.. _resources-1:

Resources
==================

Frameworks
----------------------

-  `aiohttp <https://github.com/aio-libs/aiohttp>`__ - Asynchronous HTTP
   client/server framework for asyncio and Python
-  `Bottle <https://github.com/bottlepy/bottle>`__ - A fast and simple
   micro-framework for python web-applications.
-  `CherryPy <https://github.com/cherrypy/cherrypy>`__ - A pythonic,
   object-oriented HTTP framework.
-  `Django <https://github.com/django/django/>`__ - The Web framework
   for perfectionists with deadlines.
-  `Falcon <https://github.com/falconry/falcon>`__ - A bare-metal Python
   web API framework for building high-performance microservices, app
   backends, and higher-level frameworks.
-  `Flask <https://github.com/pallets/flask>`__ - The Python micro
   framework for building web applications.
-  `hug <https://github.com/timothycrosley/hug>`__ - Embrace the APIs of
   the future. Hug aims to make developing APIs as simple as possible,
   but no simpler.
-  `Masonite <https://github.com/MasoniteFramework/masonite>`__ - The Modern And Developer Centric Python Web Framework. 
-  `Pyramid <https://github.com/Pylons/pyramid>`__ - A Python web framework
-  `Quart <https://gitlab.com/pgjones/quart>`__ - A Python ASGI web
   microframework.
-  `Responder <https://github.com/kennethreitz/responder>`__ - A
   familiar HTTP Service Framework
-  `Sanic <https://github.com/huge-success/sanic>`__ - An Async Python
   3.5+ web server that’s written to go fast
-  `Starlette <https://github.com/encode/starlette>`__ - The little ASGI
   framework that shines. ✨
-  `Tornado <https://github.com/tornadoweb/tornado>`__ - A Python web
   framework and asynchronous networking library, originally developed
   at FriendFeed.


General
----------------------
-  `OWASP - Secure Headers
   Project <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project>`__
-  `OWASP - Session Management Cheat
   Sheet <https://www.owasp.org/index.php/Session_Management_Cheat_Sheet#Cookies>`__
-  `Mozilla Web
   Security <https://infosec.mozilla.org/guidelines/web_security>`__
-  `securityheaders.com <https://securityheaders.com>`__


Policies
----------------------

-  **CSP:** `CSP Cheat Sheet \| Scott
   Helme <https://scotthelme.co.uk/csp-cheat-sheet/>`__,
   `Content-Security-Policy \|
   MDN <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy>`__,
   `Content Security Policy Cheat Sheet \|
   OWASP <https://www.owasp.org/index.php/Content_Security_Policy_Cheat_Sheet>`__,
   `Content Security Policy CSP Reference &
   Examples <https://content-security-policy.com>`__
-  **XXP:** `X-XSS-Protection \|
   MDN <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection>`__
-  **XFO:** `X-Frame-Options \|
   MDN <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options>`__
-  **HSTS:** `Strict-Transport-Security \|
   MDN <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security>`__,
   `HTTP Strict Transport Security Cheat Sheet \|
   OWASP <https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet>`__
-  **Referrer:** `A new security header: Referrer Policy \| Scott
   Helme <https://scotthelme.co.uk/a-new-security-header-referrer-policy/>`__,
   `Referrer-Policy \|
   MDN <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy>`__
-  **Feature:** `A new security header: Feature Policy \| Scott
   Helme <https://scotthelme.co.uk/a-new-security-header-feature-policy/>`__,
   `Feature-Policy \|
   MDN <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy>`__,
   `Introduction to Feature Policy \| Google
   Developers <https://developers.google.com/web/updates/2018/06/feature-policy>`__
-  **Cache:** `Cache-Control \|
   MDN <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control>`__