Page MenuHomePureOS Tracker

security.strict-transport-security option (HSTS) not enabled on
Open, NormalPublic


Visiting return the following header:

Strict-Transport-Security: max-age=0; includeSubdomains; preload

which delete the HSTS entry if used before, cause "security.strict-transport-security" option is turned off, see:

more information about HSTS and why it's important:

Enable "security.strict-transport-security" option in configuration.

Event Timeline

e3amn2l created this task.Sep 5 2018, 13:54