Dns

GitHub Pages makes HTTPS easy. HSTS is where people usually get tripped up. The short version: if you use the default *.github.io domain, GitHub handles HTTPS and HSTS for you. If you use a custom domain, you need to understand what GitHub controls, what your DNS provider controls, and one annoying limitation: you generally can’t arbitrarily add or tune response headers on GitHub Pages itself. That limitation matters because HSTS is just an HTTP response header: ...