在线HTST配置、站点HTST配置检查、检查站点HTST配置

HTST(HTTP Strict Transport Security) 是https传输安全增强协议,解决站点地址栏输入域名,默认访问是http协议造成安全问题。它是浏览器协助支持协议,当配置HTST信息站点,在配置有效情况下,浏览器会默认以https访问该站点。配置了hsts头信息的站点,如果出现混合内容输出,浏览器将直接禁止非https资源加载。目前支持HSTS header信息站点越来越多,通过该工具检测站点HSTS配置信息。


hsts检测结果:   

https://www.taobao.com/检测结果

支持HSTS:       支持
max-age:          365天(该时间内默认跳转https)

原始信息

HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Date: Fri, 09 Oct 2020 05:41:46 GMT
x-server-id: 28c3d6b2523ca52cb704b8b5dcd976772dba08fab5a62af4b07b15661e5d4ac58bb00e660f25c2b1
x-air-hostname: air-ual011088043043.center.na61
x-air-trace-id: 71606d1b16022221060031001e
Vary: Accept-Encoding, Origin, Ali-Detector-Type, X-Host
Cache-Control: max-age=0, s-maxage=143
etag: W/"1d949-ZxvA0WzbcIuubsAVzeyxF5ng5dU"
x-readtime: 51
x-via: cn747.l1, cache1.cn747, l2st3-1.l2, cache26.l2st3-1, wormholesource011089225018.center.na61
x-air-source: proxy
x-xss-protection: 1; mode=block
EagleEye-TraceId: 71606d1b16022221060031001e
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *, *
Via: cache26.l2st3-1[277,304-0,M], cache44.l2st3-1[279,0], cache1.cn747[0,200-0,H], cache10.cn747[1,0]
Ali-Swift-Global-Savetime: 1602221970
Age: 111
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Fri, 09 Oct 2020 05:41:46 GMT
X-Swift-CacheTime: 143
EagleId: 71606d1e16022222178076313e
请输入地址
请输入地址