HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents are to interact with it using only secure HTTPS connections.
I had a Rails application with config.force_ssl = true, but now I dont want SSL encryption, but my app …
ruby-on-rails apache ssl https hstsAll of a sudden I seem to have an issue with Google Chrome using localhost. I'm trying to access any …
google-chrome ssl localhost hstsI'm having difficulty finding out what it means when I have the response header Non-Authoritative-Reason : HSTS I have searched a …
google-chrome http hstsI have following setup: The application https://app.domain.de is our production environment and is automatically forwarded to use …
google-chrome https hstsI have followed the article https://docs.spring.io/spring-security/site/docs/4.0.2.RELEASE/reference/html/headers.html#headers-hsts to enable …
java spring spring-boot spring-security hstsThis is a followup question to Google Chrome redirecting localhost to https. Does anyone know, how to permanently exclude localhost …
google-chrome localhost hstsI would like to implement HSTS to my application. I have an ELB terminating SSL and forwarding the traffic to …
apache amazon-web-services ssl amazon-elb hstsIn a dev environment I have the problem that my browser (Yandex) redirects (307) an OPTIONS request to the https version …
spring-boot xmlhttprequest hsts