Any opinions expressed here are my own and not necessarily those of my employer (I'm self-employed). There are many things to consider when securing a web application but a definite "quick win" is to start taking advantage of the security HTTP response headers that are supported in most modern browser. It doesn't matter which development platform you use to build your application, these headers wi
![Security through HTTP response headers](https://cdn-ak-scissors.b.st-hatena.com/image/square/b5577a65fcdbf92ca26b9e138f29c38d9f6427ef/height=288;version=1;width=512/https%3A%2F%2F4.bp.blogspot.com%2F-ykCydtUYc4g%2FUEUYLnDZbxI%2FAAAAAAAAATE%2FdlshT-OqXOs%2Fw1200-h630-p-k-no-nu%2Fsecurityheaders.png)