Minimum allowed time period of six months Websites must redirect to HTTPS, API endpoints should disable HTTP entirelyīoth passive and active resources should be loaded through protocols using TLS, such as HTTPS Sites should use HTTPS (or other secure protocols) for all communications The Security Assurance and Security Operations teams maintain this document as a reference guide. Use of these recommendations by the public is strongly encouraged. ![]() ![]() All Mozilla sites and deployments are expected to follow the recommendations below. The goal of this document is to help operational teams with creating secure web applications.
0 Comments
Leave a Reply. |