HTTP Strict Transport Security (HSTS) is a web security protocol promoted by the Institution of Electronics and Telecommunication Engineers (IETE). It forces the client (such as a browser) to use HTTPS to create a connection with the server so as to help encrypt the website globally.
expireTimecan range from 0 to 365 days and is configured in seconds.
includeSubDomainif you need to include sub-domain names.
Log in to the CDN console, select Domain Management on the left sidebar, and click Manage on the right of a domain name to enter its configuration page. Open the HTTPS Configuration tab to find the HSTS Configuration section. It is disabled by default.
Toggle it on and configure accordingly:
Click Confirm to apply the configuration to the response header. You can click Edit to modify it later.
If the HSTS configuration of the domain name
cloud.tencent.com is as follows:
The response header is: