[tor-mirrors] HSTS for a tor mirror

Valentin Brandl mail+tor at vbrandl.net
Sun Dec 31 15:31:00 UTC 2017


Hi there,
I'm starting to build a mirror for the tor project. The instructions
page states `Try not to redirect http to https. Many places in the world
cannot use https due to local or national firewalls`.

Since there should be no redirect, should I also stop sending HSTS
headers when the page is visited via https? Also should or shouldn't I
insert my site into the HSTS preload list?

greetings
Valentin Brandl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-mirrors/attachments/20171231/25d848a7/attachment.sig>


More information about the tor-mirrors mailing list