In the HTTP Protocol, we use headers both in our requests and responses to exchange information between the client and the server. These headers tell the browser how to behave during communication with the site. These headers mainly comprise of metadata.
These Headers were created to protect applications from some common attacks without the need to add or change the code of web applications.HTTP Response Headers Context to Security
- HTTP Strict Transport Security (HSTS)
- Public Key Pinning Extension for HTTP (HPKP)
- X-Frame-Options
- X-XSS-Protection
- X-Content-Type-Options
- Content-Security-Policy
- X-Permitted-Cross-Domain-Policies
- Referrer-Policy
- Expect-CT
- Feature-Policy
0 Comments