Talk:HTTP Strict Transport Security

De OWASP
Saltar a: navegación, buscar

I would like to make a change to this page, but would like to check it's okay first. The IIS solution currently proposed on this page technically doesn't follow the spec, as Section 7.2 specifies that the header must not be send over non-secure connections. I have written an open source IIS module which implements HSTS as per the specification which I would like to reference it here, but I am concerned that it may be interpreted as advertising or some other unacceptable update. I have read the Wikipedia editing guidelines referenced from the Help:Editing page and this change appears to be acceptable. --Shane Argo 02:21, 3 April 2013 (UTC)

Update re: open source HSTS IIS module after receiving approval from Michael Coates via email. --Shane Argo 08:36, 16 April 2013 (UTC)