Morioh
Login
Monty Boehm

Monty Boehm

2 years ago

I talk about implementing common headers in your web app to increase its security.

Headers

  1. Access-Control-Allow-Origin: Defines domains that can access your content.  MDN link.
  2. Permissions-Policy: Defines permissions your web app can request for.  W3C link.
  3. Referrer-Policy: Defines how much information you share with link B about link A when you go from link A to link B.  MDN link.
  4. Strict-Transport-Security: Defines whether or not https:// should be compulsory when accessing your web app.  MDN link.
  5. X-Content-Type-Options: Mandates content to be of the type defined.  MDN link.
  6. X-Frame-Options: Defines whether or not your web app can be loaded within an iframe or other embed elements.  MDN link.
  7. X-XSS-Protection: Defines Cross-Site Scripting filter level.  MDN link.

#chrome #firefox #react #angular

Low-Hanging Fruits of Web Security

itnext.io

Low-Hanging Fruits of Web Security

Low-Hanging Fruits of Web Security. I talk about implementing common headers in your web app to internet its security. Mozilla low-hanging fruit is to web Security, what Lighthouse is to web Performance. It rates the cyber security of your web app and provides suggestions to improve that rating.

1.10 GEEK