|
|
|
|
|
|
by AnthonyMouse
3469 days ago
|
|
|
It's more like all non-HSTS traffic, unless you're paying extremely close attention. Otherwise a man in the middle attacker can just pretend the server doesn't support HTTPS and serve the page via HTTP. And even when you're using HTTPS you're still leaking DNS queries etc. |
|
|