There are a number of attacks that can be prevented by just having your web server send certain HTTP headers which browsers can then use to communicate with it in a more secure way. This post covers some of these attacks and the headers used to mitigate them.