Security Headers
- Category :
- Concept
- Tags :
- general_computing_gleanings
- http
- http_headers
- security_headers
- s
- Created:
Table of Contents

List
- Cross-Origin-Embedder-Policy (COEP) header
- Cross-Origin-Opener-Policy (COOP) header
- Cross-Origin-Resource-Policy (CORP) header
- Content-Security-Policy (CSP) header
- Content-Security-Policy-Report-Only (CSPRO) header
- Expect-CT (experiemental) - lets sites opt in to reporting and enforcement of Certificate Transparency to detect use of misussed certificate for that site.
- Permissions-Policy header
- Reporting-Endpoints (experiemental) - response header that allows website owners to specify one or more endpoints used to receive errors such as CSP violation reports, Cross-Origin-Opener-Policy (COOP) reports, or other generic violations
- Strict-Transport-Security (HSTS) header
- Upgrade-Insecure-Requests header
- X-Content-Type-Options header
- X-Frame-Options (XFO) header
- X-Permitted-Cross-Domain-Policies header
- X-Powered-By header
- X-XSS-Protection (non-standard) - was a feature of Internet Explorer, Chrome and Safari that stopped pages from loading when they detected reflected cross-site scripting (XSS) attacks.
Links
References
Share :
Other Articles
- Published:
- cryptography
- Category: Concept
- Published:
- 103 Early Hints
- Category: Concept
- Published:
- From header
- Category: Concept