is a website that helps you create better, more robust HTTP- and REST-based applications by providing an overview of existing, proven standards that allow you to build on existing solutions rather than re-invent the wheel yourself. The list of standards mentioned includes OAuth 2.0
, the HTTP Caching
standard and Application-Level Profile Semantics (ALPS)
, which – among others – is used extensively
in Spring Data REST
and Spring HATEOAS
On a closely related note, Stefan Judis published an article on HTTP headers for the responsible developer for communications API provider Twilio. The article covers HTTP Strict Transport Security (HSTS) and Content-Security-Policy (CSP) – both of which in my opinion should be considered basic hygiene for making the web more secure today – as well as caching, encoding and compression mechanisms designed to reduce the payload sent to the user.