From 542525bf6ff5776abbb3b2c82754f3fbc61643ac Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Fri, 24 Jun 2022 22:50:25 +0000 Subject: [PATCH 1/2] add blog post announcing HSTS for website --- locale/en/blog/announcements/hsts.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 locale/en/blog/announcements/hsts.md diff --git a/locale/en/blog/announcements/hsts.md b/locale/en/blog/announcements/hsts.md new file mode 100644 index 0000000000000..1fd840044f661 --- /dev/null +++ b/locale/en/blog/announcements/hsts.md @@ -0,0 +1,16 @@ +--- +date: 2022-06-24T16:00:00Z +category: Announcements +title: Enabling HSTS on the Node.js website +slug: hsts +layout: blog-post.hbs +author: Rich Trott +--- + +# Enabling HSTS on the Node.js website + +We are enabling [HSTS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) on the Node.js website on or around July 13, 2022. + +In [the words of Rod Vagg](https://github.com/nodejs/build/issues/2857#issuecomment-1163693008): "Hey, we're turning this on; it's not going to impact you though, so cool." + +HSTS is a web security best practice. It helps prevent [MITM attacks](https://owasp.org/www-community/attacks/Manipulator-in-the-middle_attack) among other things. From 6f9526ac6ce4c882735ad20242aab5fcebe9ec1c Mon Sep 17 00:00:00 2001 From: Maledong Date: Sat, 25 Jun 2022 08:42:54 +0800 Subject: [PATCH 2/2] Update hsts.md --- locale/en/blog/announcements/hsts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/locale/en/blog/announcements/hsts.md b/locale/en/blog/announcements/hsts.md index 1fd840044f661..0a5d129f5681a 100644 --- a/locale/en/blog/announcements/hsts.md +++ b/locale/en/blog/announcements/hsts.md @@ -9,7 +9,7 @@ author: Rich Trott # Enabling HSTS on the Node.js website -We are enabling [HSTS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) on the Node.js website on or around July 13, 2022. +We are enabling [HSTS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) on the Node.js website on or around July 13, 2022. In [the words of Rod Vagg](https://github.com/nodejs/build/issues/2857#issuecomment-1163693008): "Hey, we're turning this on; it's not going to impact you though, so cool."