web-feature: HTTP Strict Transport Security

baseline logo Widely available

The Strict-Transport-Security HTTP response header informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. Also known as HSTS.

WKWebView

macOS

*

iOS

*

Android WebView

Android

*

WebView2

Windows

*

Chrome Browser

Android

18

Safari Browser

iOS

7

Notes

Support data provided by: BCD logo

Know something we don't?

Is any of the above data outdated? Or do you want to add a new WebView to the list? Heads on to GitHub and edit the data file!

Edit this page on GitHub Report an issue on GitHub

Not comfortable with GitHub? Send us an email.

Please help us keeping this data updated

This feature was last updated on November 10, 2025.