Hi!
HTTP Strict Transport Security (HSTS) is (simply put) a way for an HTTPS
server to say that the host name should not be accessed over HTTP, only HTTPS
- for a set number of seconds into the future.
I've started to work on an implementation for curl and while doing so, I've
put down some ideas in the wiki on how to interface this from curl and
libcurl. I'm interested in feedback:
https://github.com/curl/curl/wiki/HSTS
(In a completely unscientific poll on twitter, 60% of the 559 persons who
answered said they'd like to see HSTS support added to curl:
https://twitter.com/bagder/status/1299357395357925376)
--
/ daniel.haxx.se | Commercial curl support up to 24x7 is available!
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
