Past year
All results
- All results
- Verbatim
Feb 17, 2024 · The HSTS header is present in the response headers but in the security tab it indicated disabled. My config for the virtual host in httpd.conf is as follows:
Mar 14, 2024 · I recently discovered that a different site https://example.com/ has set HSTS too aggressively, by adding includeSubDomains.
Missing: disable | Show results with:disable
May 6, 2024 · I am trying to setup an HSTS header in IIS 10. I have created the website specifying the host as blah.subdomain.com for bindings 80 and 443, then configured ...
Jan 28, 2024 · this is unhelpful for my case: How to disable Chrome HSTS permanently for a subdomain. using flags Disable website redirection to HTTPS on Chrome. setting ...
Apr 4, 2024 · The HSTS header is only set once. Apparently the second duplicate header was added by ARR. Maybe you can use a URL Rewrite rule to remove this duplicate header ...
Missing: disable | Show results with:disable
Feb 23, 2024 · I want to enable HTTP Strict Transport Security (HSTS) on my Azure Function App. I've added the HSTS configuration settings to the function app's host.json file ...
Missing: disable | Show results with:disable
Jun 4, 2024 · This means that visiting http://localhost:3000 will automatically be redirected. Clearing your HSTS will reset this, allowing you to visit the insecure HTTP URL ...
Missing: disable | Show results with:disable
Dec 14, 2023 · Our Rest API was pen tested and a HSTS error came back ONLY on the index.html that swagger generates. It's a .net core 6 REST Api, and the endpoints all return ...
Missing: disable | Show results with:disable
May 22, 2024 · You will have to use helmet for express to prevent the hsts related headers that instructs the browser to use HTTPS for all the requests made from your site.
Feb 1, 2024 · Content needs to pass all Content Security Policies. Adding another policy can only make the total policy stricter.