The Strict-Transport-Security HTTP response header informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. Also known as HSTS.

Learning resources on MDN

No MDN documentation found. You can search for the feature on MDN. If you believe that MDN has no documentation about this feature, you can open an issue on MDN's GitHub repository.

Browser support

• Chrome 4 Released on 2010-01-25
• Chrome Android 18 Released on 2012-06-27
• Edge 12 Released on 2015-07-29
• Firefox 4 Released on 2011-03-22
• Firefox for Android 4 Released on 2011-03-29
• Safari 7 Released on 2013-10-22
• Safari on iOS 7 Released on 2013-09-18

View web-platform-tests results for this feature - View the feature source file (dist) - Edit the feature - Report an issue about this feature