🧾

Security Headers

Web Security

HTTPS XSS (Cross‑Site Scripting) Clickjacking Mixed Content

HTTP response headers enforcing browser security policies.

Definition

Security headers (e.g., CSP, HSTS, X-Frame-Options, Permissions-Policy) instruct browsers to apply policies that reduce attack surface and enforce safer behavior.

In plain English HTTP response headers enforcing browser security policies.

Why this matters

Why it matters: They mitigate common web attacks and help preserve confidentiality and integrity of sessions and data.

Example

Example: HSTS forces HTTPS; CSP restricts script sources to reduce XSS.

Security Headers

Definition

Why this matters

Example

Accessibility Settings

Text Size

Theme

Contrast Level

Language & Content

Need help with a term? Open the glossary