.. _2026-06-10-security-headers-added_release: ================================================================================= 2026-06-10 - Additional Security Headers Added Across API and Frontend ================================================================================= Release ================== AgileData.io - Hardened Perimeter: New Security Headers Protect API and Browser Interactions Additional HTTP security headers have been added to both the AgileData API layer and the frontend application. Security headers are a defence-in-depth measure that instruct browsers and clients on how to handle content, reducing the attack surface for common web vulnerabilities such as cross-site scripting (XSS), clickjacking, and content injection. The headers have been implemented via the shared AgileData module so they apply consistently across all applications that use the shared layer. The content security policy has also been updated to allow Google avatar images, which are used for user profile display. **What's New:** * Two additional security headers added to all API responses * Security headers implemented in the frontend via the shared module for consistent coverage * Content Security Policy updated to permit Google avatar images **What this means for you:** * Your AgileData session is better protected against common browser-based attacks * Security posture improvements applied consistently across the platform Last Refreshed =========================== *Doc Refreshed: 2026-06-10*