The TorBrowser will honor HSTS settings during a session, meaning that if you visit an HTTPS site and the HSTS flag is set, the browser will not allow an HTTP downgrade. Does this survive across restarts?
Asked
Active
Viewed 72 times
1 Answers
2
According to this test site, HSTS information does not survive a reboot on TBB 4.5 nor TBB 5 Alpha supported. This is probably because HSTS can be used to track browsers. It sounds as if the preload list will be supported and should protect users of major websites that enable HSTS.
Indolering
- 161
- 5