Applicatie-beveiligingsopties (Beveiligingsopties)
X-Frame-Options
X-Content-Type-Options
X-XSS-Protection
Content-Security-Policy (CSP):
- Content Security Policy Level 3, W3C Working Draft (In overeenstemming met CSP3 beschouwen we
frame-src
niet als 'deprecated'.) - Content Security Policy Level 2, W3C Recommendation
- MDN webdocs on Content-Security-Policy
- Mozilla's Laboratory (Content Security Policy / CSP Toolkit)