Strict-Transport-Security Defined via META (Non-compliant with Spec)
- Risk:
Low
- Type:
- Passive
- CWE:
- CWE-319
- Summary
A HTTP Strict Transport Security (HSTS) META tag was found, defining HTTP Strict Transport Security (HSTS) via a META tag is explicitly not supported by the spec (RFC 6797).
- Solution
Do not attempt to set HTTP Strict Transport Security (HSTS) via a META tag.
Free security scan for your website