1

Closed

HSTS should include preload configuration

description

I want to sign up to the Chrome HSTS list (https://hstspreload.appspot.com/) but I would not currently pass their validation because NWebSec doesn't configure the preload switch on the header.

Could you please add an option to set this part of the header value in HeaderGenerator.CreateHstsResult.

Cheers,

Rory
Closed Oct 7, 2014 at 7:42 PM by klings
Fixed in todays NWebsec release.

comments

klings wrote Aug 12, 2014 at 12:08 PM

Oh, hadn't noticed this one, thanks for reporting this. I've had a long vacation. :)

I'll include this in the next version.

Thx again,

André

klings wrote Oct 7, 2014 at 7:41 PM

Happy preloading!