Other browser security headers and controls

Explore various browser security headers beyond the basics, including Referrer-Policy and Feature-Policy. Understand how these headers help protect user privacy and reduce attack surfaces by controlling browser features. Learn practical steps to implement these headers in your Node.js applications, preparing you to adapt to evolving web security standards.

We'll cover the following...

Referrer-Policy
Feature-Policy
Summary

As the web evolves, it creates new standards for us to adopt. This also applies to new HTTP headers. We will quickly review a bunch of them here as a first step in establishing familiarity with a wider range of headers.

Referrer-Policy

Embrace and prepare for privacy-related policies using Referrer-Policy, which instructs the browser when and how much information to provide when setting a Referer header as users navigate from an existing web page.

Some example values for Referrer Policy are:

Referrer-Policy: no-referrer
Referrer-Policy: origin-when-cross-origin
Referrer-Policy: same-origin

The default value set by the browser is no-referrer-when-downgrade. However, a better option would be one of the ...

1.Introduction

2.HTTP Security Headers

3.Testing for Security Headers

4.What's Next?

Other browser security headers and controls

Referrer-Policy