Network

The **3LO flow** (Three-Legged OAuth flow) is an OAuth 2.0 authorization flow used to allow applications to access user data on their behalf with **user consent**. It's commonly used by APIs like Google, GitHub, and others when the application needs access to a user's private resources (e.g., calendar, email, files).

**Content Security Policy (CSP)** is a security feature implemented in web browsers to prevent attacks like **Cross-Site Scripting (XSS)**, **clickjacking**, and other **code injection attacks** by restricting the sources from which content can be loaded.

A **Man-in-the-Middle (MITM) attack** is a type of cyberattack where an attacker secretly intercepts and possibly alters the communication between two parties who believe they are directly communicating with each other.

TLS (Transport Layer Security) is a cryptographic protocol that provides **secure communication** over a computer network.

An **upstream service** is a service that another service (the **downstream service**) depends on or receives data from.

operates at the **Transport Layer (Layer 4)** of the OSI model.