Strict-Transport-Security HTTP Header
Strict-Transport-Security
A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.
Accepted Values
Multiple values are allowed, seperated by a semi-colon. Some options take a value, and that is preceded with an = after the option.- includesubdomains
max-age applies to subdomains as well.
- max-age=<integer>
The time a browser should remember a site can only be accessed with https (seconds).
max-age=4- preload
Use Google's preloading strict transport security.
Example
Strict-Transport-Security: includesubdomains; preload; max-age=4
Parse
Enter a Strict-Transport-Security header below to parse and return details about it.
Reference
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security