Glossary of Terms: Web Applications Ingrid The following terms are commonly used and referenced along with the Web Application Security and Web Application Headers risk vectors. Browser Application software used to locate, display, and interact with content. Content can be a webpage containing files and digital media (images and videos) or a web application. Most browsers can be used to access information over the Internet, information in local networks, or locally stored files. Resource Lenovo, “What is a browser?” Content Security Policy (CSP) A directive that protects web applications against code injection. Cookie A text file stored for a website to provide the user continuity when visiting the site. The information could be login and authentication, user preferences, shopping cart contents, etc. Directive Instructions or rules stated within web application headers for how the browser should behave, often with a focus on security. Framework Pre-built tools that simplify and standardize web application development. Operating System System software that manages computer hardware and software resources and provides common services for computer programs. Examples: Microsoft Windows, Linux, Unix, Mac OS Header A Hypertext Transfer Protocol header (a.k.a. web application header or HTTP header) defines how communications between users of web-connected applications and applications hosted in web servers should be conducted. Redirect A directive that instructs the browser to visit a different URL from the original link. Subresource Integrity (SRI) Resource Bitsight Blog, “Web Application Security for DevOps: CORS & SRI” March 18, 2025: Published. Related articles Glossary of Terms: Grading & Finding Behavior Glossary of Terms Verifying That a Finding Is Remediated Glossary of Terms: Infrastructure Web Application Security Risk Vector Feedback 0 comments Please sign in to leave a comment.