HTTP Strict-Transport-Security Header

By: Dusty Arlia
Published on Friday, June 27, 2014, 12:46 PM
Last Updated on Saturday, July 11, 2015 at 3:22 PM
Total Updates: 2

The Strict-Transport-Security HTTP header holds a HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains. Here is an example:

Strict-Transport-Security: max-age=16070400; includeSubDomains