Changes

Jump to navigation Jump to search

GC HTTPS HSTS (view source)

Revision as of 16:01, 4 November 2019

6 bytes added ,  16:01, 4 November 2019
→‎HTTP Strict Transport Security (HSTS)
Line 8: Line 8:  
* Always uses an https:// connection, even when clicking on an http:// link or after typing a domain into the location bar without specifying a protocol.
 
* Always uses an https:// connection, even when clicking on an http:// link or after typing a domain into the location bar without specifying a protocol.
 
* Removes the ability for users to click through warnings about invalid certificates
 
* Removes the ability for users to click through warnings about invalid certificates
* '''Note:''' HSTS headers set on '''HTTP''' endpoints are ignored by most browsers due to the potential for malicious headers to be injected, however are recognized on HTTPS endpoints.
+
* '''Note:''' HSTS headers set on '''HTTP''' endpoints are '''ignored by most browsers''' due to the potential for malicious headers to be injected, however are recognized on HTTPS endpoints.
    
===Types of HSTS===
 
===Types of HSTS===
Tim.allardyce
263

edits

Retrieved from "https://wiki.gccollab.ca/Special:MobileDiff/13533"

Navigation menu

GCwiki