Details
-
Bug
-
Resolution: Won't Fix
-
Major
-
None
-
None
-
None
-
1
Description
The HTTP Strict Transport Security header informs the browser that it should never load a site using HTTP and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead. HSTS exists to remove the need for the common, insecure practice of redirecting users from http:// to https:// URLs.
Couchbase server provides a way to configure the response headers using REST API and CLI, this needs to be documented.