René's URL Explorer Experiment


Title: HTTP Strict Transport Security - Wikipedia

Open Graph Title: HTTP Strict Transport Security - Wikipedia

Generator: MediaWiki 1.47.0-wmf.8

direct link

Domain: en.wikipedia.org


Hey, it has json ld scripts:
{"@context":"https:\/\/schema.org","@type":"Article","name":"HTTP Strict Transport Security","url":"https:\/\/en.wikipedia.org\/wiki\/HTTP_Strict_Transport_Security","sameAs":"http:\/\/www.wikidata.org\/entity\/Q2438540","mainEntity":"http:\/\/www.wikidata.org\/entity\/Q2438540","author":{"@type":"Organization","name":"Contributors to Wikimedia projects"},"publisher":{"@type":"Organization","name":"Wikimedia Foundation, Inc.","logo":{"@type":"ImageObject","url":"https:\/\/www.wikimedia.org\/static\/images\/wmf-hor-googpub.png"}},"datePublished":"2009-11-19T10:01:10Z","dateModified":"2026-05-24T00:20:50Z","headline":"HTTP response header field and associated policy"}

referrerorigin-when-cross-origin
format-detectiontelephone=no
og:typewebsite

Links:

Jump to contenthttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#bodyContent
Main pagehttps://en.wikipedia.org/wiki/Main_Page
Contentshttps://en.wikipedia.org/wiki/Wikipedia:Contents
Current eventshttps://en.wikipedia.org/wiki/Portal:Current_events
Random articlehttps://en.wikipedia.org/wiki/Special:Random
About Wikipediahttps://en.wikipedia.org/wiki/Wikipedia:About
Contact ushttps://en.wikipedia.org/wiki/Wikipedia:Contact_us
Helphttps://en.wikipedia.org/wiki/Help:Contents
Learn to edithttps://en.wikipedia.org/wiki/Help:Introduction
Community portalhttps://en.wikipedia.org/wiki/Wikipedia:Community_portal
Recent changeshttps://en.wikipedia.org/wiki/Special:RecentChanges
Upload filehttps://en.wikipedia.org/wiki/Wikipedia:File_upload_wizard
Special pageshttps://en.wikipedia.org/wiki/Special:SpecialPages
https://en.wikipedia.org/wiki/Main_Page
Search https://en.wikipedia.org/wiki/Special:Search
Donatehttps://donate.wikimedia.org/?wmf_source=donate&wmf_medium=sidebar&wmf_campaign=en.wikipedia.org&uselang=en
Create accounthttps://en.wikipedia.org/w/index.php?title=Special:CreateAccount&returnto=HTTP+Strict+Transport+Security
Log inhttps://en.wikipedia.org/w/index.php?title=Special:UserLogin&returnto=HTTP+Strict+Transport+Security
Donatehttps://donate.wikimedia.org/?wmf_source=donate&wmf_medium=sidebar&wmf_campaign=en.wikipedia.org&uselang=en
Create accounthttps://en.wikipedia.org/w/index.php?title=Special:CreateAccount&returnto=HTTP+Strict+Transport+Security
Log inhttps://en.wikipedia.org/w/index.php?title=Special:UserLogin&returnto=HTTP+Strict+Transport+Security
(Top) https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
1 Specification history https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Specification_history
2 HSTS mechanism overview https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#HSTS_mechanism_overview
3 Applicability https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Applicability
4 Limitations https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Limitations
4.1 Solutions with preload list https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Solutions_with_preload_list
4.2 Privacy issues https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Privacy_issues
5 Browser support https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Browser_support
6 Deployment best practices https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Deployment_best_practices
7 See also https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#See_also
8 References https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#References
9 External links https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#External_links
العربيةhttps://ar.wikipedia.org/wiki/%D8%A3%D9%85%D8%A7%D9%86_%D9%86%D9%82%D9%84_%D8%A8%D8%B1%D9%88%D8%AA%D9%88%D9%83%D9%88%D9%84_%D9%86%D9%82%D9%84_%D8%A7%D9%84%D9%86%D8%B5_%D8%A7%D9%84%D9%81%D8%A7%D8%A6%D9%82_%D8%A7%D9%84%D8%B5%D8%A7%D8%B1%D9%85
Češtinahttps://cs.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Deutschhttps://de.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Españolhttps://es.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Françaishttps://fr.wikipedia.org/wiki/HTTP_Strict_Transport_Security
עבריתhttps://he.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Italianohttps://it.wikipedia.org/wiki/HTTP_Strict_Transport_Security
日本語https://ja.wikipedia.org/wiki/HTTP_Strict_Transport_Security
한국어https://ko.wikipedia.org/wiki/HTTP_%EC%8A%A4%ED%8A%B8%EB%A6%AD%ED%8A%B8_%ED%8A%B8%EB%9E%9C%EC%8A%A4%ED%8F%AC%ED%8A%B8_%EC%8B%9C%ED%81%90%EB%A6%AC%ED%8B%B0
Nederlandshttps://nl.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Polskihttps://pl.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Românăhttps://ro.wikipedia.org/wiki/HSTS
Русскийhttps://ru.wikipedia.org/wiki/HSTS
Türkçehttps://tr.wikipedia.org/wiki/HTTP_Kat%C4%B1_Ta%C5%9F%C4%B1ma_G%C3%BCvenli%C4%9Fi
Українськаhttps://uk.wikipedia.org/wiki/HSTS
中文https://zh.wikipedia.org/wiki/HTTP%E4%B8%A5%E6%A0%BC%E4%BC%A0%E8%BE%93%E5%AE%89%E5%85%A8
Edit linkshttps://www.wikidata.org/wiki/Special:EntityPage/Q2438540#sitelinks-wikipedia
Articlehttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Talkhttps://en.wikipedia.org/wiki/Talk:HTTP_Strict_Transport_Security
Readhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit
View historyhttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=history
Readhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit
View historyhttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=history
What links herehttps://en.wikipedia.org/wiki/Special:WhatLinksHere/HTTP_Strict_Transport_Security
Related changeshttps://en.wikipedia.org/wiki/Special:RecentChangesLinked/HTTP_Strict_Transport_Security
Upload filehttps://en.wikipedia.org/wiki/Wikipedia:File_Upload_Wizard
Permanent linkhttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&oldid=1355799340
Page informationhttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=info
Cite this pagehttps://en.wikipedia.org/w/index.php?title=Special:CiteThisPage&page=HTTP_Strict_Transport_Security&id=1355799340&wpFormIdentifier=titleform
Get shortened URLhttps://en.wikipedia.org/w/index.php?title=Special:UrlShortener&url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FHTTP_Strict_Transport_Security
Download as PDFhttps://en.wikipedia.org/w/index.php?title=Special:DownloadAsPdf&page=HTTP_Strict_Transport_Security&action=show-download-screen
Printable versionhttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&printable=yes
Wikidata itemhttps://www.wikidata.org/wiki/Special:EntityPage/Q2438540
man-in-the-middle attackshttps://en.wikipedia.org/wiki/Man-in-the-middle_attack
protocol downgrade attackshttps://en.wikipedia.org/wiki/Protocol_downgrade_attack
[1]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-mdn-security-1
cookie hijackinghttps://en.wikipedia.org/wiki/Session_hijacking
web servershttps://en.wikipedia.org/wiki/Web_server
user agentshttps://en.wikipedia.org/wiki/User_agent
HTTPShttps://en.wikipedia.org/wiki/HTTPS
Transport Layer Securityhttps://en.wikipedia.org/wiki/Transport_Layer_Security
HTTPhttps://en.wikipedia.org/wiki/HTTP
IETFhttps://en.wikipedia.org/wiki/Internet_Engineering_Task_Force
standardshttps://en.wikipedia.org/wiki/Internet_Standard
RFChttps://en.wikipedia.org/wiki/RFC_(identifier)
6797https://www.rfc-editor.org/rfc/rfc6797
headerhttps://en.wikipedia.org/wiki/List_of_HTTP_header_fields
user agenthttps://en.wikipedia.org/wiki/User_agent
[2]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-rfc6797-2
trust on first usehttps://en.wikipedia.org/wiki/Trust_on_first_use
Google Chromehttps://en.wikipedia.org/wiki/Google_Chrome
web browsershttps://en.wikipedia.org/wiki/Web_browser
[3]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-3
[4]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-4
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=1
IESGhttps://en.wikipedia.org/wiki/IESG
Proposed Standardhttps://en.wikipedia.org/wiki/Internet_Standard
RFChttps://en.wikipedia.org/wiki/Request_for_Comments
[5]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-hsts-ps-rfc-approval-iesg-msg-5
Internet Drafthttps://en.wikipedia.org/wiki/Internet_Draft
HTTPhttps://en.wikipedia.org/wiki/HTTP
[6]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-6
[7]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-STS-draft-spec-2-7
PayPalhttps://en.wikipedia.org/wiki/PayPal
[8]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-draft-spec-8
[9]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-forcehttps-paper-9
[10]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-web-sec-policy-frmwk-10
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=2
[1]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-mdn-security-1
[2]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-rfc6797-2
TLShttps://en.wikipedia.org/wiki/Transport_Layer_Security
certificatehttps://en.wikipedia.org/wiki/Public_key_certificate
[2]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-rfc6797-2
[2]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-rfc6797-2
eavesdroppinghttps://en.wikipedia.org/wiki/Eavesdropping
attackshttps://en.wikipedia.org/wiki/Attack_(computing)
[2]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-rfc6797-2
man-in-the-middle attackerhttps://en.wikipedia.org/wiki/Man-in-the-middle_attack
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=3
man-in-the-middle attackshttps://en.wikipedia.org/wiki/Man-in-the-middle_attack
Moxie Marlinspikehttps://en.wikipedia.org/wiki/Moxie_Marlinspike
[11]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-11
[12]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-12
TLShttps://en.wikipedia.org/wiki/Transport_Layer_Security
HTTPShttps://en.wikipedia.org/wiki/HTTPS
[13]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-13
[2]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-rfc6797-2
Google Chromehttps://en.wikipedia.org/wiki/Google_Chrome
Mozilla Firefoxhttps://en.wikipedia.org/wiki/Firefox
Internet Explorerhttps://en.wikipedia.org/wiki/Internet_Explorer
Microsoft Edgehttps://en.wikipedia.org/wiki/Microsoft_Edge
[14]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-preloading_hsts_chromium-14
[15]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-preloading_hsts_mozillla-15
[16]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-iepreload-16
limitationshttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Limitations
Firesheephttps://en.wikipedia.org/wiki/Firesheep
[17]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-17
NTPhttps://en.wikipedia.org/wiki/Network_Time_Protocol
[18]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-18
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=4
URIhttps://en.wikipedia.org/wiki/Uniform_Resource_Identifier
insecure channelhttps://en.wikipedia.org/wiki/Insecure_channel
[2]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-rfc6797-2
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=5
Google Chromehttps://en.wikipedia.org/wiki/Google_Chrome
Mozilla Firefoxhttps://en.wikipedia.org/wiki/Firefox
Internet Explorerhttps://en.wikipedia.org/wiki/Internet_Explorer
Microsoft Edgehttps://en.wikipedia.org/wiki/Microsoft_Edge
[19]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-19
[14]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-preloading_hsts_chromium-14
[15]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-preloading_hsts_mozillla-15
[16]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-iepreload-16
DNShttps://en.wikipedia.org/wiki/Domain_name_system
DNSSEChttps://en.wikipedia.org/wiki/DNSSEC
last milehttps://en.wikipedia.org/wiki/Last_mile_(telecommunications)
[20]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-20
[21]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-auto-21
[22]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-22
BEASThttps://en.wikipedia.org/wiki/BEAST_(computer_security)
CRIMEhttps://en.wikipedia.org/wiki/CRIME_(security_exploit)
orthogonalhttps://en.wikipedia.org/wiki/Orthogonal#Computer_science
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=6
supercookieshttps://en.wikipedia.org/wiki/HTTP_cookie#Supercookie
incognitohttps://en.wikipedia.org/wiki/Privacy_mode
[23]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-23
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=7
https://en.wikipedia.org/wiki/File:Chromium_HSTS_settings_screenshot.png
Chromiumhttps://en.wikipedia.org/wiki/Chromium_(web_browser)
Google Chromehttps://en.wikipedia.org/wiki/Google_Chrome
[24]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-chromium_sts-24
[25]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-25
Firefoxhttps://en.wikipedia.org/wiki/Firefox
[1]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-mdn-security-1
Mozillahttps://en.wikipedia.org/wiki/Mozilla
[15]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-preloading_hsts_mozillla-15
Operahttps://en.wikipedia.org/wiki/Opera_(web_browser)
[26]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-opera_presto-26
Safarihttps://en.wikipedia.org/wiki/Safari_(web_browser)
OS X Maverickshttps://en.wikipedia.org/wiki/OS_X_Mavericks
[27]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-27
Internet Explorer 11https://en.wikipedia.org/wiki/Internet_Explorer_11
Windows 8.1https://en.wikipedia.org/wiki/Windows_8.1
Windows 7https://en.wikipedia.org/wiki/Windows_7
KB3058515https://support.microsoft.com/kb/3058515
[28]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-28
Microsoft Edgehttps://en.wikipedia.org/wiki/Microsoft_Edge
Internet Explorer 11https://en.wikipedia.org/wiki/Internet_Explorer_11
Windows 10https://en.wikipedia.org/wiki/Windows_10
[29]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-29
[30]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-30
BlackBerry 10https://en.wikipedia.org/wiki/BlackBerry_10
WebViewhttps://developer.blackberry.com/native/reference/cascades/bb__cascades__webview.html
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=8
[2]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-rfc6797-2
[2]https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_note-rfc6797-2
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=9
https://en.wikipedia.org/wiki/File:Crystal_Clear_app_linneighborhood.svg
Internet portalhttps://en.wikipedia.org/wiki/Portal:Internet
RFChttps://en.wikipedia.org/wiki/RFC_(identifier)
6797https://www.rfc-editor.org/rfc/rfc6797
Content Security Policyhttps://en.wikipedia.org/wiki/Content_Security_Policy
.app TLDhttps://en.wikipedia.org/wiki/.app_(top-level_domain)
.dev TLDhttps://en.wikipedia.org/wiki/.dev
HTTP Public Key Pinninghttps://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=10
ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-mdn-security_1-0
bhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-mdn-security_1-1
chttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-mdn-security_1-2
"Strict-Transport-Security"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
MDN Web Docshttps://en.wikipedia.org/wiki/MDN_Web_Docs
Mozillahttps://en.wikipedia.org/wiki/Mozilla
Archivedhttps://web.archive.org/web/20200320021752/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-rfc6797_2-0
bhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-rfc6797_2-1
chttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-rfc6797_2-2
dhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-rfc6797_2-3
ehttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-rfc6797_2-4
fhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-rfc6797_2-5
ghttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-rfc6797_2-6
hhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-rfc6797_2-7
ihttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-rfc6797_2-8
HTTP Strict Transport Security (HSTS)https://www.rfc-editor.org/rfc/rfc6797
Internet Engineering Task Forcehttps://en.wikipedia.org/wiki/Internet_Engineering_Task_Force
doihttps://en.wikipedia.org/wiki/Doi_(identifier)
10.17487/RFC6797https://doi.org/10.17487%2FRFC6797
ISSNhttps://en.wikipedia.org/wiki/ISSN_(identifier)
2070-1721https://search.worldcat.org/issn/2070-1721
RFChttps://en.wikipedia.org/wiki/Request_for_Comments
6797https://datatracker.ietf.org/doc/html/rfc6797
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-3
"Preloading HSTS"https://blog.mozilla.org/security/2012/11/01/preloading-hsts
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-4
"HSTS Preload List Submission"https://hstspreload.org/
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-hsts-ps-rfc-approval-iesg-msg_5-0
"[websec] Protocol Action: 'HTTP Strict Transport Security (HSTS)' to Proposed Standard (draft-ietf-websec-strict-transport-sec-14.txt)"https://www.ietf.org/mail-archive/web/websec/current/msg01401.html
Archivedhttps://web.archive.org/web/20170129010418/https://www.ietf.org/mail-archive/web/websec/current/msg01401.html
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-6
"Re: [HASMAT] "STS" moniker (was: IETF BoF @IETF-78 Maastricht: HASMAT...)"https://www.ietf.org/mail-archive/web/hasmat/current/msg00025.html
Archivedhttps://web.archive.org/web/20170202023740/https://www.ietf.org/mail-archive/web/hasmat/current/msg00025.html
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-STS-draft-spec-2_7-0
"Strict Transport Security -06"http://lists.w3.org/Archives/Public/www-archive/2009Dec/att-0048/draft-hodges-strict-transport-sec-06.plain.html
Archivedhttps://web.archive.org/web/20170221200316/http://lists.w3.org/Archives/Public/www-archive/2009Dec/att-0048/draft-hodges-strict-transport-sec-06.plain.html
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-draft-spec_8-0
"Strict Transport Security -05"https://lists.w3.org/Archives/Public/www-archive/2009Sep/att-0051/draft-hodges-strict-transport-sec-05.plain.html
Archivedhttps://web.archive.org/web/20200224205710/https://lists.w3.org/Archives/Public/www-archive/2009Sep/att-0051/draft-hodges-strict-transport-sec-05.plain.html
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-forcehttps-paper_9-0
"ForceHTTPS: Protecting High-Security Web Site from Network Attacks"https://crypto.stanford.edu/forcehttps/
Archivedhttps://web.archive.org/web/20200228030854/https://crypto.stanford.edu/forcehttps/
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-web-sec-policy-frmwk_10-0
"The Need for Coherent Web Security Policy Framework(s)"http://www.thesecuritypractice.com/the_security_practice/2010/10/the-need-for-coherent-web-security-policy-frameworks.html
Archivedhttps://web.archive.org/web/20170814175208/http://www.thesecuritypractice.com/the_security_practice/2010/10/the-need-for-coherent-web-security-policy-frameworks.html
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-11
New Tricks For Defeating SSL In Practicehttps://blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
Black Hat Briefingshttps://en.wikipedia.org/wiki/Black_Hat_Briefings
Archivedhttps://web.archive.org/web/20141230024722/http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-12
Defeating SSL Using Sslstriphttps://www.youtube.com/watch?v=MFol6IMbZ7Y
YouTubehttps://en.wikipedia.org/wiki/YouTube_video_(identifier)
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-13
Marlinspike, Moxiehttps://en.wikipedia.org/wiki/Moxie_Marlinspike
New Tricks for Defeating SSL in Practicehttps://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-preloading_hsts_chromium_14-0
bhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-preloading_hsts_chromium_14-1
"Strict Transport Security"https://www.chromium.org/sts
Archivedhttps://web.archive.org/web/20190901122419/http://www.chromium.org/sts
ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-preloading_hsts_mozillla_15-0
bhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-preloading_hsts_mozillla_15-1
chttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-preloading_hsts_mozillla_15-2
"Preloading HSTS"https://blog.mozilla.org/security/2012/11/01/preloading-hsts/
Archivedhttps://web.archive.org/web/20200224205730/https://blog.mozilla.org/security/2012/11/01/preloading-hsts/
ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-iepreload_16-0
bhttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-iepreload_16-1
"HTTP Strict Transport Security comes to Internet Explorer"http://blogs.msdn.com/b/ie/archive/2015/02/16/http-strict-transport-security-comes-to-internet-explorer.aspx
Archivedhttps://web.archive.org/web/20151115035120/http://blogs.msdn.com/b/ie/archive/2015/02/16/http-strict-transport-security-comes-to-internet-explorer.aspx
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-17
"Firesheep and HSTS (HTTP Strict Transport Security)"http://identitymeme.org/archives/2010/10/29/firesheep-and-hsts-http-strict-transport-security/
Archivedhttps://web.archive.org/web/20160623191633/http://identitymeme.org/archives/2010/10/29/firesheep-and-hsts-http-strict-transport-security/
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-18
Bypassing HTTP Strict Transport Securityhttps://www.blackhat.com/docs/eu-14/materials/eu-14-Selvi-Bypassing-HTTP-Strict-Transport-Security.pdf
Black Hat Briefingshttps://en.wikipedia.org/wiki/Black_Hat_Briefings
Archivedhttps://web.archive.org/web/20141022112001/https://www.blackhat.com/docs/eu-14/materials/eu-14-Selvi-Bypassing-HTTP-Strict-Transport-Security.pdf
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-19
"Chromium HSTS Preloaded list"https://cs.chromium.org/chromium/src/net/http/transport_security_state_static.json
Archivedhttps://web.archive.org/web/20200218174855/https://cs.chromium.org/chromium/src/net/http/transport_security_state_static.json
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-20
"HTTP Strict Transport Security"https://simon.butcher.name/archives/2011/09/11/HTTP-Strict-Transport-Security
Archivedhttps://web.archive.org/web/20190426183544/https://simon.butcher.name/archives/2011/09/11/HTTP-Strict-Transport-Security
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-auto_21-0
"Performing & Preventing SSL Stripping: A Plain-English Primer"https://blog.cloudflare.com/performing-preventing-ssl-stripping-a-plain-english-primer/
Archivedhttps://web.archive.org/web/20191214182725/https://blog.cloudflare.com/performing-preventing-ssl-stripping-a-plain-english-primer/
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-22
doihttps://en.wikipedia.org/wiki/Doi_(identifier)
10.1109/SSDSE.2017.8071970https://doi.org/10.1109%2FSSDSE.2017.8071970
ISBNhttps://en.wikipedia.org/wiki/ISBN_(identifier)
978-1-5386-1593-5https://en.wikipedia.org/wiki/Special:BookSources/978-1-5386-1593-5
S2CIDhttps://en.wikipedia.org/wiki/S2CID_(identifier)
44866769https://api.semanticscholar.org/CorpusID:44866769
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-23
"The HSTS super cookie forcing you to choose: "privacy or security?" -"https://nakedsecurity.sophos.com/2015/02/02/anatomy-of-a-browser-dilemma-how-hsts-supercookies-make-you-choose-between-privacy-or-security/
Archivedhttps://web.archive.org/web/20200211175612/https://nakedsecurity.sophos.com/2015/02/02/anatomy-of-a-browser-dilemma-how-hsts-supercookies-make-you-choose-between-privacy-or-security/
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-chromium_sts_24-0
"Strict Transport Security - The Chromium Projects"https://dev.chromium.org/sts
Archivedhttps://web.archive.org/web/20200320021003/http://dev.chromium.org/sts
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-25
"fyi: Strict Transport Security specification"https://lists.w3.org/Archives/Public/public-webapps/2009JulSep/1148.html
Archivedhttps://web.archive.org/web/20200229020216/https://lists.w3.org/Archives/Public/public-webapps/2009JulSep/1148.html
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-opera_presto_26-0
"Web specifications support in Opera Presto 2.10"http://www.opera.com/docs/specs/presto2.10/#m210-244
Archivedhttps://web.archive.org/web/20180620002005/https://www.opera.com/docs/specs/presto2.10/#m210-244
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-27
"Confirmed. See ~/Library/Cookies/HSTS.plist. Includes Chromium preloads as of some date and processes HSTS headers"https://web.archive.org/web/20190509013208/https://twitter.com/agl__/status/414112266938617856
Tweethttps://en.wikipedia.org/wiki/Tweet_(social_media)
the originalhttps://twitter.com/agl__/status/414112266938617856
Twitterhttps://en.wikipedia.org/wiki/Twitter
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-28
"HTTP Strict Transport Security comes to Internet Explorer 11 on Windows 8.1 and Windows 7"http://blogs.windows.com/msedgedev/2015/06/09/http-strict-transport-security-comes-to-internet-explorer-11-on-windows-8-1-and-windows-7/
Archivedhttps://web.archive.org/web/20191127121246/https://blogs.windows.com/msedgedev/2015/06/09/http-strict-transport-security-comes-to-internet-explorer-11-on-windows-8-1-and-windows-7/
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-29
"Internet Explorer Web Platform Status and Roadmap"https://status.modern.ie/httpstricttransportsecurityhsts
Archivedhttps://web.archive.org/web/20150629110718/https://status.modern.ie/httpstricttransportsecurityhsts
^https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#cite_ref-30
"Project Spartan and the Windows 10 January Preview Build - IEBlog"https://blogs.msdn.microsoft.com/ie/2015/01/22/project-spartan-and-the-windows-10-january-preview-build/
Archivedhttps://web.archive.org/web/20191129035641/https://blogs.msdn.microsoft.com/ie/2015/01/22/project-spartan-and-the-windows-10-january-preview-build/
edithttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&action=edit§ion=11
IETF WebSec Working Grouphttps://tools.ietf.org/wg/websec/charters
Security Now 262: Strict Transport Securityhttps://www.twit.tv/shows/security-now/episodes/262
Open Web Application Security Project (OWASP): HSTS descriptionhttps://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet
Online browser HSTS and Public Key Pinning testhttps://projects.dm.id.lv/Public-Key-Pins_test
HSTS Preload Submissionhttps://hstspreload.org/
Chromium HSTS Preloaded listhttps://cs.chromium.org/chromium/src/net/http/transport_security_state_static.json
Strict-Transport-Securityhttps://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
MDN Web Docshttps://en.wikipedia.org/wiki/MDN_Web_Docs
vhttps://en.wikipedia.org/wiki/Template:TLS/SSL
thttps://en.wikipedia.org/wiki/Template_talk:TLS/SSL
ehttps://en.wikipedia.org/wiki/Special:EditPage/Template:TLS/SSL
TLS and SSLhttps://en.wikipedia.org/wiki/Transport_Layer_Security
Transport Layer Security / Secure Sockets Layerhttps://en.wikipedia.org/wiki/Transport_Layer_Security
Datagram Transport Layer Securityhttps://en.wikipedia.org/wiki/Datagram_Transport_Layer_Security
Server Name Indicationhttps://en.wikipedia.org/wiki/Server_Name_Indication
Application-Layer Protocol Negotiationhttps://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation
DNS-based Authentication of Named Entitieshttps://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities
DNS Certification Authority Authorizationhttps://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization
HTTPShttps://en.wikipedia.org/wiki/HTTPS
HTTP Public Key Pinninghttps://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning
OCSP staplinghttps://en.wikipedia.org/wiki/OCSP_stapling
Opportunistic TLShttps://en.wikipedia.org/wiki/Opportunistic_TLS
Perfect forward secrecyhttps://en.wikipedia.org/wiki/Forward_secrecy
Automated Certificate Management Environmenthttps://en.wikipedia.org/wiki/Automated_Certificate_Management_Environment
Certificate authorityhttps://en.wikipedia.org/wiki/Certificate_authority
CA/Browser Forumhttps://en.wikipedia.org/wiki/CA/Browser_Forum
Certificate policyhttps://en.wikipedia.org/wiki/Certificate_policy
Certificate revocationhttps://en.wikipedia.org/wiki/Certificate_revocation
Certificate revocation listhttps://en.wikipedia.org/wiki/Certificate_revocation_list
Online Certificate Status Protocolhttps://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
OCSP staplinghttps://en.wikipedia.org/wiki/OCSP_stapling
Domain-validated certificatehttps://en.wikipedia.org/wiki/Domain-validated_certificate
Extended Validation Certificatehttps://en.wikipedia.org/wiki/Extended_Validation_Certificate
Public key certificatehttps://en.wikipedia.org/wiki/Public_key_certificate
Public-key cryptographyhttps://en.wikipedia.org/wiki/Public-key_cryptography
Public key infrastructurehttps://en.wikipedia.org/wiki/Public_key_infrastructure
Root certificatehttps://en.wikipedia.org/wiki/Root_certificate
Self-signed certificatehttps://en.wikipedia.org/wiki/Self-signed_certificate
Domain Name System Security Extensionshttps://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions
Internet Protocol Securityhttps://en.wikipedia.org/wiki/Internet_Protocol_Security
Secure Shellhttps://en.wikipedia.org/wiki/Secure_Shell
Export of cryptography from the United Stateshttps://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States
Server-Gated Cryptographyhttps://en.wikipedia.org/wiki/Server-Gated_Cryptography
Implementationshttps://en.wikipedia.org/wiki/Comparison_of_TLS_implementations
Bouncy Castlehttps://en.wikipedia.org/wiki/Bouncy_Castle_(cryptography)
BoringSSLhttps://en.wikipedia.org/wiki/BoringSSL
Botanhttps://en.wikipedia.org/wiki/Botan_(programming_library)
BSAFEhttps://en.wikipedia.org/wiki/BSAFE
cryptlibhttps://en.wikipedia.org/wiki/Cryptlib
GnuTLShttps://en.wikipedia.org/wiki/GnuTLS
JSSEhttps://en.wikipedia.org/wiki/Java_Secure_Socket_Extension
LibreSSLhttps://en.wikipedia.org/wiki/LibreSSL
MatrixSSLhttps://en.wikipedia.org/wiki/MatrixSSL
mbed TLShttps://en.wikipedia.org/wiki/Mbed_TLS
NSShttps://en.wikipedia.org/wiki/Network_Security_Services
OpenSSLhttps://en.wikipedia.org/wiki/OpenSSL
Rustlshttps://en.wikipedia.org/wiki/Rustls
s2n-tlshttps://en.wikipedia.org/wiki/S2n-tls
SChannelhttps://en.wikipedia.org/wiki/Security_Support_Provider_Interface
SSLeayhttps://en.wikipedia.org/wiki/SSLeay
stunnelhttps://en.wikipedia.org/wiki/Stunnel
wolfSSLhttps://en.wikipedia.org/wiki/WolfSSL
Certificate Transparencyhttps://en.wikipedia.org/wiki/Certificate_Transparency
Convergencehttps://en.wikipedia.org/wiki/Convergence_(SSL)
HTTPS Everywherehttps://en.wikipedia.org/wiki/HTTPS_Everywhere
Man-in-the-middle attackhttps://en.wikipedia.org/wiki/Man-in-the-middle_attack
Padding oracle attackhttps://en.wikipedia.org/wiki/Padding_oracle_attack
Bar mitzvah attackhttps://en.wikipedia.org/wiki/Bar_mitzvah_attack
BEASThttps://en.wikipedia.org/wiki/BEAST_(security_exploit)
BREACHhttps://en.wikipedia.org/wiki/BREACH
CRIMEhttps://en.wikipedia.org/wiki/CRIME
DROWNhttps://en.wikipedia.org/wiki/DROWN_attack
Logjamhttps://en.wikipedia.org/wiki/Logjam_(computer_security)
POODLEhttps://en.wikipedia.org/wiki/POODLE
Certificate authority compromisehttps://en.wikipedia.org/wiki/Certificate_authority_compromise
Random number generator attackshttps://en.wikipedia.org/wiki/Random_number_generator_attack
FREAKhttps://en.wikipedia.org/wiki/FREAK
goto failhttps://en.wikipedia.org/wiki/Goto_fail
Heartbleedhttps://en.wikipedia.org/wiki/Heartbleed
Lucky Thirteen attackhttps://en.wikipedia.org/wiki/Lucky_Thirteen_attack
POODLEhttps://en.wikipedia.org/wiki/POODLE
Kazakhstan MITM attackhttps://en.wikipedia.org/wiki/Kazakhstan_man-in-the-middle_attack
https://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&oldid=1355799340https://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&oldid=1355799340
Categorieshttps://en.wikipedia.org/wiki/Help:Category
Computer security standardshttps://en.wikipedia.org/wiki/Category:Computer_security_standards
Cryptographyhttps://en.wikipedia.org/wiki/Category:Cryptography
Hypertext Transfer Protocol headershttps://en.wikipedia.org/wiki/Category:Hypertext_Transfer_Protocol_headers
Transport Layer Securityhttps://en.wikipedia.org/wiki/Category:Transport_Layer_Security
Articles with short descriptionhttps://en.wikipedia.org/wiki/Category:Articles_with_short_description
Short description is different from Wikidatahttps://en.wikipedia.org/wiki/Category:Short_description_is_different_from_Wikidata
Use dmy dates from January 2018https://en.wikipedia.org/wiki/Category:Use_dmy_dates_from_January_2018
Creative Commons Attribution-ShareAlike 4.0 Licensehttps://en.wikipedia.org/wiki/Wikipedia:Text_of_the_Creative_Commons_Attribution-ShareAlike_4.0_International_License
Terms of Usehttps://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Terms_of_Use
Privacy Policyhttps://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy
Wikimedia Foundation, Inc.https://wikimediafoundation.org/
Privacy policyhttps://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy
About Wikipediahttps://en.wikipedia.org/wiki/Wikipedia:About
Disclaimershttps://en.wikipedia.org/wiki/Wikipedia:General_disclaimer
Contact Wikipediahttps://en.wikipedia.org/wiki/Wikipedia:Contact_us
Legal & safety contactshttps://foundation.wikimedia.org/wiki/Special:MyLanguage/Legal:Wikimedia_Foundation_Legal_and_Safety_Contact_Information
Code of Conducthttps://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Universal_Code_of_Conduct
Developershttps://developer.wikimedia.org
Statisticshttps://stats.wikimedia.org/#/en.wikipedia.org
Cookie statementhttps://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Cookie_statement
Mobile viewhttps://en.wikipedia.org/w/index.php?title=HTTP_Strict_Transport_Security&mobileaction=toggle_view_mobile
https://www.wikimedia.org/
https://www.mediawiki.org/
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Add topic https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

Viewport: width=1120

Robots: max-image-preview:standard


URLs of crawlers that visited me.