Skip to content

Alternatives: TLS: HSTS

Jump to bottom Edit New page
Craig Francis edited this page Jan 19, 2015 · 1 revision
  • Checks HTTP website does a 301 redirect to HTTPS.
  • Checks header was sent.
  • Checks presence in browsers preload list (might not be necessary).
  • Give example header to copy/paste (don't think there is any risk in this, as HTTPS is working).

View demo

Firefox

Firefox Network Tab

Does show the use of HSTS.

Does not:

  • Check 301 redirect for a HTTP connection (risk of making too many requests?).
  • Shows if it's in the preload list (which won't scale to every website on the internet).
  • Include an example header to use (could be risky having them copy/paste, but probably less so than from a random website).
Add a custom footer
Add a custom sidebar
Clone this wiki locally