HSTS All In One
HSTS All In One
HTTP Strict Transport Security
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.
HTTP 严格传输安全 (HSTS) 通知浏览器该站点只能使用 HTTPS 访问。
https://www.wappalyzer.com/technologies/security/hsts
https://www.rfc-editor.org/rfc/rfc6797#section-6.1
Strict-Transport-Security
Strict-Transport-Security: max-age=<expire-time>
Strict-Transport-Security: max-age=<expire-time>; includeSubDomains
Strict-Transport-Security: max-age=<expire-time>; includeSubDomains; preload
demos
Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
https://hstspreload.org/?domain=xgqfrms.xyz
https://github.com/chromium/hstspreload.org
TLS / SSL
Chrome
chrome://net-internals/#hsts
chrome://net-internals/
https://www.chromium.org/hsts/
Strict-Transport-Security: max-age=16070400; includeSubDomains
refs
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
©xgqfrms 2012-2021
www.cnblogs.com/xgqfrms 发布文章使用:只允许注册用户才可以访问!
原创文章,版权所有©️xgqfrms, 禁止转载 🈲️,侵权必究⚠️!
本文首发于博客园,作者:xgqfrms,原文链接:https://www.cnblogs.com/xgqfrms/p/16848461.html
未经授权禁止转载,违者必究!
浙公网安备 33010602011771号