Merge pull request #11 from nuriakman/patch-1

Fix markdown code
2026-06-16 15:06:27 +08:00 · 2022-03-03 20:18:14 -08:00
parent 0f08625923 e2d563b815
commit dae9377d82
1 changed files with 4 additions and 5 deletions
--- a/README.md
+++ b/README.md
@@ -57,11 +57,10 @@ When no protocol or valid domain name is given the browser proceeds to feed the

 ## Check HSTS list (deprected)

-~~* The browser checks its "preloaded HSTS (HTTP Strict Transport Security)" list. This is a list of websites that have requested to be contacted via HTTPS only.
-~* If the website is in the list, the browser sends its request via HTTPS instead of HTTP. Otherwise, the initial request is sent via HTTP. 
-~
-~Note: The website can still use the HSTS policy without being in the HSTS list. The first HTTP request to the website by a user will receive a response requesting that the user only send HTTPS requests. However, this single HTTP request could potentially leave the user vulnerable to a [downgrade attack](http://www.yourdictionary.com/downgrade-attack), which is why the HSTS list is included in modern web browsers.
-~~
+* ~The browser checks its "preloaded HSTS (HTTP Strict Transport Security)" list. This is a list of websites that have requested to be contacted via HTTPS only.~
+* ~If the website is in the list, the browser sends its request via HTTPS instead of HTTP. Otherwise, the initial request is sent via HTTP.~
+
+Note: The website can still use the HSTS policy without being in the HSTS list. The first HTTP request to the website by a user will receive a response requesting that the user only send HTTPS requests. However, this single HTTP request could potentially leave the user vulnerable to a [downgrade attack](http://www.yourdictionary.com/downgrade-attack), which is why the HSTS list is included in modern web browsers.

 Modern browsers requests https first