Security Headers

← Back to Secure Development Practices

HTTP response headers that enable browser security features: Content-Security-Policy (CSP) controls resource loading, HSTS enforces HTTPS, X-Content-Type-Options prevents MIME sniffing, Referrer-Policy controls referrer information, and Permissions-Policy restricts browser features.

Key Properties

Content-Security-Policy
HSTS
X-Content-Type-Options

application-security secure-development security-headers

Software Engineering KB

Explorer

Security Headers

Security Headers

Key Properties

Graph View

Table of Contents

Backlinks