Glossary of Security Terms: Forbidden Response Header Name

A forbidden response header name is an HTTP header name (either `

Set-Cookie

` or `

Set-Cookie2

`) that cannot be modified programmatically.

Specifications

View Previous Terms:

• Block cipher mode of operation
• Certificate authority
• Challenge-response authentication
• Cipher
• Cipher suite
• Ciphertext
• CORS
• CORS-safelisted request header
• CORS-safelisted response header
• Cross-site scripting
• Cryptanalysis
• Cryptographic hash function
• Cryptography
• CSP
• CSRF
• Decryption
• Digital certificate
• DTLS (Datagram Transport Layer Security)
• Encryption
• Forbidden header name
• Hash
• HMAC
• HPKP
• HSTS
• HTTPS
• Key
• MitM
• OWASP
• Preflight request
• Public-key cryptography
• Reporting directive
• Robots.txt
• Same-origin policy
• Session Hijacking
• SQL Injection
• Symmetric-key cryptography
• TOFU
• Transport Layer Security (TLS)
  

Credits

• Source: https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_response_header_name
• Published under Open CC Attribution ShareAlike 3.0 license

Related Stories

Subject Matter

JavaScript Concurrency Models: The Event Loop by @mozilla

#javascript

An Essential Guide to Binary Representation of Floating-Point Numbers by @trekhleb

#computer-science

The Clean Code Book for Javascript Developers: A Quick Summary by @ismailtlem

#software-development

Ruby on Rails is Not Dead! Here's How to Upgrade Ruby Legacy Applications by @mobidev

#ruby-on-rails

Understanding Lateral Movement and How to Detect It by @CarolynCrandall

#cybersecurity

13 Expert Tips to Improve Your Web Application Performance Today by @queueit

#scaling

Tags

#data-protection#security-terms#mozilla#backend#web-development#mdn#security