Proxy Patterns (Global)
High-quality technical overview of Proxy Patterns in the context of blockchain security.
Directives: max-age=, includeSubDomains, preload. Protection: Prevents SSL Stripping, Cookie hijacking, and Protocol downgrades.
graph LR
Center["Proxy Patterns (Global)"]:::main
Rel_proxy_server["proxy-server"]:::related -.-> Center
click Rel_proxy_server "/terms/proxy-server"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 5살도 이해할 수 있게 설명
Imagine you have a club that only allows people in suits. Usually, a guard stands at the door to check. But a sneaky person might try to sneak in through a back window before the guard sees them. HSTS is like bricking up all the windows and every door except the front one, and hiring a guard who never takes a break. It's 'Suits Only'—no exceptions.
🤓 Expert Deep Dive
Technically, the Strict-Transport-Security header contains a max-age value (in seconds), includeSubDomains, and preload. The biggest weakness is the 'First Visit' before the browser has seen the header (TOFU - Trust On First Use). To solve this, the preload directive allows site owners to submit their domain to a global 'Preload List' hardcoded into Chrome, Firefox, and Safari. This ensures the browser knows to use HTTPS even before it ever visits your site. For developers, a common mistake is setting a long max-age before testing, which can lead to 'Bricking' a site if your HTTPS goes down and cannot be fixed quickly.