1 |
On 02/27/12 13:43, Florian Philipp wrote: |
2 |
> |
3 |
> Just a small follow-up: A neat server-sided trick I didn't know until |
4 |
> now is HTTP Strict Transport Security [1]. It prevents users from |
5 |
> clicking away SSL warnings and prevents mixed content. |
6 |
> |
7 |
> [1] http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security |
8 |
> |
9 |
> Regards, |
10 |
> Florian Philipp |
11 |
|
12 |
This is nice, although, as with all nice things, it doesn't work in |
13 |
Internet Explorer. |
14 |
|
15 |
We try to hack together the same effect using Apache's mod_rewrite and |
16 |
redirects, but it's hard to get right. Most off-the-shelf web apps (e.g. |
17 |
Wordpress) do their best to thwart you. |