konklone/opm-csid.md

Created June 17, 2015 19:39

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/konklone/c0b337a3c382d3030f6b.js"></script>
Save konklone/c0b337a3c382d3030f6b to your computer and use it in GitHub Desktop.

Raw

https://twitter.com/konklone/status/610995950585257984

The URL that OPM is asking employees to type into their browser, https://www.csid.com/opm/, does not use HTTP Strict Transport Security:

$ curl --head https://www.csid.com/opm/

HTTP/1.1 200 OK
Date: Wed, 17 Jun 2015 19:38:20 GMT
Server: Apache
Last-Modified: Wed, 17 Jun 2015 00:27:24 GMT
ETag: "24c7c-518abc141b853"
Accept-Ranges: bytes
Content-Length: 150652
Vary: Accept-Encoding
Cache-Control: max-age=3600
Expires: Wed, 17 Jun 2015 20:38:20 GMT
X-Frame-Options: sameorigin
Content-Type: text/html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment