Redirects and HSTS

• From: Anne van Kesteren <annevk@annevk.nl>
• Date: Fri, 26 Sep 2014 13:42:11 +0200
• To: WebAppSec WG <public-webappsec@w3.org>
• Message-ID: <CADnb78gJWaTOEjyy_oAU6ZbaeNmi4tg3NAWfn3McnZ9=XwhmYg@mail.gmail.com>

Given HSTS and the network-error-on-redirect feature, it seems we can
determine whether a user has visited a given domain before. Was this
considered?


-- 
https://annevankesteren.nl/

Received on Friday, 26 September 2014 11:42:39 UTC