This content originally appeared on DEV Community and was authored by Jacopo Valanzano
Headers are special instructions sent to your browser, these can affect security and how your web browser handles the HTTP response.
Among the most common:
Content-Security-Policy: It can be cumbersome to set up and maintain, but it is one of the most effective mitigation techniques against XSS vulnerabilities.
X-Frame-Options: Allow iframes from external sources
X-Content-Type-Options: whether to allow MIME sniffing when the Content-Type header is not set or its value seems inappropriate
Referrer-Policy: Can be used to prevent visitor data from being shared with third parties, such as CDNs
Permissions-Policy: Allows access to device sensors and more
HSTS: although a bit risky, it can guarantee secure connections
Score your website headers: https://securityheaders.com
This content originally appeared on DEV Community and was authored by Jacopo Valanzano
Jacopo Valanzano | Sciencx (2023-02-25T20:20:35+00:00) HTTP Headers. Retrieved from https://www.scien.cx/2023/02/25/http-headers/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.