Difference between revisions of "HTTP Strict Transport Security (HSTS)"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
Tags: Mobile web edit, Mobile edit |
||
| Line 4: | Line 4: | ||
<code>Strict-Transport-Security: max-age=31536000; includeSubDomains</code> | <code>Strict-Transport-Security: max-age=31536000; includeSubDomains</code> | ||
| + | |||
| + | |||
| + | |||
| + | == Related terms == | ||
| + | * Read: https://security.googleblog.com/2017/09/broadening-hsts-to-secure-more-of-web.html | ||
Revision as of 07:42, 26 July 2020
wikipedia:HTTP Strict Transport Security (HSTS) (2012) is a web security policy mechanism that helps to protect websites against protocol downgrade attacks and cookie hijacking.
Strict-Transport-Security: max-age=31536000; includeSubDomains
Related terms
See also
- HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL, WebSockets, WebRTC,ssl_certificateQUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure, Axios HTTP client, HTTP cookies, HTTP ETag, Hypertext Transfer Protocol -- HTTP/1.1 - CA, Root Certificates, FreeIPA, PKI, OpenCA, Wildcard certificate,
certtool,certbot(Let's Encrypt),certinfo(Cloudflare), ACME, Boulder,cfssl(Cloudflare), Public key certificate, public key, TLS and X.509, OCSP, Subject Alternative Name (SAN),openssl ca, Self signed certificate, CSR,keytool, ACM, KMS,aws acm, IdenTrust, multirootca, cert-manager, ca_cert_identifier
Advertising:
