- X-XSS-Protection (Deprecated)
- Pragma (Deprecated)
- Public-Key-Pins (Deprecated)
- Expect-CT (Deprecated)
- Access-Control-Allow-Origin
- Access-Control-Allow-Methods
- Access-Control-Allow-Headers
- X-Content-Security-Policy
- X-Content-Type-Options
- X-Frame-Options
- X-Permitted-Cross-Domain-Policies
- X-Powered-By
- Content-Security-Policy
- Referrer-Policy
- HTTP Strict Transport Security / HSTS
- Content-Security-Policy
- Content-Security-Policy-Report-Only
- Clear-Site-Data
- Cross-Origin-Embedder-Policy-Report-Only
- Cross-Origin-Opener-Policy-Report-Only
- Cross-Origin-Embedder-Policy
- Cross-Origin-Opener-Policy
- Cross-Origin-Resource-Policy
- Permissions-Policy
- Strict-dynamic
- Strict-Transport-Security
- FLoC (Federated Learning of Cohorts)
Disclosure: This post may contain affiliate links which means I may receive a commission for purchases made through links. I will only recommend products that I have personally used! Learn more on my Private Policy page.