via https://www.expeditedssl.com/simple-ssl-scanner/scan?target_domain=loop.services.mozilla.com > Site uses HSTS > HTTP Strict Transport Security (HSTS) is a HTTP response header that is set on > your web application server. Supporting browsers read the header which contains > an expiration max-age value and will NOT reconnect on a plain HTTP connection > until the max-age value is exceeded. HSTS prevents a variety of attacks where > an intermediary could disrupt or spoof connections. > More HSTS information at: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security Discuss.
Because we don't have listen on HTTP port and we don't answer calls there we don't need this.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WONTFIX
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.