Raw HTTP headers
Nginx
Apache
Express.js
default-src
script-src
style-src
img-src
connect-src
frame-ancestors
HSTS max-age
Referrer-Policy
strict-origin-when-cross-origin
no-referrer
same-origin
origin
HSTS
HSTS preload
X-Content-Type-Options
COOP
CORP
Permissions-Policy