List of HTTP headers for increased security.
- /* Strict-Transport-Security max-age=31536060; includeSubDomains; preload
- /* X-Frame-Options DENY
- /* X-XSS-Protection 1; mode=block
- /* X-Content-Type-Options nosniff
- /* Referrer-Policy strict-origin-when-cross-origin
- /* Cache-Control public, max-age=604860
- /* Content-Security-Policy default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; connect-src https://stats.larus.se/
TODO: Lookup each header and provide more info and references.