Рет қаралды 136,318
In this video we talk about various HTTP headers that can improve or weaken the security of a site. And we discuss how serious they are in the context of Google's bug bounty program.
Find the full playlist with videos for Google here: • BUG HUNTER UNIVERSITY
Chapters:
00:00 - Background Info
03:11 - Intro
03:53 - HTTP Security Header Overview
04:38 - Example #1: X-Frame-Options
06:43 - Example #2: Content-Security-Policy (CSP)
08:16 - Example #3: Strict-Transport-Security (HSTS)
10:44 - Example #4: Cross-Origin Resource Sharing (CORS)
13:12 - Example #5: Cookie Security Flags (HttpOnly)
14:25 - Summary
15:23 - Outro
*advertisement because the video was originally produced for Google: bughunters.google.com/learn/v...
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Instagram: / liveoverflow
→ Blog: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow