Standards.REST is a website that helps you create better, more robust HTTP- and REST-based applications by providing an overview of existing, proven standards that allow you to build on existing solutions rather than re-invent the wheel yourself. The list of standards mentioned includes OAuth 2.0, the HTTP Caching standard and Application-Level Profile Semantics (ALPS), which – among others – is used extensively in Spring Data REST and Spring HATEOAS.

On a closely related note, Stefan Judis published an article on HTTP headers for the responsible developer for communications API provider Twilio. The article covers HTTP Strict Transport Security (HSTS) and Content-Security-Policy (CSP) – both of which in my opinion should be considered basic hygiene for making the web more secure today – as well as caching, encoding and compression mechanisms designed to reduce the payload sent to the user.