Y
Hacker News
new
|
ask
|
show
|
jobs
by
LinAGKar
755 days ago
The HSTS header is only effective when it's received over HTTPS. And if it has taken effect, the client won't try to access HTTP anymore, so it won't even know what response it would have gotten from HTTP.