Strict-Transport-Security Defined via META (Non-compliant with Spec)

Risk:
Low

Type:
Passive

CWE:
319

Summary: A HTTP Strict Transport Security (HSTS) META tag was found, defining HTTP Strict Transport Security (HSTS) via a META tag is explicitly not supported by the spec (RFC 6797).

Solution: Do not attempt to set HTTP Strict Transport Security (HSTS) via a META tag.

References: https://datatracker.ietf.org/doc/html/rfc6797#section-8.5