App is missing important security related http headers
X-Frame-Options - Specifies whether the website should allow itself to be framed. Blocking framing helps defend against attacks such as Clickjacking. It should be set to DENY.
X-Content-Type-Options - This provides protection against XSS (cross site scripting attacks) or Drive-by-Download attacks.
Strict-Transport-Security - This header forces browsers to access the website via HTTPS.
There are a few other optional ones but every web app should at least have those previous 3 headers present to protect themselves againt malicious attacks.
App is missing important security related http headers
X-Frame-Options - Specifies whether the website should allow itself to be framed. Blocking framing helps defend against attacks such as Clickjacking. It should be set to DENY.
X-Content-Type-Options - This provides protection against XSS (cross site scripting attacks) or Drive-by-Download attacks.
Strict-Transport-Security - This header forces browsers to access the website via HTTPS.
There are a few other optional ones but every web app should at least have those previous 3 headers present to protect themselves againt malicious attacks.
onchainaddress:{esm99RRxKvainDsRR6UHRcju4vNnAw1ouZEw64Yfn12tc6HpQ}