Hacker News new | comments | show | ask | jobs | submit login

Make sure you also set the Strict-Transport-Security header to prevent attacks against the HTTP-to-HTTPS redirect.



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: