Discover published sets by community

Function: Allows you to control which origins can load resources. Security Benefit: Protects against certain types of resource loads from other origins to prevent data theft via side-channel attacks.

Function: Restricts the sources of content that browsers will load. Security Benefit: Mitigates cross-site scripting (XSS) and data injection attacks.

Function: Enables the browser's built-in protection against cross-site scripting (XSS). Security Benefit: Stops parts of the page from loading once XSS is detected.

Function: Prevents the document from loading any framed documents which don't opt-in to being embedded. Security Benefit: Tightens the loading of resources from different origins providing better isolation and protection against attacks.

Function: Controls the information sent as a referrer header when navigating away from a site. Security Benefit: Prevents possible leakage of sensitive URL parameters.

Function: Allows developers to explicitly declare what features and APIs can be used in the browser. Security Benefit: Prevents the misuse of certain browser features that could lead to vulnerabilities such as camera or microphone hijacking.

Function: Enforces secure (HTTPS) connections to the server. Security Benefit: Protects against man-in-the-middle attacks by converting all non-secure links to secure ones.

Function: Controls whether a browser can render a page in a <frame>, <iframe>, <embed> or <object>. Security Benefit: Prevents clickjacking attacks.

Function: Governs the set of features that might impact the security or privacy of the cross-origin isolated process. Security Benefit: Allows you to ensure a top-level window is isolated from other browsing contexts, guarding against attacks like cross-origin information leakage and spectre.