HTTP Strict Transport Security (HSTS) - Chrome Platform Status

HTTP Strict Transport Security (HSTS)

Security

Header to inform the browser to always request a given domain over SSL, reducing MITM attack surface area.

Specification

Established standard

Status in Chromium

Blink components: Blink

Enabled by default in:

Chrome for desktop release 4
Opera release 12
Opera for Android release 21

Consensus & Standardization

Firefox: Shipped
Edge: No public signals
Safari: Shipped
Web Developers: Positive

Owner

mkwst@chromium.org

Last updated on 2017-06-14