slimerjs icon indicating copy to clipboard operation
slimerjs copied to clipboard

Published 20 hours ago verified publisher icon laurentj

HSTS preload SlimerJS.org

Open graingert opened this issue 8 years ago • 4 comments

In your nginx/etc server config can you add:

add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";

This will prevent TLS downgrades when browsing slimerjs.org

graingert avatar Nov 20 '15 11:11 graingert

@laurentj you should also 301 http://(www\.)?slimerjs\.org/ to https://slimerjs.org/

graingert avatar Mar 02 '16 13:03 graingert

@laurentj currently I rely on HTTPS everywhere to ensure I have the correct package.

graingert avatar May 24 '16 08:05 graingert

it has been added since months :-)

laurentj avatar Apr 12 '17 07:04 laurentj

Can you reopen until the bugs are fixed: https://hstspreload.org/?domain=slimerjs.org

On 12 Apr 2017 08:46, "Laurent Jouanneau" [email protected] wrote:

it has been added since months :-)

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/laurentj/slimerjs/issues/404#issuecomment-293500405, or mute the thread https://github.com/notifications/unsubscribe-auth/AAZQTBfJMkOe5DybYnYvxTFVMjxhxA8Gks5rvIFlgaJpZM4GmT-t .

graingert avatar Apr 12 '17 08:04 graingert