-
Feature Request: https://tools.ietf.org/html/rfc6797
HSTS with Preloaded site list
Mainly curious if this is something that would fit within OkHttp core, or should be a purely separate addon? T…
-
choosealicense.org has HSTS due to #483.
It would be great to go all the way and preload HSTS: https://hstspreload.org/?domain=choosealicense.org
Steps would be:
- [x] Serve an HSTS header wi…
-
Hey,
maybe i missunderstand but can someone explain me the usage of the hsts cookie?
Options:
hsts: true,
hsts_domains: ['/php/hsts_cookie.php','',''], for example a 4?
or how i have to setup…
-
Hello does your tool bypass HSTS?
IamKO updated
3 years ago
-
The site doesn't work on purpose over HTTP. We should have at least a redirection from HTTP to HTTPS, or event better enable HSTS to disable plain HTTP on this site.
-
Add `Strict-Transport-Security: max-age=15768000` to the server's response headers.
-
It would be interesting to implement [HSTS](https://tools.ietf.org/html/rfc6797) to redirect users to https (our identifiers are in http), and we could even register on https://hstspreload.org/ once t…
eroux updated
4 years ago
-
[Example deafsluitdijk.nl](https://internet.nl/site/deafsluitdijk.nl/2186111/#control-panel-10)
```none
Strict-Transport-Security: : max-age=31536000; IncludeSubDomains
```
Note the extra `:`, I c…
-
For reasons which are at the moment unclear, the HSTS header on https://cursus.formulierenserver.nl is not detected:
https://internet.nl/site/cursus.formulierenserver.nl/1917990/#control-panel-10.
…
-
Mail discussion between RD and BK on 2018-09-06:
> This is about the Chrome preload list (https://hstspreload.org/) that is also used by other major
> browsers but probably not by all browsers.
…
baknu updated
6 months ago