"HTTP Header X-Frame-Options" - David Ross, Tobias Gondrom
2012-03-01, rev -00: To improve the protection of web applications against Cross Site Request Forgery (CSRF) and Clickjacking this standards defines a http response header that declares a policy...
View Article"HTTP Header Frame Options" - David Ross, Tobias Gondrom
2012-03-01, rev -02: To improve the protection of web applications against Cross Site Request Forgery (CSRF) and Clickjacking this standards defines a http response header that declares a policy...
View Article"Public Key Pinning Extension for HTTP" - Chris Evans, Chris Palmer
2012-06-01, rev -02: This memo describes an extension to the HTTP protocol allowing web host operators to instruct user agents (UAs) to remember ("pin") the hosts' cryptographic identities for a given...
View Article"HTTP Strict Transport Security (HSTS)" - Jeff Hodges, Collin Jackson, Adam...
2012-06-01, rev -09: This specification defines a mechanism enabling web sites to declare themselves accessible only via secure connections, and/or for users to be able to direct their user agent(s) to...
View Article"HTTP Header X-Frame-Options" - David Ross, Tobias Gondrom
2012-07-01, rev -00: To improve the protection of web applications against Clickjacking this standards defines a http response header that declares a policy communicated from a host to the client...
View Article"HTTP Header Frame Options" - David Ross, Tobias Gondrom
2012-07-01, rev -00: To improve the protection of web applications against Clickjacking this standards defines a http response header that declares a policy communicated from a host to the client...
View Article"HTTP Strict Transport Security (HSTS)" - Jeff Hodges, Collin Jackson, Adam...
2012-07-10, rev -11: This specification defines a mechanism enabling web sites to declare themselves accessible only via secure connections, and/or for users to be able to direct their user agent(s) to...
View Article"HTTP Strict Transport Security (HSTS)" - Jeff Hodges, Collin Jackson, Adam...
2012-08-13, rev -12: This specification defines a mechanism enabling web sites to declare themselves accessible only via secure connections, and/or for users to be able to direct their user agent(s) to...
View Article"HTTP Strict Transport Security (HSTS)" - Jeff Hodges, Collin Jackson, Adam...
2012-09-29, rev -14: This specification defines a mechanism enabling web sites to declare themselves accessible only via secure connections, and/or for users to be able to direct their user agent(s) to...
View Article"Public Key Pinning Extension for HTTP" - Chris Evans, Chris Palmer
2012-10-16, rev -03: This memo describes an extension to the HTTP protocol allowing web host operators to instruct user agents (UAs) to remember ("pin") the hosts' cryptographic identities for a given...
View Article"HTTP Header X-Frame-Options" - David Ross, Tobias Gondrom
2012-10-22, rev -01: To improve the protection of web applications against Clickjacking this standard defines an http response header that declares a policy communicated from a host to the client...
View Article"Public Key Pinning Extension for HTTP" - Chris Evans, Chris Palmer, Ryan Sleevi
2012-12-01, rev -04: This memo describes an extension to the HTTP protocol allowing web host operators to instruct user agents (UAs) to remember ("pin") the hosts' cryptographic identities for a given...
View Article"Web Security Framework: Problem Statement and Requirements" - Jeff Hodges
2013-02-18, rev -00: Web-based malware and attacks are proliferating rapidly on the Internet. New web security mechanisms are also rapidly growing in number, although in an incoherent fashion. This...
View Article"HTTP Header Field X-Frame-Options" - David Ross, Tobias Gondrom
2013-02-25, rev -02: To improve the protection of web applications against Clickjacking, this specification describes the X-Frame-Options HTTP response header field that declares a policy communicated...
View Article"Public Key Pinning Extension for HTTP" - Chris Evans, Chris Palmer, Ryan Sleevi
2013-06-18, rev -06: This memo describes an extension to the HTTP protocol allowing web host operators to instruct user agents (UAs) to remember ("pin") the hosts' cryptographic identities for a given...
View Article"HTTP Header Field X-Frame-Options" - David Ross, Tobias Gondrom
2013-06-28, rev -04: To improve the protection of web applications against Clickjacking, this specification describes the X-Frame-Options HTTP response header field that declares a policy communicated...
View Article"Public Key Pinning Extension for HTTP" - Chris Evans, Chris Palmer, Ryan Sleevi
2013-07-01, rev -07: This memo describes an extension to the HTTP protocol allowing web host operators to instruct user agents (UAs) to remember ("pin") the hosts' cryptographic identities for a given...
View Article"Hypertext Transport Protocol (HTTP) Session Continuation: Problem Statement"...
2013-07-01, rev -00: One of the most often talked about problems in web security is "cookies". Web cookies are a method of associating requests with "sessions" that may have been authenticated somehow....
View Article"Public Key Pinning Extension for HTTP" - Chris Evans, Chris Palmer, Ryan Sleevi
2013-07-11, rev -08: This memo describes an extension to the HTTP protocol allowing web host operators to instruct user agents (UAs) to remember ("pin") the hosts' cryptographic identities for a given...
View Article"HTTP Header Field X-Frame-Options" - David Ross, Tobias Gondrom
2013-07-15, rev -05: To improve the protection of web applications against Clickjacking, this specification describes the X-Frame-Options HTTP response header field that declares a policy communicated...
View Article
