My blog TODO: https://securityheaders.com/ https://infosec.mozilla.org/guidelines/web_security#x-frame-options https://infosec.mozilla.org/guidelines/web_security#cross-origin-resource-sharing https://infosec.mozilla.org/guidelines/web_security#subresource-integrity