Tag: HSTS
-
HSTS: Forcing HTTPS for your service
You may have a hard time finding a non-HTTPS site today, but it was not too long ago when the default was HTTP. Sites like Facebook and Google were available without HTTPS/SSL for anyone in the network path to sniff and inject traffic into (even steal passwords and cookies). ISPs in particular loved to know […]