Enforcing HTTP Strict-Transport-Security headers
Incident Report for The Things Network
We have recently made sure that the HTTP Strict-Transport-Security headers are present on our sites. This ensures that browsers will always use secure connections when accessing our sites.

We would like to thank security researcher Mayank Kamboj Dattana for using responsible disclosure for reporting this issue and making The Things Network a safer place.

Read more about our responsible disclosure policy: https://www.thethingsnetwork.org/responsible-disclosure
Posted May 31, 2021 - 11:30 CEST