[tor-bugs] #21705 [Metrics/Onionoo]: Invalid Strict-Transport-Security header
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Mar 10 22:19:22 UTC 2017
#21705: Invalid Strict-Transport-Security header
---------------------------------+--------------------------
Reporter: cypherpunks | Owner: metrics-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Metrics/Onionoo | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
---------------------------------+--------------------------
Onionoo sets an invalid strict transport security header, namely `Strict-
Transport-Security:""max-age=15768000""` (notice the double double
quotes). This leads to Tor Browser giving the following error in the
console.
{{{
Strict-Transport-Security: The site specified a header that could not be
parsed successfully.
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21705>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list