CodeTools
A new default Referrer-Policy for Chrome
Chrome plans to gradually enable strict-origin-when-cross-origin.
CodeResources
When to use HTTPS for local development
HTTP is fine most of the time, except in some special cases.
CodeResources
Security headers quick reference
Important details about headers that can keep your site safe.
CodeResources
Monitor your web application with the Reporting API
What this API can do for you and how you can use it.