Difference between revisions of "HTTP headers"
Jump to navigation
Jump to search
↑ https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
| Line 6: | Line 6: | ||
* <code>[[Content-Security-Policy]]</code><ref>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy</ref> | * <code>[[Content-Security-Policy]]</code><ref>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy</ref> | ||
* <code>[[X-Frame-Options]]</code> (deprecated): https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options | * <code>[[X-Frame-Options]]</code> (deprecated): https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options | ||
| + | |||
| + | * <code>[[strict-Transport-Security]] | ||
| + | * [[Content-Security-Policy]] | ||
| + | * [[X-Frame-Options]] | ||
| + | * [[X-Content-Type-Options]] | ||
| + | * [[Referrer-Policy]] | ||
| + | * [[Permissions-Policy]]</code> | ||
| + | |||
Revision as of 11:07, 23 January 2023
WWW-AuthenticateAuthorization:Content-Security-Policy[1]X-Frame-Options(deprecated): https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
strict-Transport-Security- Content-Security-Policy
- X-Frame-Options
- X-Content-Type-Options
- Referrer-Policy
Permissions-Policy
Related terms
- Clickjacking
- Bearer token:
Authorization: Bearer .../... curl --header- Python,
urlliblibrary - HTTP Security headers
Activities
- Read about Amazon CloudFront: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/example-function-add-security-headers.html
See also
- HTTP Headers:
Authorization:, X-Frame-Options, Content-Security-Policy, Cache-Control, Terraform:drop_invalid_header_fields - HTTP/2, HTTP/3, Media type (
Content-Type), HTTP headers, CVE-2023-44487 HTTP/2 Rapid Reset Vulnerability, Cloudflare Protocol optimization - HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL, WebSockets, WebRTC,ssl_certificateQUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure, Axios HTTP client, HTTP cookies, HTTP ETag
Advertising:
