Details
-
Improvement
-
Resolution: Fixed
-
Major
-
None
-
1
Description
We need a way to optionally set a HTTP Secure Transport Header (HSTS), through REST API.
The HTTP Strict Transport Security header informs the browser that it should never load a site using HTTP and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead. HSTS exists to remove the need for the common, insecure practice of redirecting users from http:// to https:// URLs.