HTTP Strict Transport Security
GPTKB entity
Statements (31)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
web security policy mechanism
|
| gptkbp:abbreviation |
gptkb:HSTS
|
| gptkbp:appliesTo |
web browsers
web servers |
| gptkbp:canBe |
HTTP response header
|
| gptkbp:canBePreloaded |
yes
|
| gptkbp:category |
gptkb:website
Internet security |
| gptkbp:definedIn |
gptkb:RFC_6797
|
| gptkbp:enables |
automatic redirection from HTTP to HTTPS
|
| gptkbp:headerDirective |
preload
includeSubDomains max-age |
| gptkbp:headerName |
gptkb:Strict-Transport-Security
|
| https://www.w3.org/2000/01/rdf-schema#label |
HTTP Strict Transport Security
|
| gptkbp:introducedIn |
2012
|
| gptkbp:preloadListMaintainedBy |
gptkb:Google
|
| gptkbp:prevention |
cookie hijacking
protocol downgrade attacks |
| gptkbp:purpose |
enforce secure (HTTPS) connections
|
| gptkbp:requires |
valid HTTPS certificate
|
| gptkbp:riskIfMisconfigured |
denial of service
site inaccessibility |
| gptkbp:supportedBy |
gptkb:Google_Chrome
gptkb:Mozilla_Firefox gptkb:opera gptkb:Microsoft_Edge gptkb:Safari |
| gptkbp:bfsParent |
gptkb:Content_Security_Policy
gptkb:HTTPS-only_mode |
| gptkbp:bfsLayer |
5
|