93e80c75b4
Up from 1K.
Reduces the risk that someone could flush the list by tricking a user to
do many transfers to new hostnames.
Document the limit.
Follow-up to 03a792b186
Closes #21200
1.1 KiB
| c | SPDX-License-Identifier | Long | Arg | Protocols | Help | Added | Category | Multi | See-also | Example | ||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. | curl | hsts | <filename> | HTTPS | Enable HSTS with this cache file | 7.74.0 | http | append |
|
|
--hsts
Enable HSTS for the transfer. If the filename points to an existing HSTS cache file, that is used. After a completed transfer, the cache is saved to the filename again if it has been modified.
If curl is told to use HTTP:// for a transfer involving a hostname that exists in the HSTS cache, it upgrades the transfer to use HTTPS. Each HSTS cache entry has an individual lifetime after which the upgrade is no longer performed.
Specify a "" filename (zero length) to avoid loading/saving and make curl handle HSTS in memory.
You may want to restrict your umask to prevent other users on the same system to access the created file.
If this option is used several times, curl loads contents from all the files but the last one is used for saving.
Since curl 8.20.0, curl keeps no more than the most recently added 10,000 unique HSTS hostnames.