Liongard Ideas Portal

Submit and upvote ideas to make Liongard better. You get 20 votes so vote wisely. 🙂


The Product Team is constantly reading your ideas and while we can’t promise that all ideas will become a reality, we value your feedback and promise to always have our Partners in mind when building and improving Liongard.

Check out our FAQs to learn more.

See what we've shipped by clicking here!

HSTS status for TLS/SSL Inspector

When an HTTPS request is made, there can be a HTTP Strict Transport Security header returned such as:

Strict-Transport-Security: max-age=31536000; includeSubDomains

Being able to check for the presence (or lack) of this header or for the data returned would simplify a checklist to verify secure site best practices.

See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security for details of the header data format.

  • Darren White
  • Jan 10 2023
  • Needs Review
  • Attach files
  • Darren White commented
    10 Jan 04:24am

    I would envision this being tied to a metric like "HSTS Status: Enabled/Disabled" based on the presence or lack of the returned header.
    Another potential metric could be "HSTS Preload: True/False" based on the "preload" attribute in the header, but if the header data was returned in the dataprint multiple metrics could be defined.