AnsweredAssumed Answered

[Feature Request] Add Upgrade-Insecure-Requests Feature Detection to SSL Client Test

Question asked by hellotls on Sep 22, 2015
Latest reply on Sep 24, 2015 by hellotls

I'd like to see Upgrade Insecure Requests feature detection in the SSL client test. It's easy to detect: just check if the HTTP request headers contain "Upgrade-Insecure-Requests: 1".[1] Currently this feature is supported on Chrome 43, Firefox 42 (beta), Opera 30, and under consideration by Microsoft.[2]

 

Thanks!

 

[1]  https://w3c.github.io/webappsec/specs/upgrade/

[2]  Bug 143653 – Implement CSP upgrade-insecure-requests directive

Outcomes