Computerworld

Mozilla advises webmasters to implement X-Frame-Options security header

In light of overall low adoption of HTTP security headers, Mozilla is advising webmasters to at least implement X-Frame-Options on their sites, arguing that this header can prevent several types of ...
CRN

Website Header Security Protection Growing: Study

Security headers can be coded into a website, but typically they are implemented via a website's underlying Web server and interact with a site visitor's Web browser to set restrictions and other ...
ZDNet

Google: Chrome is backing away from public key pinning, and here's why

Google has announced plans to deprecate Chrome support for HTTP public key pinning (HPKP), an IETF standard that Google engineers wrote to improve web security but now consider harmful. HPKP, as ...
GIGAZINE

More than 2000 extensions for Google Chrome point out that they are degrading security

When accessing a website, the web browser receives security headers from the server, such as HTTP Strict Transport Security (HSTS), which requires communication over HTTPS, and Content Security Policy ...
Visual Studio Magazine

HTTP Protocol: Headers vs. Body

As part of putting together a request to a Web Service, I'm perfectly willing to modify the headers in the request to carry some data rather than put that data in the body of the request. There is a ...