From the course: Security in ASP.NET Core
Join today to access over 24,400 courses taught by industry experts.
Security HTTP headers - ASP.NET Tutorial
From the course: Security in ASP.NET Core
Security HTTP headers
- [Instructor] A few final thoughts on HTTP headers, at least from a security perspective. In the last video, we tried to get rid of some of them, but there are also other headers that are supported by all major browsers, that can even increase the security of our web application. Going into detail for each and every one of them is a little bit out of scope, but I still would like to mention the most important ones. An oldie, but goldie, I believe it was introduced by Internet Explorer eight is X dash frame dash options. There is a rather dangerous attack called ClickJacking. And the idea of ClickJacking is that the attacker creates a website, and in that website, they are putting an iframe, and in that iframe, they put another application, and then they trick users into clicking somewhere into that iframe, and thus clicking into that application. It's very easy to defend with X frame options. You can basically say, this site, or this page must not be put into an iframe, or shall only…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
