Description

HTTP Strict Transport Security (HSTS) tells a browser that a web site is only accessable using HTTPS. It was detected that your web application doesn't implement HTTP Strict Transport Security (HSTS) as the Strict Transport Security header is missing from the response.

Remediation

It's recommended to implement HTTP Strict Transport Security (HSTS) into your web application. Consult web references for more information

References

Related Vulnerabilities