O'Reilly logo

Mastering Internet of Things by Peter Waher

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Adding security headers

The HTML generator recognizes certain HTTP headers that could be collectively named security headers. If metadata tags with the same names as these are used, they are copied into the generated HTML verbatim. This includes:

Tag

Description

Access-Control-Allow-Origin

Allows you to define a  Cross-origin resource sharing (CORS) header.

Cache-Control

Overrides the default Cache-Control header generated by the renderer. Together with the Vary meta-tag they provide a means to control how the generated page will be cached.

Content-Security-Policy

Defines the expected behavior of the page.

Public-Key-Pins

Tells clients to pin a specific public key, decreasing the risk of Man-In-The-Middle (

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required