Web App Security

Web App Security
20250116 Understanding X-Content-Type-Options

Understanding X-Content-Type-Options

January 16, 2025

What is X-Content-Type-Options? X-Content-Type-Options is an HTTP response header used…

20250116 Understanding X-XSS-Protection

Understanding X-XSS-Protection

January 16, 2025

What is X-XSS-Protection? X-XSS-Protection is a HTTP header used to…

20250115 Understanding Strict-Transport-Security (HSTS)

Understanding Strict-Transport-Security (HSTS)

January 16, 2025

What is Strict-Transport-Security? The Strict-Transport-Security (HSTS) HTTP response header is…

20250115 Understanding Insecure Cookie Setting Missing HttpOnly Flag

Understanding Insecure Cookie Setting: Missing HttpOnly Flag

January 15, 2025

Cookies are a critical component of web applications, often used…

20250114 Insecure Cookie Setting Missing Secure Flag

Understanding Insecure Cookie Setting: Missing Secure Flag

January 14, 2025

Cookies are widely used to store session information, authentication tokens,…

Understanding X-Frame-Options

January 3, 2025

The X-Frame-Options HTTP response header is a security feature that…

20250112 ReferrerPolicy

Understanding and Implementing Referrer Policy

January 2, 2025

The Referrer-Policy HTTP header controls how much referrer information the…