Page MenuHomePhabricator

Set HSTS on (force HTTPS)
Open, MediumPublic


It would be nice to set HTTP Strict Transport Security on in case the website is finally hosted by WMDE.

Event Timeline

abian created this task.Sep 7 2019, 10:32 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 7 2019, 10:32 AM

It puts additional burden upon the IT department to always send a valid certificate. Of course, it should never happen that we send an expired or revoked certificate. But mistakes happen. I'm skeptical.

But we can set the header and then see if there will be any complaints … :-)

Aklapper removed MasinAlDujailiWMDE as the assignee of this task.Jun 22 2020, 3:29 AM

Resetting inactive task assignee.

Restricted Application added a project: Traffic. · View Herald TranscriptOct 26 2020, 2:29 PM
Ladsgroup moved this task from Triage to BadHerald on the Traffic board.Nov 1 2020, 2:57 AM
Restricted Application added a project: SRE. · View Herald TranscriptNov 1 2020, 2:57 AM
Nintendofan885 updated the task description. (Show Details)
jijiki triaged this task as Medium priority.Nov 10 2020, 4:21 PM