This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:HTTP Strict Transport Security

From OWASP
Revision as of 02:21, 3 April 2013 by Shane Argo (talk | contribs) (Created page with "I would like to make a change to this page, but would like to check it's okay first. The IIS solution currently proposed on this page technically doesn't follow the spec, as ...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

I would like to make a change to this page, but would like to check it's okay first. The IIS solution currently proposed on this page technically doesn't follow the spec, as Section 7.2 specifies that the header must not be send over non-secure connections. I have written an open source IIS module which implements HSTS as per the specification which I would like to reference it here, but I am concerned that it may be interpreted as advertising or some other unacceptable update. I have read the Wikipedia editing guidelines referenced from the Help:Editing page and this change appears to be acceptable. --Shane Argo 02:21, 3 April 2013 (UTC)

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:HTTP_Strict_Transport_Security&oldid=149086"