jspωiki
Strict-Transport-Security
Your trail: 

Overview#

Strict-Transport-Security is the HTTP response HTTP Header Field from the Server to the User-agent for HTTP Strict Transport Security Policy. (RFC 6797)

Strict-Transport-Security Examples [1]#

Strict-Transport-Security: max-age=<expire-time>
Strict-Transport-Security: max-age=<expire-time>; includeSubDomains
Strict-Transport-Security: max-age=<expire-time>; preload

Directives#

  • max-age=<expire-time> - The time, in seconds, that the browser should remember that a site is only to be accessed using HTTPS.
  • includeSubDomains - OPTIONAL - If this optional parameter is specified, this rule applies to all of the site's subdomains as well.
  • preload - OPTIONAL - See Preloading Strict Transport Security for details. Not part of the specification.

The preload directive is browser dependent

More Information#

There might be more information for this subject on one of the following:

This page (revision-5) was last changed on 12-May-2018 18:22 by jim Top

Main page
About
Recent Changes
Tools Page

Lead Pages#

WikiEtiquette
Find pages
Unused pages
Undefined pages
Page Index
News


Site Maintained By -jim

Costs of Wiki

Donations#

If you like Ldapwiki, please consider a donation.

Donation for LDAPWiki


Active Sessions76
Uptime16d, 1h 47m 16s
Number of pages14167

JSPWiki v2.10.1
jspωiki
Please see our Copyright And Intellectual Property Page and Standard Disclaimer Pages!
JSPWiki v2.10.1