blocking the facebook.com domain to block Facebook in Safari, you would update your DNS Content Policy to block the facebook app.

An ideal approach to blocking websites in Safari with a content policy is to block entire categories, which saves you from having to manually add tons of websites to a blocklist.

Sometimes, you don't want to block a website all the time. You can instead, block the website according to a schedule that you've set.

You can also invite people to  share your Content Policy , then apply different schedules for each person separately.

Want to prevent changes to your Content Policy? Lock your profile to prevent easily changing your own settings.

You can still make your content policy more restrictive, but will have to unlock your profile if you want to make it less restrictive. 

Block Websites on Safari Using Apple's Web Content Filter

You can access a useful web content filter through Apple parental controls . Screen Time can do more than just keep track of how much you use apps on your iPhone or Mac. It includes some basic website blocking features, that while easy to reset, can be used in certain situations.

Screen Time External link icon can be used on both Mac and iPad/iPhone devices. The first step is to find these settings.

On Mac, you should be able to use Spotlight to search for and open "Screen Time". You should be able to access a Content & Privacy section like this:

Credit: Apple Support

On iPhones, you need to open your device's Settings, then scroll down to Screen Time. The menu should look like this:

The instructions between iPhone and Mac are going to be slightly different.

Configuring the Web Content Filter to Block Websites in Safari on MacOS

First, open the Screen Time menu. You can do this by using Spotlight to search for and open "Screen Time".

From the main overview screen, click on the Content & Privacy Restrictions option from the side menu.

From here, you want to find Web Content entry (this should be under the Content tab). You can choose to set this to Limit Adult Websites .

To block specific websites that you manually specify, you'll need to click the Customize button at the bottom of the Web Content entry.

From here, you should see two options:

• Always Allow : Allow a website always.
• Never Allow : Blocks a website you choose.

Any websites that you want to block should be added to the Never Allow list.

Configuring the Web Content Filter to Block Websites in Safari on iPhone/iPad

If your main goal is to block websites on iPhone , using Screen Time is going to be one of your best friends. 

On iOS, scroll down from Screen Time's main menu. Tap Content & Privacy Restrictions :

Make sure that you enable the checkbox near the top of the screen first.

From the Content & Privacy Restrictions menu, tap Content Restrictions .

From this new menu, you will see several options. The one we're interested in is Web Content :

From here, you will three options:

• Unrestricted Access : The default option. This doesn't impose any kind of restrictions.
• Limit Adult Websites : Limits most adult websites. With this option enabled, you gain the ability to enforce a simple whitelist and blacklist.
• Allowed Websites Only : A severely restrictive option that blocks all website but the ones you've specifically allowed. This can cause issues on some websites, so we don't recommend this unless you know what you're doing.

If you want to block a specific website, you will need to choose either Limit Adult Websites or Allowed Websites Only . We strongly recommend choosing Limit Adult Websites , since Allowed Websites Only  requires a much more advanced setup.

You may have noticed that the screenshot above has Limit Adult Websites already selected. This won't be the default option, but once you've selected it, you will see two other options appear near the bottom of the menu:

• Always Allow : This allows a website to be visited, regardless of other restrictions you've set up.
• Never Allow : This lets you block websites you choose. 

If you want to block a website, add it to the Never Allow list . 

How do I delete entries I've added?

Screen Time is a good place to start, however, if you're interested in creating the simplest setup possible, we have a guide that explains all of the different ways to create your own dumb iPhone .

Block Websites in Safari Using the Hosts File

An even better option to block website than Screen Time is by editing the Hosts file . Unfortunately, this option is only available on MacOS and can't be used on iOS.

The Hosts File is a special file on your computer that blocks websites at the network level. You will have to find its location on your system, then add entries to it manually. However, the added benefit over Screen Time is two-fold:

• The Hosts file is harder to find and edit than Screen Time. This means that it's less likely (and more difficult) for websites to be unblocked later on. You might consider this approach if bypass prevention is your focus.
• The Hosts file blocking technique works will block websites in other browsers as well, not just Safari.

However, before you begin changing your Hosts file, it's important to keep in mind a few limitations:

• The Hosts file can be modified by any account with admin access. Determined users can still re-enable websites you've blocked .
• Unless you know what you're doing, modifying the Hosts file can cause issues that are difficult to troubleshoot. You should carefully follow our instructions.
• Adding to many entries to your Hosts file can slow down your Mac computer , so limit the number of websites block to less than 1000.

Adding entries to your Hosts file is a bit more complicated than we can get into with this article, so check out our free guide on how to block websites with the Hosts file  to learn more!

Block Websites

How to use the hosts file to Block Adult Websites

Quickly block thousands of websites for free using the computers hosts file. This is one of the easiest and free ways to block porn on PC.

Limit the Safari Browser on Mac

If you configure a managed MacOS device, you can significantly limit the functionality of the Safari browser - turning it into a "dumb browser."

Using managed mode on MacOS, you have a large list of configuration options available to you. In Safari, you can choose to:

• Disable Private Browsing.
• Hide images on webpages.
• Disable JavaScript.
• Block cookies

Frequently Asked Questions

What's the best way to block websites in safari.

You might try using Screen Time to block websites. You can go a step further and block the website on your Hosts file. However, there are a few problems with relying on these methods alone:

• Screen Time can be powerful, but it's also too easy to disable.
• The Hosts file can be tricky to navigate and make changes to in the future.
• In either case, if you want to block thousands of websites (or entire categories of websites), it's not feasible with either method.

Using a DNS Content Policy to block websites solves for these issues since you can block entire categories or specific apps in addition to specifying website domains. A DNS Content Policy lets you block in a more comprehensive way and is harder to bypass compared to the other methods.

How do I block entire website categories?

If you want to block entire categories of websites instead of managing your own lists, Apple Screen Time allows you to limit Adult Websites, which automatically selects a large list of websites to block.

Additionally, a DNS Content Policy allows you to choose from hundreds of different website categories so you can pick almost any category or app that you can think of.

Tech Lockdown DNS Content Policy rule categories

Tech Lockdown DNS Content Policy rule Lifestyle categories

How do I Disable Safari Entirely?

Some people opt to get rid of the Safari browser entirely since it has limited options for enforcing settings or using browser extensions that work on Chrome.

Another option you can consider is to hide or disable the safari browser  on your device. You can then use another browser to enforce other restrictions, or just not use Safari on that device.

Disable Safari

How to Block the Safari Browser on Apple Devices

Blocking Safari is not straightforward. However, there are a few effective ways to disable or limit Safari on Apples devices like Mac and iPhone.

If Safari isn't loading websites or quits on your iPhone, iPad, or iPod touch

If you can't load a website or webpage, or Safari quits unexpectedly, follow these steps.

Connect to a different network

Try to load a website, like www.apple.com , using cellular data. If you don't have cellular data, connect to a different Wi-Fi network , then load the website.

If you're using a VPN (Virtual Private Network), check your VPN settings . If you have a VPN turned on, some apps or websites might block content from loading.

Restart your device

Turn off your device and turn it on again.

Restart your iPhone

Restart your iPad

Restart your iPod touch

Clear website data

You can clear website data occasionally to improve Safari performance.

Go to Settings > Safari.

Tap Clear History and Website Data.

Tap Clear History to confirm.

Turn on JavaScript

Turn on JavaScript if it's not already on.

Go to Settings > Safari > Advanced.

Turn on JavaScript.

Get more help

If the issue continues and only affects a certain website or webpage, check if you have Private Relay turned on. You can temporarily turn off Private Relay in iCloud Settings . If Safari still doesn't load websites and you tried all of these steps, contact the website developer for more help.

Explore Apple Support Community

Find what’s been asked and answered by Apple customers.

Contact Apple Support

Need more help? Save time by starting your support request online and we'll connect you to an expert.

This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

Network request blocking tool

• 3 contributors

Use the Network request blocking tool to check how a webpage looks and behaves when some resources are unavailable, such as image files, JavaScript files, fonts, or CSS stylesheets. Use this tool to test blocking network requests to a specified URL pattern and see how a webpage behaves.

When a webpage depends on external resources that are hosted on other servers than the HTML webpage, sometimes those servers might be unresponsive or unavailable to some users. When this happens, some resources that your webpage depends on might not be retrieved by the web browser. It's important to check how your webpage behaves when external resources fail to load. Test whether the webpage handles missing resources gracefully, or appears broken to your users.

After you create blocked network requests and test the webpage, you can then edit or delete the blocked network requests.

Block a network request

To block a network request:

Go to the webpage for which you want to block network requests. For example, open the accessibility-testing demo page in a new tab or window. This webpage contains images that you'll block using the Network request blocking tool.

To open DevTools, right-click the webpage, and then select Inspect . Or, press Ctrl+Shift+I (Windows, Linux) or Command+Option+I (macOS).

In the Text pattern to block matching requests text box, type *.jpg . This blocks all requests for JPEG images.

You can do any of the following:

• Type the full URL.
• Type only the domain name, to block all requests from this domain.
• Replace parts of the URL with * , for wildcard pattern matching.

For example, contoso.com matches URLs like:

• https://contoso.com
• https://subdomain.contoso.com
• https://subdomain.contoso.com/path/to/resource

And *.jpg matches URLs like:

• https://www.contoso.com/resource.jpg
• http://third-party.com/6469272/163348534-b90ea1a3-c33cbeb1aed8.jpg

Click the Add button:

Refresh the page. All JPEG images are blocked, so in the rendered webpage, each image is indicated as missing, by a "broken image" icon. The number of blocked network requests is indicated in the Network request blocking tool:

• Block requests in Inspect network activity .

Delete a blocked network request

To delete a specific network blocking request pattern:

To delete all network blocking requests at once:

Modify a blocked network request

To change an existing blocked network request:

Toggle network request blocking

To toggle network request blocking without having to delete and re-create all of the blocked network requests:

In the toolbar, select or clear the Enable network request blocking checkbox:

Block a network request by using the Network tool

You can block network requests that are made by your webpage either by using the Network request blocking tool or by using the Network tool.

To block network requests by using the Network tool:

Go to the webpage for which you want to block network requests. For example, open the accessibility-testing demo page in a new tab or window.

To open DevTools, right-click the webpage, and then select Inspect . Or, press Ctrl+Shift+I (Windows, Linux) or Command+Option+I (macOS). DevTools opens.

In the table of network requests in the bottom pane, find the network request that you want to block.

Right-click the network request, and then click Block request URL to block this specific resource, or Block request domain to block all resources from the same domain:

Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback .

Submit and view feedback for

Additional resources

the network request in Safari web extension does't contain cookie header

Chrome extensions use the chrome-extension:// URL scheme, which appears as cross-site to anything https:// or http://. The fix, which is to treat extension-initiated requests as same-site*, is available in Chrome 79 and later. Some use cases involving requests made from web frames on extension pages may also behave differently in Chrome 80. If you test on newer (80+) versions of Chrome and find that your extension is still broken, please file a bug on crbug.com using this template.

• Help Center
• Google Search
• Privacy Policy
• Terms of Service
• Submit feedback
• Announcements

Resolve Google Search’s "Unusual traffic from your computer network" message

If a network you use, including VPN networks, seems to be sending automated traffic to Google Search, you might get the message “Our systems have detected unusual traffic from your computer network.”

What to do when you get this message

The message most likely shows a reCAPTCHA. To confirm that you’re a person and not a robot, solve the reCAPTCHA. After you solve it, the message goes away, and you can use Google again.

If you don't get a reCAPTCHA, check if:

• Your browser is supported by reCAPTCHA
• JavaScript is enabled

Learn how to solve a reCAPTCHA .

What to do if you continue to get the message

Here's what you can do if you continue to get the "Unusual traffic from your computer network" message:

• You or another user on your network might have malware, which is malicious software that can be installed on your computer without your knowledge. Some malware can cause Google to show this message.
• You could get this message if others that use the same network you use, like at a school or business, are sending automated searches to Google.
• You could get this message if others that use the same Virtual Private Network (VPN) you use are sending automated searches to Google.
• This can also happen with IPv6 tunnel services.
• Some VPNs and tunnel services cause all traffic to be blocked because they make it impossible for Google to tell the difference between abusive and non-abusive traffic.
• You could get this message if others that use the same internet provider you use are sending automated searches to Google.

What to do if you’re a network administrator or provider

If you administer a network or are an internet service or VPN provider, locate the sources of automated traffic to Google and block them. Once the automated searches have stopped, your users should be able to search normally on Google.

Network administrators or others should thoroughly review before they buy IP space from an IP broker. If possible, ask to test the network first to make sure it can access major websites and doesn’t have any existing blocks on it.

What Google considers automated traffic

• Computer programs
• Automated services
• Search scrapers
• Use of software that sends searches to Google to find how a website or web page ranks on Google

Was this helpful?

Need more help, try these next steps:.

Web Inspector Reference Local Overrides

Creating local overrides, configuring local overrides, exporting local overrides.

As web development workflows have gotten more complicated, it’s become increasingly difficult to make quick changes to a resource and upload it to a server to test.

Some parts of a page’s content can be modified live using Web Inspector, such as CSS or any JavaScript values, but these changes are not persistent across page reloads/navigations.

Often, however, the desired change is a modification to the control flow of a loaded script or data included with network activity.

In these cases, Web Inspector is in a perfect position to intercept the network activity and replace/block it with a Local Override , allowing for quick local testing without having to modify anything on a server.

When Web Inspector is open, network requests made by the inspected page that match the URL of a Local Override will instead use data from that Local Override in Web Inspector rather than from the network or memory/disk cache.

Local Overrides can be created in a few ways:

• Right-clicking on links or tree items that correspond to a resource loaded from the network and selecting Create Request Local override , Create Response Local Override , or Block Request URL .
• Dragging and dropping a file over any non-text-based resource loaded from the network. This will create a Response Local Override with the MIME type and contents of the dropped file, but with the response status, and response headers of the selected resource.
• Selecting Local Override… when creating a resource . This will create an “empty” Local Override that needs to be configured before it will have any effect.

When a Local Override is created from a resource, the Local Override will copy relevant data from resource depending on the type of the Local Override . For Request Local Overrides , the resource’s URL, method, and request headers are copied. For Response Local Overrides , the resource’s URL, MIME type, status code, status text, and response headers are copied.

Once there is at least one Local Override in Web Inspector, the Local Overrides section will become visible in the Navigation Sidebar in the Sources Tab . All Local Overrides , as well as the Inspector Bootstrap Script , can be found here.

Local Overrides are persistent across Web Inspector sessions, but keep in mind that Local Overrides don’t have an effect unless Web Inspector is open, and only apply the next time a resource is loaded that matches it’s configured URL.

Modifying the content of a Local Override is as simple as selecting it in the Navigation Sidebar and interacting with the controls in the Main Content Area . Response Local Overrides show the contents of the network response. Request Local Overrides show the request data. Blocking Local Overrides show a dropdown to choose the kind of error to block matching network requests.

For non-text-based resources, dragging and dropping a file over the content view will update the content and MIME type of the Response Local Override using the dropped file’s contents and inferred MIME type.

If the desired changes are not related to the content, however, right-clicking on any Local Override tree item and selecting Edit Local Override… will show a popover with inputs for modifying data for that Local Override .

Checking the Regular Expression checkbox will instead treat the URL as a regular expression, allowing a single Local Override to match multiple resources. This can be especially useful for matching against URLs with query parameters.

If no Headers are provided, the original headers will be used.

Request Local Overrides with a regular expression URL can use capture groups (e.g. $1 ) inside the Redirect URL.

Response Local Overrides can be configured to Skip Network , which will cause Web Inspector to immediately respond with that Response Local Override ‘s data when intercepting a matching network request, thereby preventing that network request from actually being sent.

Exporting the contents of a Local Override works just like any other resource, in that pressing ⌘   S when viewing the contents of a Local Override or selecting Save File after right-clicking on any Local Override tree item will show a save file dialog.

Identifying Overridden Resources

Whenever a resource is overriden by a Local Override , it’s icon is inverted throughout Web Inspector.

When looking at the content view for that resource, a banner is shown at the top with a button to Reveal the corresponding Local Override .

Written January 14, 2020 by Devin Rousso and Joseph Pecoraro

Last updated June 2, 2022 by Devin Rousso

• Español – América Latina
• Português – Brasil
• Tiếng Việt
• Chrome Extensions

chrome.webRequest

Description.

Use the chrome.webRequest API to observe and analyze traffic and to intercept, block, or modify requests in-flight.

Permissions

You must declare the "webRequest" permission in the extension manifest to use the web request API, along with the necessary host permissions . To intercept a sub-resource request, the extension must have access to both the requested URL and its initiator. For example:

webRequestBlocking

Required to register blocking event handlers. As of Manifest V3, this is only available to policy installed extensions.

webRequestAuthProvider

Required to use the onAuthRequired method. See Handling authentication .

Concepts and usage

Life cycle of requests.

The web request API defines a set of events that follow the life cycle of a web request. You can use these events to observe and analyze traffic. Certain synchronous events will allow you to intercept, block, or modify a request.

The event life cycle for successful requests is illustrated here, followed by event definitions:

The web request API guarantees that for each request, either onCompleted or onErrorOccurred is fired as the final event with one exception: If a request is redirected to a data:// URL, onBeforeRedirect is the last reported event.

* Note that the web request API presents an abstraction of the network stack to the extension. Internally, one URL request can be split into several HTTP requests (for example, to fetch individual byte ranges from a large file) or can be handled by the network stack without communicating with the network. For this reason, the API does not provide the final HTTP headers that are sent to the network. For example, all headers that are related to caching are invisible to the extension.

The following headers are currently not provided to the onBeforeSendHeaders event. This list is not guaranteed to be complete or stable.

• Authorization
• Cache-Control
• Content-Length
• If-Modified-Since
• If-None-Match
• Partial-Data
• Proxy-Authorization
• Proxy-Connection
• Transfer-Encoding

Starting from Chrome 79, request header modifications affect Cross-Origin Resource Sharing (CORS) checks. If modified headers for cross-origin requests do not meet the criteria, it will result in sending a CORS preflight to ask the server if such headers can be accepted. If you really need to modify headers in a way to violate the CORS protocol, you need to specify 'extraHeaders' in opt_extraInfoSpec . On the other hand, response header modifications do not work to deceive CORS checks. If you need to deceive the CORS protocol, you also need to specify 'extraHeaders' for the response modifications.

Starting from Chrome 79, the webRequest API does not intercept CORS preflight requests and responses by default. A CORS preflight for a request URL is visible to an extension if there is a listener with 'extraHeaders' specified in opt_extraInfoSpec for the request URL. onBeforeRequest can also take 'extraHeaders' from Chrome 79.

Starting from Chrome 79, the following request header is not provided and cannot be modified or removed without specifying 'extraHeaders' in opt_extraInfoSpec :

Starting from Chrome 72, if you need to modify responses before Cross Origin Read Blocking (CORB) can block the response, you need to specify 'extraHeaders' in opt_extraInfoSpec .

Starting from Chrome 72, the following request headers are not provided and cannot be modified or removed without specifying 'extraHeaders' in opt_extraInfoSpec :

• Accept-Language
• Accept-Encoding

Starting from Chrome 72, the Set-Cookie response header is not provided and cannot be modified or removed without specifying 'extraHeaders' in opt_extraInfoSpec .

Starting from Chrome 89, the X-Frame-Options response header cannot be effectively modified or removed without specifying 'extraHeaders' in opt_extraInfoSpec .

The webRequest API only exposes requests that the extension has permission to see, given its host permissions . Moreover, only the following schemes are accessible: http:// , https:// , ftp:// , file:// , ws:// (since Chrome 58), wss:// (since Chrome 58), urn: (since Chrome 91), or chrome-extension:// . In addition, even certain requests with URLs using one of the above schemes are hidden. These include chrome-extension://other_extension_id where other_extension_id is not the ID of the extension to handle the request, https://www.google.com/chrome , and other sensitive requests core to browser functionality. Also synchronous XMLHttpRequests from your extension are hidden from blocking event handlers in order to prevent deadlocks. Note that for some of the supported schemes the set of available events might be limited due to the nature of the corresponding protocol. For example, for the file: scheme, only onBeforeRequest , onResponseStarted , onCompleted , and onErrorOccurred may be dispatched.

Starting from Chrome 58, the webRequest API supports intercepting the WebSocket handshake request. Since the handshake is done by means of an HTTP upgrade request, its flow fits into HTTP-oriented webRequest model. Note that the API does not intercept :

• Individual messages sent over an established WebSocket connection.
• WebSocket closing connection.

Redirects are not supported for WebSocket requests.

Starting from Chrome 72, an extension will be able to intercept a request only if it has host permissions to both the requested URL and the request initiator.

Starting from Chrome 96, the webRequest API supports intercepting the WebTransport over HTTP/3 handshake request. Since the handshake is done by means of an HTTP CONNECT request, its flow fits into HTTP-oriented webRequest model. Note that:

• Once the session is established, extensions cannot observe or intervene in the session via the webRequest API.
• Modifying HTTP request headers in onBeforeSendHeaders is ignored.
• Redirects and authentications are not supported in WebTransport over HTTP/3.

Request IDs

Each request is identified by a request ID. This ID is unique within a browser session and the context of an extension. It remains constant during the life cycle of a request and can be used to match events for the same request. Note that several HTTP requests are mapped to one web request in case of HTTP redirection or HTTP authentication.

Registering event listeners

To register an event listener for a web request, you use a variation on the usual addListener() function . In addition to specifying a callback function, you have to specify a filter argument, and you may specify an optional extra info argument.

The three arguments to the web request API's addListener() have the following definitions:

Here's an example of listening for the onBeforeRequest event:

Each addListener() call takes a mandatory callback function as the first parameter. This callback function is passed a dictionary containing information about the current URL request. The information in this dictionary depends on the specific event type as well as the content of opt_extraInfoSpec .

If the optional opt_extraInfoSpec array contains the string 'blocking' (only allowed for specific events), the callback function is handled synchronously. That means that the request is blocked until the callback function returns. In this case, the callback can return a webRequest.BlockingResponse that determines the further life cycle of the request. Depending on the context, this response allows canceling or redirecting a request ( onBeforeRequest ), canceling a request or modifying headers ( onBeforeSendHeaders , onHeadersReceived ), and canceling a request or providing authentication credentials ( onAuthRequired ).

If the optional opt_extraInfoSpec array contains the string 'asyncBlocking' instead (only allowed for onAuthRequired ), the extension can generate the webRequest.BlockingResponse asynchronously.

The webRequest.RequestFilter filter allows limiting the requests for which events are triggered in various dimensions:

Depending on the event type, you can specify strings in opt_extraInfoSpec to ask for additional information about the request. This is used to provide detailed information on request's data only if explicitly requested.

Handling authentication

To handle requests for HTTP authentication, add the "webRequestAuthProvider" permission to your manifest file:

Note that this permission is not required for a policy installed extension with the "webRequestBlocking" permission.

To provide credentials synchronously:

To provide credentials asynchronously:

Implementation details

Several implementation details can be important to understand when developing an extension that uses the web request API:

web_accessible_resources

When an extension uses webRequest APIs to redirect a public resource request to a resource that is not web accessible, it is blocked and will result in an error. The above holds true even if the resource that is not web accessible is owned by the redirecting extension. To declare resources for use with declarativeWebRequest APIs, the "web_accessible_resources" array must be declared and populated in the manifest as documented here .

Conflict resolution

In the current implementation of the web request API, a request is considered canceled if at least one extension instructs to cancel the request. If an extension cancels a request, all extensions are notified by an onErrorOccurred event. Only one extension can redirect a request or modify a header at a time. If more than one extension attempts to modify the request, the most recently installed extension wins, and all others are ignored. An extension is not notified if its instruction to modify or redirect has been ignored.

Chrome employs two caches—an on-disk cache and a very fast in-memory cache. The lifetime of an in-memory cache is attached to the lifetime of a render process, which roughly corresponds to a tab. Requests that are answered from the in-memory cache are invisible to the web request API. If a request handler changes its behavior (for example, the behavior according to which requests are blocked), a simple page refresh might not respect this changed behavior. To ensure the behavior change goes through, call handlerBehaviorChanged() to flush the in-memory cache. But don't do it often; flushing the cache is a very expensive operation. You don't need to call handlerBehaviorChanged() after registering or unregistering an event listener.

The timestamp property of web request events is only guaranteed to be internally consistent. Comparing one event to another event will give you the correct offset between them, but comparing them to the current time inside the extension (via (new Date()).getTime() , for instance) might give unexpected results.

Error handling

If you try to register an event with invalid arguments, then a JavaScript error will be thrown, and the event handler will not be registered. If an error is thrown while an event is handled or if an event handler returns an invalid blocking response, an error message is logged to your extension's console, and the handler is ignored for that request.

The following example illustrates how to block all requests to www.evil.com :

As this function uses a blocking event handler, it requires the "webRequest" as well as the "webRequestBlocking" permission in the manifest file.

The following example achieves the same goal in a more efficient way because requests that are not targeted to www.evil.com do not need to be passed to the extension:

The following example illustrates how to delete the User-Agent header from all requests:

To try the chrome.webRequest API, install the webRequest sample from the chrome-extension-samples repository.

BlockingResponse

Returns value for event handlers that have the 'blocking' extraInfoSpec applied. Allows the event handler to modify network requests.

object  optional

Only used as a response to the onAuthRequired event. If set, the request is made using the supplied credentials.

boolean  optional

If true, the request is cancelled. This prevents the request from being sent. This can be used as a response to the onBeforeRequest, onBeforeSendHeaders, onHeadersReceived and onAuthRequired events.

string  optional

Only used as a response to the onBeforeRequest and onHeadersReceived events. If set, the original request is prevented from being sent/completed and is instead redirected to the given URL. Redirections to non-HTTP schemes such as data: are allowed. Redirects initiated by a redirect action use the original request method for the redirect, with one exception: If the redirect is initiated at the onHeadersReceived stage, then the redirect will be issued using the GET method. Redirects from URLs with ws:// and wss:// schemes are ignored .

HttpHeaders   optional

Only used as a response to the onBeforeSendHeaders event. If set, the request is made with these request headers instead.

Only used as a response to the onHeadersReceived event. If set, the server is assumed to have responded with these response headers instead. Only return responseHeaders if you really want to modify the headers in order to limit the number of conflicts (only one extension may modify responseHeaders for each request).

FormDataItem

Contains data passed within form data. For urlencoded form it is stored as string if data is utf-8 string and as ArrayBuffer otherwise. For form-data it is ArrayBuffer. If form-data represents uploading file, it is string with filename, if the filename is provided.

ArrayBuffer

HttpHeaders

An array of HTTP headers. Each header is represented as a dictionary containing the keys name and either value or binaryValue .

number[]  optional

Value of the HTTP header if it cannot be represented by UTF-8, stored as individual byte values (0..255).

Name of the HTTP header.

Value of the HTTP header if it can be represented by UTF-8.

IgnoredActionType

"redirect"

"request_headers"

"response_headers"

"auth_credentials"

OnAuthRequiredOptions

"responseHeaders" Specifies that the response headers should be included in the event.

"blocking" Specifies the request is blocked until the callback function returns.

"asyncBlocking" Specifies that the callback function is handled asynchronously.

"extraHeaders" Specifies that headers can violate Cross-Origin Resource Sharing (CORS).

OnBeforeRedirectOptions

Onbeforerequestoptions.

"requestBody" Specifies that the request body should be included in the event.

OnBeforeSendHeadersOptions

"requestHeaders" Specifies that the request header should be included in the event.

OnCompletedOptions

Onerroroccurredoptions.

"extraHeaders"

OnHeadersReceivedOptions

Onresponsestartedoptions, onsendheadersoptions.

RequestFilter

An object describing filters to apply to webRequest events.

number  optional

ResourceType []  optional

A list of request types. Requests that cannot match any of the types will be filtered out.

A list of URLs or URL patterns. Requests that cannot match any of the URLs will be filtered out.

ResourceType

"main_frame" Specifies the resource as the main frame.

"sub_frame" Specifies the resource as a sub frame.

"stylesheet" Specifies the resource as a stylesheet.

"script" Specifies the resource as a script.

"image" Specifies the resource as an image.

"font" Specifies the resource as a font.

"object" Specifies the resource as an object.

"xmlhttprequest" Specifies the resource as an XMLHttpRequest.

"ping" Specifies the resource as a ping.

"csp_report" Specifies the resource as a Content Security Policy (CSP) report.

"media" Specifies the resource as a media object.

"websocket" Specifies the resource as a WebSocket.

"webbundle" Specifies the resource as a WebBundle.

"other" Specifies the resource as a type not included in the listed types.

Contains data uploaded in a URL request.

any  optional

An ArrayBuffer with a copy of the data.

A string with the file's path and name.

MAX_HANDLER_BEHAVIOR_CHANGED_CALLS_PER_10_MINUTES

The maximum number of times that handlerBehaviorChanged can be called per 10 minute sustained interval. handlerBehaviorChanged is an expensive function call that shouldn't be called often.

handlerBehaviorChanged()

Needs to be called when the behavior of the webRequest handlers has changed to prevent incorrect handling due to caching. This function call is expensive. Don't call it often.

function  optional

The callback parameter looks like: () => void

Promise<void>

Promises are supported in Manifest V3 and later, but callbacks are provided for backward compatibility. You cannot use both on the same function call. The promise resolves with the same type that is passed to the callback.

onActionIgnored

Fired when an extension's proposed modification to a network request is ignored. This happens in case of conflicts with other extensions.

The callback parameter looks like: (details: object) => void

The proposed action which was ignored.

The ID of the request. Request IDs are unique within a browser session. As a result, they could be used to relate different events of the same request.

onAuthRequired

Fired when an authentication failure is received. The listener has three options: it can provide authentication credentials, it can cancel the request and display the error page, or it can take no action on the challenge. If bad user credentials are provided, this may be called multiple times for the same request. Note, only one of 'blocking' or 'asyncBlocking' modes must be specified in the extraInfoSpec parameter.

The callback parameter looks like: (details: object, asyncCallback?: function) =>  BlockingResponse  | undefined

The server requesting authentication.

The UUID of the document making the request.

extensionTypes.DocumentLifecycle

The lifecycle the document is in.

The value 0 indicates that the request happens in the main frame; a positive value indicates the ID of a subframe in which the request happens. If the document of a (sub-)frame is loaded ( type is main_frame or sub_frame ), frameId indicates the ID of this frame, not the ID of the outer frame. Frame IDs are unique within a tab.

extensionTypes.FrameType

The type of frame the request occurred in.

The origin where the request was initiated. This does not change through redirects. If this is an opaque origin, the string 'null' will be used.

True for Proxy-Authenticate, false for WWW-Authenticate.

Standard HTTP method.

The UUID of the parent document owning this frame. This is not set if there is no parent.

ID of frame that wraps the frame which sent the request. Set to -1 if no parent frame exists.

The authentication realm provided by the server, if there is one.

The HTTP response headers that were received along with this response.

The authentication scheme, e.g. Basic or Digest.

Standard HTTP status code returned by the server.

HTTP status line of the response or the 'HTTP/0.9 200 OK' string for HTTP/0.9 responses (i.e., responses that lack a status line) or an empty string if there are no headers.

The ID of the tab in which the request takes place. Set to -1 if the request isn't related to a tab.

The time when this signal is triggered, in milliseconds since the epoch.

How the requested resource will be used.

The asyncCallback parameter looks like: (response:  BlockingResponse ) => void

BlockingResponse  | undefined

If "blocking" is specified in the "extraInfoSpec" parameter, the event listener should return an object of this type.

OnAuthRequiredOptions []  optional

onBeforeRedirect

Fired when a server-initiated redirect is about to occur.

Indicates if this response was fetched from disk cache.

The server IP address that the request was actually sent to. Note that it may be a literal IPv6 address.

The new URL.

The HTTP response headers that were received along with this redirect.

OnBeforeRedirectOptions []  optional

onBeforeRequest

Fired when a request is about to occur.

The callback parameter looks like: (details: object) =>  BlockingResponse  | undefined

extensionTypes.DocumentLifecycle   optional

extensionTypes.FrameType   optional

Contains the HTTP request body data. Only provided if extraInfoSpec contains 'requestBody'.

Errors when obtaining request body data.

If the request method is POST and the body is a sequence of key-value pairs encoded in UTF8, encoded as either multipart/form-data, or application/x-www-form-urlencoded, this dictionary is present and for each key contains the list of all values for that key. If the data is of another media type, or if it is malformed, the dictionary is not present. An example value of this dictionary is {'key': ['value1', 'value2']}.

UploadData []  optional

If the request method is PUT or POST, and the body is not already parsed in formData, then the unparsed request body elements are contained in this array.

OnBeforeRequestOptions []  optional

onBeforeSendHeaders

Fired before sending an HTTP request, once the request headers are available. This may occur after a TCP connection is made to the server, but before any HTTP data is sent.

The HTTP request headers that are going to be sent out with this request.

OnBeforeSendHeadersOptions []  optional

onCompleted

Fired when a request is completed.

OnCompletedOptions []  optional

onErrorOccurred

Fired when an error occurs.

The UUID of the document making the request. This value is not present if the request is a navigation of a frame.

The error description. This string is not guaranteed to remain backwards compatible between releases. You must not parse and act based upon its content.

OnErrorOccurredOptions []  optional

onHeadersReceived

Fired when HTTP response headers of a request have been received.

The HTTP response headers that have been received with this response.

HTTP status line of the response or the 'HTTP/0.9 200 OK' string for HTTP/0.9 responses (i.e., responses that lack a status line).

OnHeadersReceivedOptions []  optional

onResponseStarted

Fired when the first byte of the response body is received. For HTTP requests, this means that the status line and response headers are available.

OnResponseStartedOptions []  optional

onSendHeaders

Fired just before a request is going to be sent to the server (modifications of previous onBeforeSendHeaders callbacks are visible by the time onSendHeaders is fired).

The HTTP request headers that have been sent out with this request.

OnSendHeadersOptions []  optional

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2024-05-24 UTC.

Advertisement

Supported by

Why the U.S. Is Forcing TikTok to Be Sold or Banned

Lawmakers in numerous countries have expressed concerns that TikTok, which is owned by the Chinese company ByteDance, may expose sensitive user data.

• Share full article

By Sapna Maheshwari and Amanda Holpuch

Concerns that the Chinese government could access sensitive user data through the short-form video app TikTok, which is owned by the Chinese company ByteDance, have prompted the U.S. government to pass legislation banning the social media platform unless it is sold to a government-approved buyer.

After President Biden signed into law legislation that gives ByteDance up to a year to divest from TikTok, the company sued the federal government in a case that is likely to end up in front of the Supreme Court.

Here’s why the pressure has been ratcheted up on TikTok.

It all comes down to China.

Lawmakers and regulators in the West have increasingly expressed concern that TikTok and its parent company, ByteDance, may put sensitive user data, like location information, into the hands of the Chinese government. They have pointed to laws that allow the Chinese government to secretly demand data from Chinese companies and citizens for intelligence-gathering operations.

They are also worried that China could use TikTok’s content recommendations to fuel misinformation, a concern that has escalated in the United States during the Israel-Hamas war and the presidential election. Critics say that TikTok has fueled the spread of antisemitism.

TikTok has long denied such allegations and has tried to distance itself from ByteDance, which is considered to be one of the world’s most highly valued start-ups .

Have any other countries banned TikTok?

Yes, India did in 2020 , costing ByteDance one of its biggest markets. The government there cracked down on hundreds of Chinese-owned apps , claiming in part that they were secretly transmitting users’ data to foreign servers.

Other countries and government bodies — including Britain and its Parliament , Australia , Canada , the executive arm of the European Union , France and New Zealand’s Parliament — have banned the app from official devices. Taiwan’s minister of digital affairs recently declared TikTok a dangerous product representing a national security threat.

How will the ban work?

The mechanics of the ban take aim at app stores, like those operated by Apple and Google: If they distribute or update TikTok, the federal government could impose civil penalties on them. Internet hosting companies will also be barred from helping to distribute or maintain TikTok.

The push to force a TikTok sale has already generated speculation about potential buyers , including a group of investors brought together by a former Treasury Secretary, Steven Mnuchin; large American corporations; or a coalition of private equity firms.

The sell-or-be-banned approach has raised concern among advocates for digital rights that the United States may be undermining its role in promoting an open and free internet that is not controlled by individual countries.

When will the ban take effect?

TikTok will still be available in the U.S. for now.

The company sued the federal government , and the Chinese government may try to block the sale or export of the technology. These issues could take months, or years, to resolve.

Most of the existing TikTok bans have been put in place by governments and universities that have the power to keep an app off devices or networks that they own and operate.

A broader, government-imposed ban that blocks Americans from using the app could face legal challenges on First Amendment grounds, said Caitlin Chin, a fellow at the Center for Strategic and International Studies. After all, large numbers of Americans, including elected officials and major news organizations like The New York Times and The Washington Post , now produce videos on TikTok. It is a place where users share artwork, information and opinions about political topics like abortion rights .

First Amendment experts have said that justifying a ban would be a high bar for the government to clear.

Will TikTok be removed from my phone?

Not immediately. The legal challenges could stop the ban from going into effect if the app is not sold.

The exact mechanism for banning an app from privately owned phones is unclear. Montana’s effort to ban TikTok sought to fine the company and app stores if residents downloaded or used TikTok. Congressional proposals have taken a similar approach.

Apple and other companies that operate app stores have the ability to block downloads of apps that no longer work. They also ban apps that carry inappropriate or illegal content , said Justin Cappos, a professor at the New York University Tandon School of Engineering.

They also have the ability to remove apps installed on a user’s phone. “That usually doesn’t happen,” he said.

Biden supported the legislation while his campaign used TikTok.

The Biden administration has wanted TikTok’s Chinese owner to sell the app since last year, according to the company. TikTok has been in yearslong, confidential talks with the administration’s review panel, the Committee on Foreign Investment in the United States, to address the government’s questions about ByteDance’s relationship with the Chinese government and the handling of user data.

TikTok said that it submitted a 90-page proposal in 2022 detailing how it planned to operate in the United States while addressing national security concerns.

Despite the administration’s concerns, Mr. Biden’s re-election campaign made a debut on the app during the Super Bowl . The short but lighthearted video, which saw Mr. Biden dodging questions from an offscreen inquisitor, underscored his attempts to rebuild his support among young voters.

Since then, his campaign has shared dozens of videos on the platform.

What’s happening at the local level?

More than 30 states , and New York City , have joined the federal government in banning TikTok on government-issued devices . Many colleges have blocked it from campus Wi-Fi networks. But students often just switch to cellular data to use the app.

In May 2023, Gov. Greg Gianforte of Montana signed a bill to ban TikTok from operating inside the state, the first prohibition of its kind in the nation.

TikTok filed suit , saying the legislation violated the First Amendment. In late November, a federal judge agreed and granted a preliminary injunction to put the legislation on hold.

What is TikTok’s response?

TikTok has referred to the bans as “political theater” and criticized lawmakers for attempting to censor Americans.

The company in May sued the United States government over the new law forcing divestiture, saying the law violated the First Amendment.

Ahead of the new legislation, TikTok had urged users to oppose a TikTok ban and engaged in a lobbying push to promote the plan it submitted to the government to address national security concerns.

What can I do right now to protect my data if I use TikTok?

To protect your privacy on TikTok, you can employ the same practices used to protect yourself on other social media platforms . That includes not giving apps permission to access your location or contacts .

You can also watch TikTok videos without opening an account .

Sapna Maheshwari reports on TikTok, technology and emerging media companies. She has been a business reporter for more than a decade. Contact her at [email protected] . More about Sapna Maheshwari

Amanda Holpuch covers breaking news and other topics. More about Amanda Holpuch