-
HSTS, or HTTP Strict Transport Security, is a new thing that forces client browsers to use HTTPS instead of HTTP. Look into Heroku and see if it's something we have to purchase, or simply turn on.
-
See https://forums.aws.amazon.com/thread.jspa?threadID=162252#jive-message-778226. Once @tobie has shared access details to the S3 instance I'd be willing to take a look at this, but no rush I think.
-
Consider enabling HTTPS and HTTP Strict Transport Security.
-
The server serving micropython.org is configured to send a HSTS header. This means all connections are forcibly upgraded to TLS (which in general is a good thing).
However the webrepl doesn't work …
ulope updated
2 months ago
-
## Is your feature request related to a problem? Please describe.
HSTS (HTTP Strict Transport Security) max age is too short at 604800, as shown by SSL Labs.
## Describe the feature you would li…
-
-
In your nginx/etc server config can you add:
`add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";`
This will prevent TLS downgrades when browsing slimerjs.org
-
I just emailed Alexey on an unrelated topic, and he suggested that STS should be using a new registry. "On a somewhat related note: are you updating your draft to use HSTS IANA registry (as per Chris …
-
HSTS option seems not enabled event when the parameter is set to true in the mirth properties file :
http.stricttransportsecurity | true
-- | --
- OS: Windows2016
- Java Distr…
-
(once implemented)
https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/
https://https.cio.gov/hsts/