Accept-CHAccept-CH is an opt-in response header by which the server tells the browser which Client Hints headers it wants on future requests. High-entropy hints (device model, platform version, memory, etc.) are sent by the browser only after being explicitly requested here.
Client Hints is a mechanism for the browser to selectively expose device, network, and UA information to the server. For privacy, most hints are not sent by default; the server must opt in by listing names in Accept-CH. The browser remembers this list per origin and then attaches the corresponding Sec-CH-* / Device-Memory / Downlink headers on subsequent requests to that origin.
So the first request has no hints. The server returns Accept-CH in a response, and hints arrive from the second request onward — a two-round-trip structure. To use hints already on the first response, pair it with <meta http-equiv="Accept-CH"> or the Critical-CH header (which re-requests critical hints).
To deliver high-entropy hints to cross-origin subresources/iframes, Accept-CH opt-in alone is not enough; you must delegate the hint feature to that origin via Permissions-Policy. Also, if the response varies by a hint value (e.g. per-device images), list that hint header in Vary so caches do not confuse representations.
Accept-CH: <hint-name>[, <hint-name>]*e.g. Accept-CH: Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Device-Memory
<hint-name> | Name of a Client Hint header the server wants on subsequent requests (e.g. Sec-CH-UA-Model, Device-Memory, Downlink). |