We're looking for a person or people to help audit MDN to find places we could speed up. Is this you or someone you know? Check out the RFP: https://mzl.la/2IHcMiE

Jump to:

HTTP Strict Transport Security lets a web site inform the browser that it should never load the site using HTTP and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead. It consists in one HTTP header, Strict-Transport-Security, sent back by the server with the resource.

In other words, it tells the browser that just changing the protocol from HTTP to HTTPS in an url will work (and be more secure) and ask the browser to do it for every request.

Document Tags and Contributors

 Contributors to this page: David-5-1, Porkepix, teoli, fscholz
 Last updated by: David-5-1,