Jeremy DruinApr 2, 20211 minHow to Check HTTP HeadersHTTP response headers can impact the user experience and the security of the web or mobile application. Server administrators can...
Jeremy DruinMar 6, 20211 minWhat is Content Security Policy?Content Security Policy (CSP) is a security framework built into the browser. CSP allows the browser to block content from sources other...
Jeremy DruinMar 1, 20211 minYum! Secure CookiesCookie security is an oxymoron. Cookies exist in the browser; an inherently insecure location. However, there are several best-practices...
Jeremy DruinFeb 25, 20211 minHow HTTP Headers impact Application Security (by Example)Web server configuration can impact the security of the web site and underlying application. These headers can be confusing so it is not...
Jeremy DruinDec 13, 20204 minDemystifying the HTTP Strict Transport Security (HSTS) HeaderIdeally, web sites would run exclusively over HTTPS. In the future, we might find sites avoiding HTTP entirely using one of the following...