***

title: get_security_headers
slug: /reference/python/agents/configuration/security-config/get-security-headers
description: Get security headers to add to HTTP responses.
max-toc-depth: 3
---------------------

For a complete index of all SignalWire documentation pages, fetch https://signalwire.com/docs/llms.txt

Get security headers to add to HTTP responses.

## **Parameters**

<ParamField path="is_https" type="bool" default="false" toc={true}>
  Whether the connection is over HTTPS. When `True` and `use_hsts` is enabled,
  the `Strict-Transport-Security` header is included.
</ParamField>

## **Returns**

`dict[str, str]` -- Dictionary of security headers including `X-Content-Type-Options`,
`X-Frame-Options`, `X-XSS-Protection`, `Referrer-Policy`, and optionally
`Strict-Transport-Security`.

## **Example**

```python {4-5}
from signalwire.core.security_config import SecurityConfig

security = SecurityConfig()
headers = security.get_security_headers(is_https=False)
https_headers = security.get_security_headers(is_https=True)

print(headers)
# {'X-Content-Type-Options': 'nosniff', 'X-Frame-Options': 'DENY', ...}
print(https_headers)
# Includes 'Strict-Transport-Security' header when HSTS is enabled
```