Connection Server complies with certain World Wide Web Consortium (W3) standards.

• Cross-Origin Resource Sharing (CORS) constrains client-side cross-origin requests. You can activate it by adding the entry enableCORS=true or deactivate it by adding the entry enableCORS=false to locked.properties.
• Content Security Policy (CSP), which mitigates a broad class of content injection vulnerabilities, is activated by default. You can deactivate it by adding the entry enableCSP=false to locked.properties.