LiteSpeed Support Forums - HTTP Strict Transport Security (HSTS) Support

LiteSpeed Support Forums (http://www.litespeedtech.com/support/forum/index.php)

- Feedback/Feature Requests (http://www.litespeedtech.com/support/forum/forumdisplay.php?f=10)

- - HTTP Strict Transport Security (HSTS) Support (http://www.litespeedtech.com/support/forum/showthread.php?t=4868)

CodyRo

03-31-2011 03:40 PM

HTTP Strict Transport Security (HSTS) Support

Would it be possible to get support for HSTS as more browsers are starting to support it (Chrome, et all)? It's a simple header addition similar to expires.

https://secure.wikimedia.org/wikiped...ty#Limitations

The particular part of interest is the implementation portion.

Although it's trivial to add it to your application I think it would be nice to add a simple checkbox in the SSL listener page / an area to set the max-age.

andreas

04-11-2011 08:37 AM

Just add the header in the context settings ("Extra Headers").

CodyRo

04-11-2011 09:22 AM

Quote:

Originally Posted by andreas (Post 24984)

Just add the header in the context settings ("Extra Headers").

As mentioned in the initial thread yes it's trivial to add however I believe the point of the LSWS admin interface is to help less experienced users manage their website(s). As a result it would be a quick addition - it would also give HSTS more exposure in general which would be a good thing.

All times are GMT -7. The time now is 05:24 PM.