Web platform features explorer - HTTP Strict Transport Security

Web platform features explorer

Tags: http Groups: Security

The Strict-Transport-Security HTTP response header informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. Also known as HSTS.

Learning resources on MDN

Strict-Transport-Security

Browser support

Chrome 4 Released on 2010-01-25
Chrome Android 18 Released on 2012-06-27
Edge 12 Released on 2015-07-29
Firefox 4 Released on 2011-03-22
Firefox for Android 4 Released on 2011-03-29
Safari 7 Released on 2013-10-22
Safari on iOS 7 Released on 2013-09-18

Specifications

HTTP Strict Transport Security (HSTS), from Web Security Working Group (IETF).

Edit this feature - Report an issue about this feature