Notify to prefer to enforce Certificate Transparency.
Used to configure network request logging.
To allow or disable different features or APIs of the browser.
Used in redirection, or when a new resource has been created. This refresh redirects after 5 seconds. Header extension introduced by Netscape and supported by most web browsers. Defined by HTML Standard
Instructs the user agent to store reporting endpoints for an origin.
CGI header field specifying the status of the HTTP response. Normal HTTP responses use a separate "Status-Line" instead, defined by RFC 7230.
The Timing-Allow-Origin response header specifies origins that are allowed to see values of attributes retrieved via features of the Resource Timing API, which would otherwise be reported as zero due to cross-origin restrictions.
Provide the duration of the audio or video in seconds; only supported by Gecko browsers
The only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions.
Specifies the technology (e.g. ASP.NET, PHP, JBoss) supporting the web application (version details are often in X-Runtime, X-Version, or X-AspNet-Version)
Specifies the component that is responsible for a particular redirect.
Correlates HTTP requests between a client and server.
Recommends the preferred rendering engine (often a backward-compatibility mode) to use to display the content. Also used to activate Chrome Frame in Internet Explorer. In HTML Standard, only the IE=edge value is defined.
Cross-site scripting (XSS) filter
Content Security Policy definition.
X-WebKit-CSP: default-src 'self'