mirror of
				https://github.com/django/django.git
				synced 2025-10-25 06:36:07 +00:00 
			
		
		
		
	Added note about Strict Transport Security (HSTS)
This commit is contained in:
		| @@ -147,6 +147,14 @@ server, there are some additional steps you may need: | |||||||
|   any POST data being accepted over HTTP (which will be fine if you are |   any POST data being accepted over HTTP (which will be fine if you are | ||||||
|   redirecting all HTTP traffic to HTTPS). |   redirecting all HTTP traffic to HTTPS). | ||||||
|  |  | ||||||
|  | * Use HTTP Strict Transport Security (HSTS) | ||||||
|  |  | ||||||
|  |   HSTS is an HTTP header that informs a browser that all future connections | ||||||
|  |   to a particular site should always use HTTPS. Combined with redirecting | ||||||
|  |   requests over HTTP to HTTPS, this will ensure that connections always enjoy | ||||||
|  |   the added security of SSL provided one successful connection has occurred. | ||||||
|  |   HSTS is usually configured on the web server. | ||||||
|  |  | ||||||
| .. _additional-security-topics: | .. _additional-security-topics: | ||||||
|  |  | ||||||
| Host headers and virtual hosting | Host headers and virtual hosting | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user