Web Security

Wat zijn security headers?

HTTP headers die browser security boost.

Home/Categorieën/Web Security/Wat zijn security headers?

Important headers

Content-Security-Policy - XSS protection X-Frame-Options - clickjacking prevention Strict-Transport-Security - force HTTPS X-Content-Type-Options - prevent MIME sniffing

Code Voorbeelden

JAVASCRIPTSecurity headers
// Express middleware
app.use((req, res, next) => {
  res.setHeader('Strict-Transport-Security', 'max-age=31536000');
  res.setHeader('X-Frame-Options', 'DENY');
  res.setHeader('X-Content-Type-Options', 'nosniff');
  res.setHeader('Content-Security-Policy', "default-src 'self'");
  next();
});

Relevante trefwoorden

security headersCSPHTTPS
← Terug naar Web SecurityAlle categorieën →