Y
Hacker News
new
|
ask
|
show
|
jobs
by
pmh
4632 days ago
It's important to note that even if the HSTS header was present on the mobile site, the exploit would still be possible since many mobile browsers do not support HSTS[1].
[1]
http://michael-coates.blogspot.com/2013/09/security-capabili...