Описание тега hsts

Описание тега Вопросы с тегом

HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents are to interact with it using only secure HTTPS connections.

HSTS is based on research done by Adam Barth and Colin Jackson on the ForceHTTPS protocol starting in 2008, which evolved into the ForceTLS protocol and finally the HSTS protocol.

References

RFC 6797: HTTP Strict Transport Security (HSTS)
ForceHTTPS: Protecting High-Security Web Sites from Network Attacks
ForceTLS Firefox Addon
Mozilla Bug 495115 - Implement Strict-Transport-Security (was ForceTLS) to allow sites to specify HTTPS-only connections
Strict Transport Security in NoScript
Forcing HTTPS with NoScript
https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet
HTTP Strict Transport Security
Understanding HTTP Strict Transport Security (HSTS) and preloading it into the browser
RFC 7457: Summarizing Known Attacks on Transport Layer Security (TLS)and Datagram TLS (DTLS)