AntiSSRFPolicy.deniedHeaders Property

Definition

A read-only array of headers that are forbidden from being included in outgoing requests.

deniedHeaders: readonly string[] { get; }

Both requiredHeaders and deniedHeaders are considered when validating a request. If any header is in both lists, the request will always be blocked.

Property Value

readonly string[]

A read-only array of header names that are blocked by the policy.

Copyright © 2026 Microsoft Corporation. Distributed under the MIT license.