HTTP Strict Transport Security (HSTS) is a robust web security policy mechanism designed to safeguard websites from protocol downgrade attacks and cookie hijacking. This policy enables web servers to instruct web browsers and other compliant user agents to establish connections exclusively via HTTPS, which incorporates Transport Layer Security (TLS) or Secure Sockets Layer (SSL). By doing so, HSTS ensures that data is transmitted over a secure channel, effectively eliminating the risks associated with the less secure HTTP protocol.
HTTP Strict Transport Security (HSTS)
Other Glossary Terms