| CARVIEW |
Select Language
HTTP/2 200
x-guploader-uploadid: AAwnv3IV_zhU7pva2mh0OcIxIJ00UO8hpa6bZ3c11TSATVq0DgJDLobt3lV_hIEoPyHO1LxI
x-goog-generation: 1760058386759397
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 139930
x-goog-meta-goog-reserved-file-mtime: 1760056865
x-goog-hash: crc32c=pOh+Mw==, md5=9/MgVoufA05TjBnXG5fJsg==
x-goog-storage-class: STANDARD
accept-ranges: none
expires: Sun, 12 Oct 2025 22:16:22 GMT
cache-control: public, max-age=3600
last-modified: Fri, 10 Oct 2025 01:06:26 GMT
etag: W/"f7f320568b9f034e538c19d71b97c9b2"
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
alt-svc: clear
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
content-security-policy: default-src 'self'; script-src 'report-sample' 'self' 'wasm-unsafe-eval' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js assets.codepen.io production-assets.codepen.io https://js.stripe.com 'sha256-XNBp89FG76amD8BqrJzyflxOF9PaWPqPqvJfKZPCv7M=' 'sha256-YCNoU9DNiinACbd8n6UPyB/8vj0kXvhkOni9/06SuYw=' 'sha256-PZjP7OR6mBEtnvXIZfCZ5PuOlxoDF1LDZL8aj8c42rw='; script-src-elem 'report-sample' 'self' 'wasm-unsafe-eval' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js assets.codepen.io production-assets.codepen.io https://js.stripe.com 'sha256-XNBp89FG76amD8BqrJzyflxOF9PaWPqPqvJfKZPCv7M=' 'sha256-YCNoU9DNiinACbd8n6UPyB/8vj0kXvhkOni9/06SuYw=' 'sha256-PZjP7OR6mBEtnvXIZfCZ5PuOlxoDF1LDZL8aj8c42rw='; style-src 'report-sample' 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' developer.allizom.org bcd.developer.allizom.org bcd.developer.mozilla.org updates.developer.allizom.org updates.developer.mozilla.org https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://incoming.telemetry.mozilla.org https://observatory-api.mdn.allizom.net https://observatory-api.mdn.mozilla.net https://api.github.com/search/issues stats.g.doubleclick.net https://api.stripe.com; font-src 'self'; frame-src 'self' interactive-examples.mdn.mozilla.net interactive-examples.mdn.allizom.net mdn.github.io live-samples.mdn.mozilla.net live-samples.mdn.allizom.net *.mdnplay.dev *.mdnyalp.dev *.play.test.mdn.allizom.net https://v2.scrimba.com https://scrimba.com jsfiddle.net www.youtube-nocookie.com codepen.io survey.alchemer.com https://js.stripe.com; img-src 'self' data: *.githubusercontent.com *.googleusercontent.com *.gravatar.com mozillausercontent.com firefoxusercontent.com profile.stage.mozaws.net profile.accounts.firefox.com developer.mozilla.org mdn.dev interactive-examples.mdn.mozilla.net interactive-examples.mdn.allizom.net wikipedia.org upload.wikimedia.org https://mdn.github.io/shared-assets/ https://mdn.dev/ https://*.google-analytics.com https://*.googletagmanager.com www.gstatic.com; manifest-src 'self'; media-src 'self' archive.org videos.cdn.mozilla.net https://mdn.github.io/shared-assets/; child-src 'self'; worker-src 'self';
x-frame-options: DENY
origin-trial: AxVILwizhbMjxFeHOn1P3R8niO1RJY/smaK4B4d1rLzc1gTaxtXMSaTi+FoigYgCw40uFRDwFcEAeqDR+vVLOW4AAABfeyJvcmlnaW4iOiJodHRwczovL2RldmVsb3Blci5tb3ppbGxhLm9yZyIsImZlYXR1cmUiOiJQcml2YXRlQXR0cmlidXRpb25WMiIsImV4cGlyeSI6MTc0MjA3OTYwMH0=
x-cloud-trace-context: 3dce87572e28a63ba5c418c6aa769337
date: Sun, 12 Oct 2025 21:16:22 GMT
server: Google Frontend
via: 1.1 google
vary: Accept-Encoding
content-encoding: gzip
x-cache: miss
XMLHttpRequest: XMLHttpRequest() constructor - Web APIs | MDN
Toggle sidebar
XMLHttpRequest: XMLHttpRequest() constructor
Baseline
Widely available
This feature is well established and works across many devices and browser versions. It’s been available across browsers since July 2015.
Note: This feature is available in Web Workers, except for Service Workers.
The XMLHttpRequest() constructor
creates a new XMLHttpRequest.
Syntax
js
new XMLHttpRequest()
// Non-standard
new XMLHttpRequest(options)
Parameters
There are no standard parameters. However, Firefox allows a non-standard parameter:
optionsNon-standard-
An object that can contain the following flags:
mozAnon-
A boolean. When setting this flag to
truewill cause the browser not to expose the origin and user credentials when fetching resources. Most important, this means that cookies will not be sent unless explicitly added usingsetRequestHeader. mozSystem-
A boolean. When setting this flag to
true, the same origin policy will not be enforced on the request.
Return value
A new XMLHttpRequest object. The object must be prepared by at least
calling open() to initialize it before calling
send() to send the request to the server.
Specifications
| Specification |
|---|
| XMLHttpRequest # dom-xmlhttprequest |
Browser compatibility
Loading…