Prima Pagina.
FR

Security headers

Security headers harden the browser against common attacks: CSP against script injection, X-Content-Type-Options against type confusion, Referrer-Policy for controlled data exposure.

In practice

They cost a few configuration lines and return a reduced attack surface — plus a clean score on the scanners that clients and partners occasionally check. Deployment requires testing: an overly strict CSP silently breaks features. Our reference configurations apply them by default on every new site.