Firefox HSTS Settings store
So I've set HSTS on whole domain with subdomains, preloaded, cosmic max-age, like:
Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
And now Firefox forces HTTPS on every subdomain. Even if I enter http:// directly into address bar.
Changing HSTS to:
Strict-Transport-Security "max-age=3600"
doesn't help because previous one is somehow cached for very long time.
Clearing cache and history doesnt help either, firefox still stores it somewhere. On clear profile everything is working OK.
So there is this file in your Firefox profile directory called SiteSecurityServiceState.txt.
Turn off Firefox so there's nothing using your profile directory and edit that file, remove your site from cache.
Archiwum
- Luty 2016
- Październik 2015
- Wrzesień 2015
- Lipiec 2013
- Czerwiec 2013
- Kwiecień 2013
- Marzec 2013
- Grudzień 2011
- Listopad 2011
- Lipiec 2011
- Czerwiec 2011
- Luty 2010
- Wrzesień 2009
- Marzec 2009
- Luty 2009