Difference between revisions of "HTTP Strict Transport Security"

Latest revision as of 07:01, 8 July 2016

Redirect to:

@@ Line 1: / Line 1: @@
-{{Template:Stub}}
+#REDIRECT [[HTTP_Strict_Transport_Security_Cheat_Sheet]]
-<br>
-== Description ==
-HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS.
-<br>
-== Examples ==
-Example of the HTTP strict transport security header
-Strict-Transport-Security: max-age=60000
-== Browser Support ==
-{| width="400" cellspacing="1" cellpadding="1" border="1"
-|-
-| '''Browser'''<br>
-| '''Lowest Version Supported'''<br>
-|-
-| Internet Explorer <br>
-| no support<br>
-|-
-| Firefox<br>
-| 4<br>
-|-
-| Opera<br>
-| 10.50<br>
-|-
-| Safari<br>
-| 4.0<br>
-|-
-| Chrome<br>
-| 4.0.211.0<br>
-|}
-<br>
-== Links ==
-[http://www.w3.org/Security/wiki/Strict_Transport_Security HSTS Spec]
-[http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security Wikipedia.org entry]
-[https://developer.mozilla.org/en/Security/HTTP_Strict_Transport_Security MDN Docs for HSTS]
-[https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet OWASP TLS Protection Cheat Sheet]
-[[Category:Control|Control]]