March 2018
Beginner to intermediate
410 pages
10h 40m
English
The HTML generator recognizes certain HTTP headers that could be collectively named security headers. If metadata tags with the same names as these are used, they are copied into the generated HTML verbatim. This includes:
|
Tag |
Description |
|
Access-Control-Allow-Origin |
Allows you to define a Cross-origin resource sharing (CORS) header. |
|
Cache-Control |
Overrides the default Cache-Control header generated by the renderer. Together with the Vary meta-tag they provide a means to control how the generated page will be cached. |
|
Content-Security-Policy |
Defines the expected behavior of the page. |
|
Public-Key-Pins |
Tells clients to pin a specific public key, decreasing the risk of Man-In-The-Middle ( |
Read now
Unlock full access