In 📣 blog and 🧵 thread form @mikewest has 5 HTTP header-based improvements to add to your site today to defend against Spectre and other side-channel attacks.
Mike West: Spectre is a practical attack, as @_tsuro's PoC at
Defend your users' data against Spectre and other side-channel attacks by applying the equally practical mitigations described in
https://leaky.page/
https://w3c.github.io/webappsec-post-spectre-webdev/

https://twitter.com/ChromiumDev/status/1370403265721040897