HSTS for Deno Deploy: Pros, Cons, and Practical Setup
HSTS on Deno Deploy is one of those security controls that’s easy to enable and surprisingly easy to get wrong. If you’re serving anything real on Deno Deploy, you should at least make an intentional decision about HTTP Strict Transport Security instead of leaving it as “probably fine.” HSTS tells browsers: only talk to this site over HTTPS for a set period of time. That shuts down a whole class of downgrade and SSL-stripping attacks. ...