Andy LoPresto created NIFI-2437: ----------------------------------- Summary: Enforce HSTS to require HTTPS connections if available Key: NIFI-2437 URL: https://issues.apache.org/jira/browse/NIFI-2437 Project: Apache NiFi Issue Type: New Feature Components: Core Framework Reporter: Andy LoPresto Fix For: 1.1.0
HTTP Strict Transport Security (HSTS) [1] [2] is a feature of HTTP which instructs browsers/clients to only communicate with a resource over HTTPS. It is implemented via a header sent in the response and future connections will require HTTPS. [1] https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security [2] https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet -- This message was sent by Atlassian JIRA (v6.3.4#6332)