HSTS

RU: HSTS

HTTP Strict Transport Security (RFC 6797): a response header (Strict-Transport-Security) that instructs browsers to contact the site only over HTTPS for a declared max-age, even if the user types a plain HTTP URL. Eliminates SSL-stripping downgrade attacks; the preload list extends the policy to first-ever visits.