Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Support for Strict-Transport-Security (STS) Header #3171

Open
Saturn225 opened this issue Sep 26, 2024 · 0 comments
Open

Add Support for Strict-Transport-Security (STS) Header #3171

Saturn225 opened this issue Sep 26, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@Saturn225
Copy link

The Strict-Transport-Security (STS) header enforces secure HTTPS connections by instructing browsers to avoid using HTTP. Implementing the STS header in ZIO-HTTP would enhance security by preventing man-in-the-middle attacks and ensuring that communication remains encrypted.

Key Requirements:

  1. Implement support for the Strict-Transport-Security header.
  2. Support max-age, includeSubDomains and preload directives.
  3. Add tests to ensure compliance with the HTTP specifications regarding the STS header

Reference: https://datatracker.ietf.org/doc/html/rfc6797
@Saturn225 Saturn225 added the enhancement New feature or request label Sep 26, 2024
@Saturn225 Saturn225 mentioned this issue Sep 26, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Saturn225