Martin Georgiev, Application Security Tech Lead Sep 11, 2017 What is HTTP Strict Transport Security? HTTP Strict Transport Security, commonly referred to as HSTS, is a Web standard that aims to ensure all web resources off a domain are fetched over a secure transport layer. The core objective of HSTS is to protect users against passive and active network attacks. To this end, it prevents protocol
![The Road To HSTS](https://cdn-ak-scissors.b.st-hatena.com/image/square/d1635c2b95c85c1dc1d675dc7760e02a4542098e/height=288;version=1;width=512/https%3A%2F%2Fengineeringblog.yelp.com%2Fimages%2Fpreviews%2Fthe-road-to-hsts-preview.png)