Web platform features explorer - HTTP Strict Transport Security

Web platform features explorer

The Strict-Transport-Security HTTP response header informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. Also known as HSTS.

Status

Baseline Widely Available (since 2018-01-29)

MDN documentation

No MDN documentation found. You can search for the feature on MDN. If you believe that MDN has no documentation about this feature, you can open an issue on MDN's GitHub repository.

Specifications

HTTP Strict Transport Security (HSTS), from Web Security Working Group (IETF).

Browser support

Chrome 4 Released on 2010-01-25
Chrome Android 18 Released on 2012-06-27
Edge 12 Released on 2015-07-29
Firefox 4 Released on 2011-03-22
Firefox for Android 4 Released on 2011-03-29
Safari 7 Released on 2013-10-22
Safari on iOS 7 Released on 2013-09-18

View as JSON | Edit this feature | Report an issue | Web-features entry: source, dist