Get to know MDN better
The fetchLater() API provides an interface to request a deferred fetch that can be sent after a specified period of time, or when the page is closed or navigated away from.
Developers often need to send (or beacon) data back to the server, particularly at the end of a user's visit to a page — for example, for analytics services. There are several ways to do this: from adding 1 pixel <img> elements to the page, to XMLHttpRequest, to the dedicated Beacon API, and the Fetch API itself.
The issue is that all of these methods suffer from reliability problems for end-of-visit beaconing. While the Beacon API and the keepalive property of the Fetch API will send data, even if the document is destroyed (to the best efforts that can be made in this scenario), this only solves part of the problem.
The other — more difficult — part to solve concerns deciding when to send the data, since there is not an ideal time in a page's lifecycle to make the JavaScript call to send out the beacon:
This means developers looking to reliably send out data via a beacon need to do so more frequently than is ideal. For example, they may send a beacon on each change, even if the final value for the page has not yet been reached. This has costs in network usage, server processing, and merging or discarding outdated beacons on the server.
Alternatively, developers can choose to accept some level of missing data — either by:
The fetchLater() API extends the Fetch API to allow setting fetch requests up in advance. These deferred fetches can be updated before they have been sent, allowing the payload to reflect the latest data to be beaconed.
The browser then sends the beacon when the tab is closed or navigated away from, or after a set time if specified. This avoids sending multiple beacons but still ensures a reliable beacon within reasonable expectations (i.e., excluding when the browser process shuts down unexpectedly during a crash).
Deferred fetches can also be aborted using an AbortController if they are no longer required, avoiding further unnecessary costs.
Deferred fetches are batched and sent once the tab is closed; at this point, there is no way for the user to abort them. To avoid situations where documents abuse this bandwidth to send unlimited amounts of data over the network, the overall quota for a top-level document is capped at 640KiB.
Callers of fetchLater() should be defensive and catch QuotaExceededError errors in almost all cases, especially if they embed third-party JavaScript.
Since this cap makes deferred fetch bandwidth a scarce resource, which needs to be shared between multiple reporting origins (for example, several RUM libraries) and subframes from multiple origins, the platform provides a reasonable default division of this quota. In addition, it provides deferred-fetch and deferred-fetch-minimal Permissions Policy directives to allow dividing it differently when desired.
The overall quota for fetchLater() is 640KiB per document. By default, this is divided into a 512KiB top-level quota and a 128KiB shared quota:
fetchLater() requests can be made to any URL and are not restricted to the same origin as the document or the subframe, so it's important to differentiate between requests made in the top-level document content (whether to first-party or third-party origins) and those made in subframes.
For example, if a top-level a.com document includes a <script> that makes a fetchLater() request to analytics.example.com, this request would be bound by the top-level 512KiB limit. Alternatively, if the top-level document embeds an <iframe> with a source of analytics.example.com that makes a fetchLater() request, that request would be bound by the 128KiB limit.
Only 64KiB of the top-level 512KiB quota can be used concurrently for the same reporting origin (the request URL's origin). This prevents third-party libraries from reserving quota opportunistically before they have data to send.
Each cross-origin subframe gets an 8KiB quota out of the shared 128KiB quota by default, allocated when the subframe is added to the DOM (whether fetchLater() will be used in that subframe or not). This means that, in general, only the first 16 cross-origin subframes added to a page can use fetchLater() as they will use up the 128KiB quota.
The top-level origin can give selected cross-origin subframes an increased quota of 64KiB, taking it out of the larger top-level 512KiB limit. It does this by listing those origins in the deferred-fetch Permissions Policy directive. This is allocated when the subframe is added to the DOM, leaving less quota for the top-level document and direct same-origin subframes. Multiple same-origin subdomains can each get a 64KiB quota.
The top-level origin can also restrict the 128KiB shared quota to named cross-origin subframes by listing those origins in the deferred-fetch-minimal Permissions Policy. It can also revoke the entire 128KiB default subframe quota and instead keep the full 640KiB quota for itself and any named deferred-fetch cross-origins by setting the deferred-fetch-minimal Permissions Policy to ().
By default, subframes of subframes are not allocated a quota and so cannot use fetchLater(). Subframes allocated the increased 64KiB quota can delegate the full 64KiB quota to further subframes and allow them to use fetchLater() by setting their own deferred-fetch Permissions Policy. They can only delegate their full quota to further subframes, not parts of it, and cannot specify new quotas. Subframes using the minimal 8KiB quota cannot delegate quotas to subframes. To be delegated quota, sub-subframes must be included in both the top-level and the subframe deferred-fetch Permissions-Policy directives.
When quotas are exceeded, a QuotaExceededError is thrown when the fetchLater() method is called to initiate the deferred request.
Permissions Policy checks are not discernible from quota checks. Calling fetchLater() will throw a QuotaExceededError both if the quota is actually exceeded and if the quota was restricted for that origin via a Permissions Policy.
Callers of fetchLater() should be defensive and catch QuotaExceededError errors in almost all cases, especially if they embed third-party JavaScript.
Assuming a top-level document on a.com, which embeds a subframe of a.com, which embeds a subframe of b.com, and no explicit Permission Policies.
Assuming a top-level document on a.com, which embeds a <iframe src="https://b.com/">, which embeds a subframe of <iframe src="https://a.com/embed">, and no explicit Permission Policies.
Assuming a top-level document on a.com, which embeds a <iframe src="https://b.com/">, which embeds a <iframe src="https://c.com/">, and no explicit Permission Policies.
Assuming a top-level document on a.com, which embeds a <iframe src="https://b.com/">, which embeds a <iframe src="https://c.com/">.
Assuming that a.com has the following Permissions Policy:
And, assuming that b.com has the following Permissions Policy:
Assuming a top-level document on a.com, which embeds a <iframe src="https://b.com/">, which redirects to c.com, and no explicit top-level Permission Policies.
As an example, if the following <iframe> is embedded on https://www.example.com:
This would not be considered "same-origin", despite being hosted on the same origin as the top-level document, as the <iframe> is in a sandboxed environment. Therefore, by default, it should be allocated an 8KiB quota from the total shared 128KiB quota.
You can use the <iframe> allow attribute to prevent fetchLater() quota from being allocated to the <iframe>:
The allow="deferred-fetch" directive is needed to prevent same-origin iframes from using up the 512KiB quota, and the allow="deferred-fetch-minimal" directive is needed to prevent cross-origin iframes from using up the 128KiB quota. Including both directives will prevent both quotas from being used, regardless of the src value.
In the following sequence, contained in the top-level document, the first two requests would succeed, but the third would throw. That's because, even though the overall 640KiB quota was not exceeded, the third request exceeds the reporting-origin quota for https://a.example.com and would throw.
Assuming a top-level document at a.com, which embeds <iframe src="https://b.com/">, which redirects to a.com, and no explicit top-level Permission Policies:
This page was last modified on Jan 12, 2026 by MDN contributors.
Your blueprint for a better internet.
Visit Mozilla Corporation’s not-for-profit parent, the Mozilla Foundation.
Portions of this content are ©1998–2026 by individual mozilla.org contributors. Content available under a Creative Commons license.