Closed strugee closed 5 years ago
styfle
commented
6 years ago You can use Mozilla Observatory to check for HSTS and many other security-related headers.
You can read more in my blog post here: https://medium.com/@styfle/security-best-practices-in-2017-cfdf1784c0a2
strugee
commented
6 years ago @styfle right, I know about that. (Thank you though!)
There are lots of ways to figure out if something serves HSTS headers. What I want is something where I can see this information at-a-glance (and without switching to a terminal or another webpage).
paulirish
commented
6 years ago https://chrome.google.com/webstore/detail/securityheadersio-analyse/hbghndjigmobckggakgcalcfbohgkgog is close but it's not exactly what you're asking for.
stale[bot]
commented
5 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
stale[bot]
commented
5 years ago This issue has been automatically closed because it has not had recent activity. Thank you for your contributions.
I spend a fair amount of my time advocating for HTTPS adoption.
I'd like to do the same for advanced stuff like HSTS headers, but checking for those types of things is way more of a hassle than just looking at the first five characters of the URL. It'd be really neat if there was an extension that checked for these headers and put an icon in the address bar or something. Maybe something similar to tos;dr's design, I dunno.