Y
Hacker News
new
|
ask
|
show
|
jobs
by
JimDabell
3330 days ago
Even if you don't have :80 open, that doesn't mean there isn't a MITM that would accept the connection instead of you.
1 comments
willstrafach
3330 days ago
As long as
https://
prefix is used, this is not true, MITM cannot downgrade that.
link
beaconstudios
3330 days ago
plus a HSTS header for any type-in traffic.
link