My ASP.NET Web application did not make use of the HTTP Stri

Yugesh Naid

Jul 3 2017 3:23 PM

263

My ASP.NET Web application did not make use of the HTTP Strict Transport Security (HSTS) mechanism.

This could potentially expose users to Man in the Middle (MitM) attacks.

When a web application uses HSTS, it specifies that users must connect using HTTPS and that communication should cease if there are any errors in the certificate chain.

In this way, users are prevented from clicking through certificate errors or accessing the application over a compromised channel.

How to implement HSTS

How Can I Prevent exposing users to Man in the Middle (MitM) attacks?

Answers (2)

Next Recommended Forum

ASP.NET Web application did not enforce a content security

cryptograhy and cybersecurity

Yesterday's leader

View all

Harshit Pandey

java, python, BigData

Kanpur (India)

610

99.2k

Vijay Pratap

Muzaffarnagar (India)

359

4.3k

Allen James

Software engineering, architecture, data.

Perl City (United Kingdom)

973.6k

18.8k

Leaderboard

View all

Divyansh Gupta

Shivam Payasi

Divyansh Gupta

Allen James

Alex Martin

Forum Statistics

View all

Please welcome our newest member Maximus Decimus Meridius.
2,380,345 users have contributed to 122,603 threads and 388,828
In the past 24 hours, we have 1 new threads, 2 new posts, and 3 new users.
In last week, the most popular thread is 'How do signup for C# Corner?'.