Security Boulevard

When Proxies Become Attack Vectors Through Header Injection

This assumption breaks down because HTTP RFC flexibility allows different servers to interpret the same header field in fundamentally different ways, creating exploitable gaps that attackers are ...
Network World

Mozilla advises webmasters to implement X-Frame-Options security header

In light of overall low adoption of HTTP security headers, Mozilla is advising webmasters to at least implement X-Frame-Options on their sites, arguing that this header can prevent several types of ...