| https://owasp.org | This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License |  |
| CARVIEW |
Select Language
HTTP/2 200
date: Sat, 11 Oct 2025 09:30:54 GMT
content-type: text/html; charset=utf-8
cf-ray: 98cd57696ae79dfa-BLR
cf-cache-status: DYNAMIC
access-control-allow-origin: *
age: 0
cache-control: max-age=600
expires: Sat, 11 Oct 2025 09:40:54 GMT
last-modified: Tue, 31 Dec 2024 12:03:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
content-security-policy: default-src 'self' https://*.fontawesome.com https://api.github.com https://*.githubusercontent.com https://*.google-analytics.com https://owaspadmin.azurewebsites.net https://*.twimg.com https://platform.twitter.com https://www.youtube.com https://*.doubleclick.net; frame-ancestors 'self'; frame-src https://*.vuejs.org https://*.stripe.com https://*.wufoo.com https://*.sched.com https://*.google.com https://*.twitter.com https://www.youtube.com https://w.soundcloud.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://viewer.diagrams.net https://fonts.googleapis.com https://*.fontawesome.com https://app.diagrams.net https://cdnjs.cloudflare.com https://cse.google.com https://*.vuejs.org https://*.stripe.com https://*.wufoo.com https://*.youtube.com https://*.meetup.com https://*.sched.com https://*.google-analytics.com https://unpkg.com https://buttons.github.io https://www.google.com https://*.gstatic.com https://*.twitter.com https://*.twimg.com; style-src 'self' 'unsafe-inline' https://*.gstatic.com https://cdnjs.cloudflare.com https://www.google.com https://fonts.googleapis.com https://platform.twitter.com https://*.twimg.com data:; font-src 'self' https://*.fontawesome.com fonts.gstatic.com; manifest-src 'self' https://pay.google.com; img-src 'self' https://*.globalappsec.org https://render.com https://*.render.com https://okteto.com https://*.okteto.com data: www.w3.org https://*.bestpractices.dev https://licensebuttons.net https://img.shields.io https://*.twitter.com https://github.githubassets.com https://*.twimg.com https://platform.twitter.com https://*.githubusercontent.com https://*.vercel.app https://*.cloudfront.net https://*.coreinfrastructure.org https://*.securityknowledgeframework.org https://badges.gitter.im https://travis-ci.org https://api.travis-ci.org https://s3.amazonaws.com https://snyk.io https://coveralls.io https://requires.io https://github.com https://*.googleapis.com https://*.google.com https://*.gstatic.com
permissions-policy: geolocation=(self)
referrer-policy: same-origin
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-fastly-request-id: 480a6397c35a9fc1722a19c5f1b26ddbd0b3e923
x-frame-options: SAMEORIGIN
x-github-request-id: BFC6:97589:62A36:7B672:68EA23CD
x-proxy-cache: MISS
x-served-by: cache-bom-vanm7210089-BOM
x-timer: S1760175054.360461,VS0,VE302
content-encoding: gzip
OWASP API Security Top 10