-
Type: other
cf. https://github.com/EFForg/https-everywhere/issues/7126
https://groups.google.com/a/chromium.org/forum/#!topic/hsts-discuss/XzMpDMqtkKc
https://github.com/chromium/hstspreload.or…
-
```
Error: No includeSubDomains directiveThe header must contain the `includeSubDomains` directive.
Error: No preload directiveThe header must contain the `preload` directive.
```
https://hstspr…
-
Type: other
----
Pull in question https://github.com/EFForg/https-everywhere/pull/13117
You can check using hstspreload.org that it isn't preloaded.
ghost updated
7 years ago
-
Observatory by Mozilla, https://observatory.mozilla.org, performs tests that SSL labs does not but also simultaneously tests with SSL labs, htbridge.com, tls.imirhil.fr, securityheaders.io, and hstspr…
-
From https://github.com/chromium/hstspreload/issues/81#issuecomment-228153898.
-
- [x] We should add all the fancy secure headers;
- X-Frame-Options
- X-XSS-Protection
- X-Content-Type-Options
- [x] Currently Ore set three cookies (I don't think I missed something):…
-
**Is this a request for help?** (If yes, you should use our troubleshooting guide and community support channels, see https://kubernetes.io/docs/tasks/debug-application-cluster/troubleshooting/.):…
-
```
Page Security/Guidelines/Web_Security differ.
---
+++
@@ -234,13 +234,13 @@
* max-age: how long user agents will redirect to HTTPS, in seconds
* includeSubDomains: whether user agents…
-
I had an error in my HSTS header but hstspreload.appspot.com didn't alert me to this error because my site was already in the preload list.
-
Here: [http://monocypher.org]()
No HTTPS for now, I'll set that up shortly.