2 items tagged with "http-headers"
Guidance and recommended values for HTTP response security headers that harden web applications against common client-side attacks.
Add HSTS, frame and content-type protections, and a Content Security Policy that blocks injection while keeping your app working.