HTTP HTTP proxy HSTS trailing-dot # we use this as response to a CONNECT HTTP/1.1 200 OK HTTP/1.1 200 OK Content-Length: 6 Strict-Transport-Security: max-age=604800 -foo- HTTP/1.1 200 OK Content-Length: 6 Strict-Transport-Security: max-age=6048000 -baa- https http-proxy HSTS proxy https Debug CURL_HSTS_HTTP=yes CURL_TIME=2000000000 HSTS with two URLs -x http://%HOSTIP:%PROXYPORT --hsts %LOGDIR/hsts%TESTNUMBER http://this.hsts.example./%TESTNUMBER http://another.example.com/%TESTNUMBER0002 # we let it CONNECT to the server to confirm HSTS but deny from there GET http://this.hsts.example./%TESTNUMBER HTTP/1.1 Host: this.hsts.example. User-Agent: curl/%VERSION Accept: */* Proxy-Connection: Keep-Alive GET http://another.example.com/%TESTNUMBER0002 HTTP/1.1 Host: another.example.com User-Agent: curl/%VERSION Accept: */* Proxy-Connection: Keep-Alive # Your HSTS cache. https://curl.se/docs/hsts.html # This file was generated by libcurl! Edit at your own risk. this.hsts.example "20330525 03:33:20" another.example.com "20330727 03:33:20"