Security headers

HTTP Strict Transport Security (HSTS)Content Security Policy (CSP)Cross Site Scripting Protection (X-XSS-Protection)X-Frame-OptionsX-Content-Type-OptionsX-Permitted-Cross-Domain-PoliciesPublic Key Pinning (PKP)Expect-CTReferer-PolicyPragmaCache-ControlSame-origin policyCross-origin resource sharing (CORS)
PreviousUnsafe Consumption of APIsNextHTTP Strict Transport Security (HSTS)