InformAction Forums

I have a problem with the sts feature of noscript in firefox. I use firefox 3.6.8 and noscript 2.0.2.3
As I understand the sts feature lets you always connect to a site with the https (ssl) protocol.
After I have visited the site with the https protocol, the site is added to the noscriptsts.db.
The problem is that my noscriptsts.db gets purged after I close firefox and all the entries are gone.
When I close firefox the noscriptsts.db is not immediately purged. When I wait for about 10 minutes to open firefox again and then close it, the noscriptsts.db gets purged.
Is there a setting to prevent this from happening ?

thank you

Strict Transport Security in NoScript

Appears that is server side, so not sites that you force https:.

Appears that at least informaction & bugzilla support server side.

Looks like as you visiting pages, the list changes interactively.

Mine persisted through a restart, though not sure if its contents remained unchanged?

My understanding of the way STS works has been is wrong. I thought the website has to be in the Noscriptsts.db in order to automatically establish a secure connection.
I tried paypal.com and firefox made a secure connection even when there was no entry of paypal in the noscriptsts.db file.
Conclusion there is no problem and sts is working without a hitch.

Thank you for your reply

"HTTP Strict Transport Security has landed!

It was a year ago now that I first blogged about ForceTLS, and it's matured quite a bit since. I revised ForceTLS to be more robust, and began actually implementing it as HTTP-Strict-Transport-Security in Firefox. I'm excited to say that my patch has been reviewed and landed in mozilla-central." ...

http://blog.sidstamm.com/2010/08/http-s ... y-has.html