Y
Hacker News
new
|
ask
|
show
|
jobs
by
allset_
2556 days ago
HSTS prevents the first of these if the client has connected to the server previously.
Chrome also hasn't trusted certs with MD5 since version 65.
1 comments
snug
2556 days ago
HSTS Preload prevents that from happening even if they never visited the site
link