HTTP Strict Transport Security
GPTKB entity
Statements (31)
Predicate | Object |
---|---|
gptkbp:instanceOf |
web security policy mechanism
|
gptkbp:abbreviation |
gptkb:HSTS
|
gptkbp:appliesTo |
web browsers
web servers |
gptkbp:canBe |
HTTP response header
|
gptkbp:canBePreloaded |
yes
|
gptkbp:category |
gptkb:website
Internet security |
gptkbp:definedIn |
gptkb:RFC_6797
|
gptkbp:enables |
automatic redirection from HTTP to HTTPS
|
gptkbp:headerDirective |
preload
includeSubDomains max-age |
gptkbp:headerName |
gptkb:Strict-Transport-Security
|
https://www.w3.org/2000/01/rdf-schema#label |
HTTP Strict Transport Security
|
gptkbp:introducedIn |
2012
|
gptkbp:preloadListMaintainedBy |
gptkb:Google
|
gptkbp:prevention |
cookie hijacking
protocol downgrade attacks |
gptkbp:purpose |
enforce secure (HTTPS) connections
|
gptkbp:requires |
valid HTTPS certificate
|
gptkbp:riskIfMisconfigured |
denial of service
site inaccessibility |
gptkbp:supportedBy |
gptkb:Google_Chrome
gptkb:Mozilla_Firefox gptkb:opera gptkb:Microsoft_Edge gptkb:Safari |
gptkbp:bfsParent |
gptkb:Content_Security_Policy
gptkb:HTTPS-only_mode |
gptkbp:bfsLayer |
5
|