Boosting security with HTTP headers

Cite

Norwegian Developers Conference (NDC)

Klingsheim, André N.

Formal Metadata

Title

Boosting security with HTTP headers

Title of Series

NDC Oslo 2015

Number of Parts

163

Author

Klingsheim, André N.

License

CC Attribution - NonCommercial - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this

Identifiers

10.5446/50012 (DOI)

Publisher

Norwegian Developers Conference (NDC)

Release Date

2015

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

Modern browsers offer multiple opt-in security features that help protect your web application. These features are enabled through a variety of HTTP response headers. You should take advantage of these security headers in your web applications to prevent several common web application attacks. We'll go through the list of security headers and see what they do to improve security for your users.Security headers are the low hanging fruits of web application security. We should all be using them! This talk is relevant for web developers, testers and architects on all platforms. The security headers enable security features in the browser, and so is not tied to any particular web application development stack. Any examples will be shown using the NWebsec security library for ASP.NET.