jake/jarv.is
1
Fork 0
mirror of https://github.com/jakejarvis/jarv.is.git synced 2025-07-21 19:41:17 -04:00
Code Issues Activity

linked images produced invalid HTML, fix later

Browse Source
This commit is contained in:
Jake Jarvis
2019-12-21 11:59:43 -05:00
parent 6ae5aeb3e3
commit 762a82b3cb
5 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/notes/security-headers-cloudflare-workers/index.md
View File

@@ -13,7 +13,7 @@ draft: false
---
[{{< image src="images/security-headers.png" width="700" >}}An [A+ security grade](https://securityheaders.com/?q=jarv.is&amp;followRedirects=on) for this website!{{< /image >}}](https://securityheaders.com/?q=jarv.is&amp;followRedirects=on)
{{< image src="images/security-headers.png" width="700" >}}An [A+ security grade](https://securityheaders.com/?q=jarv.is&amp;followRedirects=on) for this website!{{< /image >}}
In 2019, it's becoming more and more important to harden websites via HTTP response headers, which all modern browsers parse and enforce. Multiple standards have been introduced over the past few years to protect users from various attack vectors, including `Content-Security-Policy` for injection protection, `Strict-Transport-Security` for HTTPS enforcement, `X-XSS-Protection` for cross-site scripting prevention, `X-Content-Type-Options` to enforce correct MIME types, `Referrer-Policy` to limit information sent with external links, [and many, many more](https://www.netsparker.com/whitepaper-http-security-headers/).