top | item 32323234 (no title) eloy | 3 years ago Is it? I just checked https://hstspreload.org/, and it seems that twitter.com, facebook.com, outlook.com, cloudflare.com and gmail.com are all preloaded.Or do you mean that downgrade attacks are still easy to deploy? Under what circumstances? discuss order hn newest JackGreyhat|3 years ago With a reverse proxy. You can reverse proxy any HSTS website, and feed it to any client over plain http notriddle|3 years ago A client with the HSTS preload list will not connect to facebook.com over plan HTTP. That's the whole point.
JackGreyhat|3 years ago With a reverse proxy. You can reverse proxy any HSTS website, and feed it to any client over plain http notriddle|3 years ago A client with the HSTS preload list will not connect to facebook.com over plan HTTP. That's the whole point.
notriddle|3 years ago A client with the HSTS preload list will not connect to facebook.com over plan HTTP. That's the whole point.
JackGreyhat|3 years ago
notriddle|3 years ago