2026-06-10 - Additional Security Headers Added Across API and Frontend¶
Release¶
AgileData.io - Hardened Perimeter: New Security Headers Protect API and Browser Interactions
Additional HTTP security headers have been added to both the AgileData API layer and the frontend application. Security headers are a defence-in-depth measure that instruct browsers and clients on how to handle content, reducing the attack surface for common web vulnerabilities such as cross-site scripting (XSS), clickjacking, and content injection.
The headers have been implemented via the shared AgileData module so they apply consistently across all applications that use the shared layer. The content security policy has also been updated to allow Google avatar images, which are used for user profile display.
What’s New:
Two additional security headers added to all API responses
Security headers implemented in the frontend via the shared module for consistent coverage
Content Security Policy updated to permit Google avatar images
What this means for you:
Your AgileData session is better protected against common browser-based attacks
Security posture improvements applied consistently across the platform
Last Refreshed¶
Doc Refreshed: 2026-06-10