[wp-trac] [WordPress Trac] #28520: Mechanism for sending an HSTS header
WordPress Trac
noreply at wordpress.org
Sun Jun 15 20:42:45 UTC 2014
#28520: Mechanism for sending an HSTS header
----------------------------+------------------
Reporter: johnbillion | Owner:
Type: task (blessed) | Status: new
Priority: normal | Milestone: 4.0
Component: Security | Version:
Severity: normal | Resolution:
Keywords: | Focuses:
----------------------------+------------------
Comment (by tollmanz):
I'm finding some flaws in the constant based method. Let's suppose that
you run a subdomain MS installation. The constant method would set an HSTS
header for each site, although it may only be intended for the primary
domain or one of the other domains. Certainly, this can be filtered out at
another level, but perhaps the constant is a bad way to get started on
this issue.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28520#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list