HTTP security headers play a critical role in securing browsers from numerous attacks : CSRF, XSS and more recently XS-Leaks to name a few. We can mitigate them if we leverage headers like CSP, HSTS, COxP or even CORS.
In these session, I'll demonstrate how easy it is to exploit client-side vulnerabilities and talk about the HTTP Headers that could mitigate them and better secure our browsers.
So let's play ! 😈😇