Posts tagged with headers
Did you know that using stream contexts, you can set headers when making HTTP requests with #php's file_get_contents() function? pic.twitter.com/bBoS5bksbt
— Liam Hammett (@LiamHammett) August 24, 2018
Read more [twitter.com]
Scott Helme, creator of both securityheaders.com and report-uri.com introduces a header to enable or disable certain APIs on a webpage.
Feature Policy is being created to allow site owners to enable and disable certain web platform features on their own pages and those they embed. Being able to restrict the features your site can use is really nice but being able to restrict features that sites you embed can use is an even better protection to have.
Read more [scotthelme.co.uk]
Join 9,500+ smart developers
Every month I share what I learn from running Spatie, building Oh Dear, and maintaining 300+ open source packages. Practical takes on Laravel, PHP, and AI that you can actually use.
No spam. Unsubscribe anytime. You can also follow me on X.
By default all scripts on a webpage are allowed to send and fetch data from and to any site they want. If you think about it, that's kinda scary. Imagine that one of your JavaScript dependencies would send all keystrokes, including passwords, to a third party website. That would be pretty bad. In…
Almost a year ago, Scott Helme, creator of securityheaders.io and report-uri.com, wrote a blogpost on a not well known http header: Referrer-Policy.
Regular readers will know how fond I am of the existing security headers so it's great to hear that we're getting another! Referrer Policy will allow a site to control the value of the referer header in links away from their pages.
https://scotthelme.co.uk/a-new-security-header-referrer-policy/