Menu

Introduction to PCI DSS (Payment Card Industry Data Security Standard)   Introduction to PCI DSS (Payment Card Industry Data Security Standard)   

Data Protection Act 1998   Data Protection Act 1998   

Secure HTML Practices   Secure HTML Practices   

SQL Injection Attack - Introduction and Mitigation Steps   SQL Injection Attack - Introduction and Mitigation Steps   

Cross Site Scripting (XSS) – Introduction and Mitigation Steps   Cross Site Scripting (XSS) – Introduction and Mitigation Steps   

Audit and Testing Tools for Web Application Security   Audit and Testing Tools for Web Application Security   

Threat Modeling for Web Application Security - Practice Guide   Threat Modeling for Web Application Security - Practice Guide   

Secure HTML Practices

Published on: 8/17/2014
Topic: HTML Security FAQ
Following are the key Meta tags and best practice for Secure HTML generation which allows the best use of Browser specific security features and make client side environment more secure. Most of settings are nothing but minor server side tweaks to correctly generate security sensitive meta tags or optimial handeling of other client side elements like Cookie & Cache.


Table of Contents

Use No-Email-Collection Meta Tag to Reduce Spam

‘no-email-collection’ meta tag is not used widely but adding this tag is recommended to hint spam bots for not crawling your website to search email addresses.

Not all crawling engine may respect the presence of no-email-collection tag but this may still be helpful to protect the email address listed on your website from crawling and public listing on the web. The email address listed on your websites may be victim of spam emails depending on email address exposure on public websites and using this tag you may restrict legitimate crawling engines to minimize the exposure.


Continue Reading: Disable Cache on Proxy for Secure Contents