The HTTP Cross-Origin-Opener-Policy (COOP) response header allows you to ensure a top-level document does not share a browsing context group with cross-origin documents.| MDN Web Docs
The HTTP Access-Control-Allow-Origin response header indicates whether the response can be shared with requesting code from the given origin.| MDN Web Docs
The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be upgraded to HTTPS.| MDN Web Docs
The HTTP Set-Cookie response header is used to send a cookie from the server to the user agent, so that the user agent can send it back to the server later. To send multiple cookies, multiple Set-Cookie headers should be sent in the same response.| MDN Web Docs
Update, April 9, 2021 : We've launched Am I FLoCed, a new site that will tell you whether your Chrome browser has been turned into a guinea pig for Federated Learning of Cohorts or FLoC, Google’s latest targeted advertising experiment. The third-party cookie is dying, and Google is trying to create...| Electronic Frontier Foundation
Provides technical information about HTTP security headers.| owasp.org
The HTTP Referrer-Policy response header controls how much referrer information (sent with the Referer header) should be included with requests. Aside from the HTTP header, you can set this policy in HTML.| MDN Web Docs
The HTTP X-Frame-Options response header can be used to indicate whether a browser should be allowed to render a page in a ,| MDN Web Docs
Website with the collection of all the cheat sheets of the project.| cheatsheetseries.owasp.org