diff --git a/.changeset/four-cougars-lick.md b/.changeset/four-cougars-lick.md
new file mode 100644
index 000000000000..f02268a8945d
--- /dev/null
+++ b/.changeset/four-cougars-lick.md
@@ -0,0 +1,5 @@
+---
+'astro': major
+---
+
+Allows HEAD requests to return a 200 response
diff --git a/packages/astro/src/core/app/middlewares.ts b/packages/astro/src/core/app/middlewares.ts
index 7c589f0c4dce..f6a23ae576e7 100644
--- a/packages/astro/src/core/app/middlewares.ts
+++ b/packages/astro/src/core/app/middlewares.ts
@@ -25,7 +25,7 @@ export function createOriginCheckMiddleware(): MiddlewareHandler {
 		if (isPrerendered) {
 			return next();
 		}
-		if (request.method === 'GET') {
+		if (request.method === 'GET' || request.method === "HEAD" || request.method === "OPTIONS") {
 			return next();
 		}
 		const sameOrigin =
diff --git a/packages/astro/test/csrf-protection.test.js b/packages/astro/test/csrf-protection.test.js
index 5b70e36505f6..01c2a8dacc5c 100644
--- a/packages/astro/test/csrf-protection.test.js
+++ b/packages/astro/test/csrf-protection.test.js
@@ -212,4 +212,15 @@ describe('CSRF origin check', () => {
 			something: 'true',
 		});
 	});
+
+	it('return 200 when calling HEAD', async () => {
+		let request;
+		let response;
+		request = new Request('http://example.com/', {
+			headers: { origin: 'http://loreum.com', 'content-type': 'multipart/form-data' },
+			method: 'HEAD',
+		});
+		response = await app.render(request);
+		assert.equal(response.status, 200);
+	})
 });
diff --git a/packages/astro/test/fixtures/csrf-check-origin/src/pages/index.astro b/packages/astro/test/fixtures/csrf-check-origin/src/pages/index.astro
new file mode 100644
index 000000000000..3d5fc2bd1293
--- /dev/null
+++ b/packages/astro/test/fixtures/csrf-check-origin/src/pages/index.astro
@@ -0,0 +1,8 @@
+<html>
+	<head>
+		<title>Astro</title>
+	</head>
+	<body>
+		<h1>Astro</h1>
+	</body>
+</html>