Abuse Melding

Je hebt een klacht over de onderstaande posting:

31-10-2023, 11:23 door Anoniem

Zucht: If you maintain a project that provides HTTPS configuration advice or provides an option to enable HSTS, do not include the preload directive by default. We get regular emails from site operators who tried out HSTS this way, only to find themselves on the preload list by the time they find they need to remove HSTS to access certain subdomains. Removal tends to be slow and painful for those sites. Projects that support or advise about HSTS and HSTS preloading should ensure that site operators understand the long-term consequences of preloading before they turn it on for a given domain. They should also be informed that they need to meet additional requirements and submit their site to hstspreload.org to ensure that it is successfully preloaded (i.e. to get the full protection of the intended configuration). https://hstspreload.org/ Hoe moeilijk is het voor Google om de adviezen van de mensen te volgen die het project onderhouden. Hier hebben we de preload header juist voor Google moet zich hier ...

Beschrijf je klacht (Optioneel):

captcha