Blog | G5 Cyber Security

An Introduction to HTTP Response Headers for Security

The OWASP Secure Headers Project aims to set security parameters related to HTTP response headers that balance usability and security. The X-XSS-Protection header is designed to defend web applications against reflective XSS attacks. Setting this HSTS header can help protect applications against protocol downgrade attacks, such as Poodle.com attacks, clickjacking, cross-site request forgery and other threat vectors. These best practices provide a layer of security to help users mitigate certain types of attacks and vulnerabilities.”]

Source: https://securityintelligence.com/an-introduction-to-http-response-headers-for-security/

Exit mobile version