Don't recommend Public Key Pinning

Created on 11 December 2018, almost 6 years ago

Updated 22 July 2024, 4 months ago

hook_requirements currently has a recommendation to implement HTTP Public Key Pinning

- Pinning can be difficult to set up, with a possibility of locking users out of being able to access your site
- If not setup correctly with a backup key, browsers will ignore the HPKP header (since it's more likely a configuration problem will happen)
- Chrome intends to deprecate and remove Public Key Pinning (https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/he9tr7p3r...)

📌 Task

Status

Fixed

Version

2.0

Component

Code

Created by

🇨🇦Canada gapple

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment 5 months ago →
🇺🇸United States minnur San Francisco
Comment 4 months ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024