HSTS All In One
HTTP Strict Transport Security
HTTP Strict Transport Security
(HSTS) informs browsers that the site should only be accessed using HTTPS
.
HTTP 严格传输安全 (HSTS) 通知浏览器该站点只能使用 HTTPS 访问。
https://www.wappalyzer.com/technologies/security/hsts
https://www.rfc-editor.org/rfc/rfc6797#section-6.1
Strict-Transport-Security
Strict-Transport-Security: max-age=<expire-time>
Strict-Transport-Security: max-age=<expire-time>; includeSubDomains
Strict-Transport-Security: max-age=<expire-time>; includeSubDomains; preload
demos
Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
https://hstspreload.org/?domain=xgqfrms.xyz
https://github.com/chromium/hstspreload.org
TLS / SSL
Chrome
chrome://net-internals/#hsts
chrome://net-internals/
https://www.chromium.org/hsts/
Strict-Transport-Security: max-age=16070400; includeSubDomains
refs
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
©xgqfrms 2012-2021
www.cnblogs.com/xgqfrms 发布文章使用:只允许注册用户才可以访问!
原创文章,版权所有©️xgqfrms, 禁止转载 ️,侵权必究⚠️!