| 1 |
On 02/27/12 13:43, Florian Philipp wrote: |
| 2 |
> |
| 3 |
> Just a small follow-up: A neat server-sided trick I didn't know until |
| 4 |
> now is HTTP Strict Transport Security [1]. It prevents users from |
| 5 |
> clicking away SSL warnings and prevents mixed content. |
| 6 |
> |
| 7 |
> [1] http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security |
| 8 |
> |
| 9 |
> Regards, |
| 10 |
> Florian Philipp |
| 11 |
|
| 12 |
This is nice, although, as with all nice things, it doesn't work in |
| 13 |
Internet Explorer. |
| 14 |
|
| 15 |
We try to hack together the same effect using Apache's mod_rewrite and |
| 16 |
redirects, but it's hard to get right. Most off-the-shelf web apps (e.g. |
| 17 |
Wordpress) do their best to thwart you. |
Archives