HTTP Security Headers: Strict-Transport-Security
Published: 06 August 2021 Last Updated: 05 July 2023
HTTP Strict Transport Security (HSTS) enforces the use of HTTPS in the web browser, ensuring that no information is sent to the domain (and optionally subdomains too), even if the user attempts to navigate to a HTTP page. This additionally mitigates the risk of cookies without the "secure" flag set, by enforcing all traffic is HTTPS only.
Continue Reading