- Course
Introduction to Browser Security Headers
Browser security headers provide a means for websites to describe how they should behave when loaded into the client. By specifying expected and allowable behaviors, security headers can thwart a number of otherwise serious attacks against websites.
Intermediate
- Course
Introduction to Browser Security Headers
Browser security headers provide a means for websites to describe how they should behave when loaded into the client. By specifying expected and allowable behaviors, security headers can thwart a number of otherwise serious attacks against websites.
Intermediate
Get started today
Access this course and other top-rated tech content with one of our business plans.
Try this course for free
Access this course and other top-rated tech content with one of our individual plans.
This course is included in the libraries shown below:
- Core Tech
What you'll learn
Security is all about defense in depth: applying layer upon layer of security controls such that any one single failure does not lead to a compromise of the application. One of those layers is the browser itself, which is becoming increasingly intelligent when it comes to implementing defenses. Security headers are a way of telling the browser how a website may behave when it’s loaded into the client. They provide numerous defenses against a variety of attacks in ways that have not previously been possible with security controls that ran solely on the server. In this course, we’ll walk through a number of essential security headers that provide even greater levels of defense for web applications. We’ll look at how they’re intended to work, what attacks they protect against, and how you can easily implement them in your website.
Introduction to Browser Security Headers
Intermediate
Table of contents
-
Overview | 2m 14s
-
Security Threats in a Web World | 3m 50s
-
Things the Server Can’t Control | 2m 45s
-
Understanding Headers | 5m 7s
-
How Browsers Handle Response Headers | 4m 44s
-
Non-standard and Browser Prefixed Headers | 3m 5s
-
Current Utilization of Browser Security Headers | 3m 45s
-
Summary | 2m 1s
Troy Hunt is a Microsoft Regional Director and MVP for Developer Security. He's a regular conference speaker, frequent blogger at troyhunt.com and is the creator of the data breach notification service known as “Have I Been Pwned”.