root
/
flask
mirror of https://github.com/pallets/flask.git
1
0
Fork 0
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Remove HTTP Public Key Pinning from docs 

The header is considered obsolete and no longer supported by any major
browser. MDN link is dead.
This commit is contained in:
black 2025-03-24 10:42:52 +01:00 committed by David Lord
parent 5ea0ab8ea2
commit 2ae36c8dd5
No known key found for this signature in database
GPG Key ID: 43368A7AA8CC5926
1 changed files with 0 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
docs/web-security.rst
View File

@ -269,19 +269,6 @@ values (or any values that need secure signatures).
.. _samesite_support: https://caniuse.com/#feat=same-site-cookie-attribute
HTTP Public Key Pinning (HPKP)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This tells the browser to authenticate with the server using only the specific
certificate key to prevent MITM attacks.
.. warning::
Be careful when enabling this, as it is very difficult to undo if you set up
or upgrade your key incorrectly.
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Public_Key_Pinning
Copy/Paste to Terminal
----------------------