Hacker News new | ask | show | jobs
by uh_oh 4758 days ago
If you are the recipient of the link, SSL can't be stripped.

Even if you are an author, assuming you have visited the site over SSL at least once, then it can't be stripped on future visits since the site seems to use HSTS.
1 comments
jlgreco 4758 days ago
It is trivial to strip links being sent to a user over unsecured channels.

There are many things that can mitigate an sslstrip style attack, but coverage from those things is patchy.

link